[IS&T Security-FYI] SFYI Newsletter, August 8, 2011
Monique Yeaton
myeaton at MIT.EDU
Mon Aug 8 13:54:28 EDT 2011
In this issue:
1. August 2011 Microsoft Security Updates
2. You CAN Prevent Data Leaks at MIT
3. Operation Shady RAT
------------------------------------------------------
1. August 2011 Microsoft Security Updates
------------------------------------------------------
Microsoft will release fixes for 22 vulnerabilities on Tuesday, August 9. The patches will address security issues in all supported versions of:
* Internet Explorer
* Windows
* Windows Server
* Visio
* Visual Studio.
The patches are described in 13 security bulletins, two of which have been given maximum severity ratings of critical.
Read the full August bulletin:
<http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx>
--------------------------------------------------
2. You CAN Prevent Data Leaks at MIT
--------------------------------------------------
The history of cyber-criminal activity over the past few decades has shown that the bad guys will always find ways into our systems if they really want to, either through viruses, malware, tricks or brute force. This is in spite of our attempts to block such occurrences from happening with secure technology. So is it a losing battle? Not if we cover all bases.
There are three basic steps to ensure that even if a system is breached, no sensitive data is accessed.
1. FIND IT: Know where the data resides so that measures can be taken to protect it. Take an audit of computers and servers to determine if sensitive data is stored on them or if they are being used to access data remotely.
2. MINIMIZE IT: Remove all the sensitive data files from the places where they are no longer needed. Either secure delete them altogether or move them to a system that is less likely to be compromised. If you have multiple versions of the data, remove the unnecessary copies.
3. SECURE IT: Comply with recommended protection methods for securing data, such as limiting access through secure authentication and encrypting systems where sensitive data resides.
Identity Finder is a software tool provided by IS&T that helps take action with all three of these steps. Identity Finder searches for data elements, such as Social Security numbers, passwords and financial account numbers. It reports when such data elements are found and gives the user the choice to shred the files, just remove the sensitive parts, or put the files in an encrypted vault. Identity Finder is supported by a console that provides centralized reporting and remote administration, remediation and scheduling.
Members of MIT who view, store or process MIT business data can obtain a free copy. Learn more: <http://ist.mit.edu/services/software/available-software?&title=identity+finder>
For questions, please contact <idfinder-help at mit.edu>.
-------------------------------
3. Operation Shady RAT
-------------------------------
Security analysts from McAfee have discovered that since 2006, cyber-espionage has been carried out against at least 72 organizations in 14 countries in a series of professional hacking attacks. Named victims include the United Nations and the International Olympic Committee. McAfee was able to track down the command and control center of the organized crime, and were able to access the server's log files, which contained detailed records of the attacks.
According to an article on www.h-online.com, "The criminals sent targeted emails containing specially crafted attachments to select personnel within the affected organizations. In spear-phishing attacks of this type, the emails are often well formulated and formatted, making it hard for potential victims to distinguish them from legitimate emails. If the recipient opens the attachment, the exploit downloads further malware."
Read the full story:
<http://www.h-online.com/security/news/item/Operation-Shady-RAT-reveals-worldwide-espionage-attacks-1317710.html>
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20110808/eb499cf4/attachment.htm
More information about the ist-security-fyi
mailing list