[IS&T Security-FYI] SFYI Newsletter, April 30, 2012

Monique Yeaton myeaton at MIT.EDU
Mon Apr 30 16:14:25 EDT 2012 

In this issue:


1. Recent Scam: Bogus Outlook Service Email

2. Silent Updates Now Available for Firefox

3. CISPA Passes House Vote



-----------------------------------------------------------

1. Recent Scam: Bogus Outlook Service Email

-----------------------------------------------------------


You may have received an email that appears to come from "Outlook Service" requesting recipients to click on a link to reconfigure Microsoft Outlook information. This notice did not come from Microsoft or from MIT and you should NOT reply or click on the link, just delete it. Be aware that neither Microsoft nor MIT would ever ask users to do anything like this, especially though email.


Below is what the text of the email might look like:


<begin message>


Dear Outlook User ,


Notification ID: 1AZD3S


- Please reconfigure your Microsoft Outlook information again .

- Click on the link below to setup .


<link shown here>


Microsoft Outlook 2012 .


<end message>


Other examples of "phishy" emails we've seen at MIT<http://kb.mit.edu/confluence/x/VxhB>.



------------------------------------------------------

2. Silent Updates Now Available for Firefox

------------------------------------------------------


Firefox 12 is now available. The newest version of the browser incorporates an element of its planned silent updates. Users of Windows Vista and Windows 7 will notice that after the initial installation of the newest version of Firefox, the updates will no longer trigger the user account control prompt, which requires users to agree when programs are installed. The final components necessary for silent updating will appear in Firefox 13 or 14, which are slated to ship on June 5 and July 17, respectively.


On April 24 Mozilla also retired Firefox 3.6; users who have admin rights to their computers and who have not already updated will find themselves automatically updated to Firefox 12.


IS&T will be supporting Firefox ESR (Extended Support Release)<http://www.mozilla.org/en-US/firefox/organizations/> for the MIT community. It allows IT admins who maintain a desktop environment to manage updates of Firefox. An announcement about this from IS&T is to be released soon.


Read the story in the news<http://www.computerworld.com/s/article/9226463/Firefox_skirts_Windows_security_feature_to_make_silent_updates_happen>.



-------------------------------------

3. CISPA Passes House Vote

-------------------------------------


On Thursday, the US House of Representatives passed the Cyber Intelligence Sharing and Protection Act (CISPA), the replacement bill for SOPA and PIPA<http://www.forbes.com/sites/larrymagid/2012/01/18/what-are-sopa-and-pipa-and-why-all-the-fuss/>. The White House has promised to veto the bill, and privacy rights organizations are speaking out against it. One of the legislators opposed to CISPA say that it "would waive every single privacy law ever enacted in the name of cybersecurity." The bill's proponents maintain that recently introduced amendments would establish "significant safeguards to protect personal and private information."


The Electronic Frontier Foundation (EFF), which opposes CISPA, says the amendments do not go far enough. The White House says that CISPA "fails to provide authorities to ensure that the nation's core infrastructure is protected while repealing important" privacy protections.


CISPA now moves to the Senate.


Read the full story in the news<http://www.computerworld.com/s/article/9226639/House_passes_CISPA_cyberthreat_sharing_bill_despite_privacy_concerns>.



===================================================================================

Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.

===================================================================================


Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20120430/47bb8866/attachment.htm

More information about the ist-security-fyi mailing list