[IS&T Security-FYI] SFYI Newsletter, June 28, 2010

Mon Jun 28 12:10:28 EDT 2010

In this issue:

1. Scareware Feeds off Windows Insecurity
2. Lag Time Between Website Threats and Fixes is Two Days
3. Tip of the Week: Don't Avoid Software Patches

-------------------------------------------------------
1. Scareware Feeds off Windows Insecurity
-------------------------------------------------------

According to a recent statement by the FBI, "more than 60 countries purchased more than one million bogus software products causing victims to lose more than $100 million." This was in response to the latest "scareware" malware scam, purported to be one of the largest so far.

The FBI filed federal indictments against an Ohio man and two foreign residents to halt this latest scam.  Scareware typically fakes security alerts, forcing users who have installed the malware to remedy the situation by buying similarly fake anti-malware repair programs, which only worsen the problem. The bogus software products can cost as much as $70.

Microsoft teams helped the FBI and US Dept of Justice investigate damages caused by the scheme. The software company has a stake in catching these criminals, as many of the bogus products mislead consumers to think they're purchasing legitimate Microsoft products. As consumers are warned of security issues with Microsoft products on a regular basis, it is not surprising that so many consumers are duped. 

Read the full story: <http://www.esecurityplanet.com/features/article.php/3885231/article.htm>

IMPORTANT: If this type of malware shows up on your computer, do not try to fix it yourself. Immediately contact your local IT support personnel or the IS&T Help Desk at <http://ist.mit.edu/support>.

------------------------------------------------------------------------------
2. Lag Time Between Website Threats and Fixes is Two Days
------------------------------------------------------------------------------

New research by NSS Labs has confirmed it can take an average of two days before major vendors block a website designed to attack a computer visiting it.

As many as 50,000 new malicious programs are detected every day, and companies targeted by customized malware are most at threat. But if no company sees or detects the malware targeting them, it could quietly circulate and potentially infect machines, even steal data. 

NSS Labs tested 10 products and revealed their ratings in their report (which they sell for a price). The vendors whose products were tested are AVG, Panda, Eset, F-Secure, Kaspersky, McAfee, Norman, Sophos, Symantec and Trend Micro. If a site was not blocked within 48 hours, NSS Labs continued to test to see how long it took the vendor to add protection. Times ranged from 4.62 hours for the best vendors to 92 hours for the worst.

Read the full story: <http://www.infoworld.com/d/security-central/security-software-lags-explosion-new-malware-801>

--------------------------------------------------------------
3. Tip of the Week: Don't Avoid Software Patches
--------------------------------------------------------------

Some computer users wonder why, if their computer is acting fine, they should apply the recommended patches. They figure, "If it ain't broke, don't fix it." Sounds like a good argument for skipping patches. There's just one problem. Today a recommended patch is often, even usually, meant to close a security hole. Not installing it is similar to parking your car in a bad neighborhood at 2 a.m. with the windows rolled down. 

Learn more about applying patches to your computer's operating system and software from these pages on the IS&T website:

Software & OS Patches: <http://ist.mit.edu/security/support/patches>
Steps for applying patches to Windows XP SP2: <http://ist.mit.edu/security/autoupdate>
Windows Automatic Update Service at MIT: <http://ist.mit.edu/services/os/windows/updates>
Linux Update Service: <http://ist.mit.edu/services/os/linux/rhn>

===========================================================================

Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB>

Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20100628/29174729/attachment.htm