[IS&T Security-FYI] SFYI Newsletter, February 22, 2010
Monique Yeaton
myeaton at MIT.EDU
Mon Feb 22 12:50:56 EST 2010
In this issue:
1. Adobe Issues Out-of-Cycle Update
2. Move Over Confickr, Kneber is Here!
3. Tip of the Week: Website Security
-----------------------------------------------
1. Adobe Issues Out-of-Cycle Update
-----------------------------------------------
Adobe issued an out-of-cycle security update last week for Reader and
Acrobat. Systems affected:
Adobe Reader 9.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3 and earlier versions for Windows and Macintosh
Version 9.3.1 of the programs addresses a pair of critical
vulnerabilities. One of the flaws is the same as the vulnerability
Adobe recently patched in Flash; it could allow unauthorized cross-
domain requests. The other flaw could be exploited to crash vulnerable
computers and possible allow attackers to gain control of the machines.
Adobe has also released version 8.2.1 to address the vulnerabilities
for users who are unable to update to version 9.x.
Read more here:
http://www.adobe.com/support/security/bulletins/apsb10-07.html
[Source: SANS]
--------------------------------------------------
2. Move Over Confickr, Kneber is Here!
--------------------------------------------------
Remember the Confickr worm, the worm that was to take over the cyber
world last April? Well, a new threat is here. ("Actually it's not so
new," says a Symantec spokesperson. "Kneber is the same as the ZeuS
bot, which Symantec has been monitoring for a while now.")
The Kneber botnet [http://en.wikipedia.org/wiki/Botnet] has reportedly
breached nearly 75,000 computers at 374 US companies and government
organizations, with the goal of harvesting login credentials for
online financial accounts, social networking sites, and email systems.
The compromised systems include those at some commercial enterprises
such as Merck (a pharmaceutical company) and Paramount Pictures.
Computers with up-to-date security software should already be
protected from this threat, but users should not depend on malware
protection alone. "There are 'less technical ways' to detect the
botnet," Johannes Ullrich, chief research officer for the SANS
Institute, says. "For example, the bot may inject additional pages
into online banking login screens. If the user is all of a sudden
asked for a secret question, Social Security number or other unusual
items during the login process, abort the login, and call your bank or
try the login from another computer."
Read the full story here:
http://www.msnbc.msn.com/id/35456838/ns/technology_and_science-security/
http://www.computerworld.com/s/article/9158778/Kneber_botnet_hit_374_U.S._firms_gov_t_agencies
----------------------------------------------
3. Tip of the Week: Website Security
----------------------------------------------
If your browser questions a website's security, stop, think, and verify.
When visiting the "https" secure sites of banks and online shopping
retailers, you may see an onscreen warning, such as "There is a
problem with the website's security certificate" or "Secure Connection
Failed." Don't just click to continue or to make an exception. The
warning may only indicate that there is a harmless temporary problem
with the site or with the network. But it can also mean that the site
is bogus or has been compromised by hackers, and someone is listening
in on your conversation with your bank or retailer.
Be smart. Contact your bank or retailer by phone to find out if they
know about a problem with their website or the network. Don't be the
next victim of fraud.
=
=
=
========================================================================
Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB
>
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS, SSN, OR OTHER PERSONAL
INFORMATION!
Ignore emails asking you to provide yours. MIT will *NEVER* ask you
for this information through email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20100222/1c7d438d/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1846 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20100222/1c7d438d/attachment.bin
More information about the ist-security-fyi
mailing list