[IS&T Security-FYI] SFYI Newsletter, December 18, 2012
Monique Yeaton
myeaton at MIT.EDU
Tue Dec 18 10:48:50 EST 2012
In this issue:
1. Data Privacy Month: Are You Smarter Than Your Phone?
2. Ouch! Newsletter
3. Apple Updates Its Malware Blacklist
4. Adobe Updates Flash and Cold Fusion
------------------------------------------------------------------------------
1. Data Privacy Month: Are You Smarter Than Your Phone?
------------------------------------------------------------------------------
At Educause (www.educause.edu), January is data privacy month<http://www.educause.edu/focus-areas-and-initiatives/policy-and-security/educause-policy/community-engagement/data-privacy-month>, an annual effort to empower people to protect the privacy of their data and to control their digital footprint.
The month's efforts lead up to Data Privacy Day<http://www.staysafeonline.org/data-privacy-day/>, held every year on January 28th in several countries, including Canada and the United States.
Educause is hosting several free webinars throughout the month of January. The first one, "Are You Smarter Than Your Phone?" talks about how you should make use of your smartphone on campus:
January 9, 2013
Time: 1:00 - 2:00 p.m. ET
Details and registration (for free) are here<http://www.educause.edu/events/educause-live-data-privacy-month-are-you-smarter-your-phone>
--------------------------
2. Ouch! Newsletter
--------------------------
See this month's issue of Ouch!, the newsletter from SANS.org: Seven Steps to a Secure Computer<http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201212_en.pdf> (pdf).
The first five tips are simple actions to do as soon as you acquire your new (or used) computer. Additional help for MIT community members to implement the steps can be found on the IS&T website<http://ist.mit.edu/secure> under the Secure Computing tag.
--------------------------------------------------
3. Apple Updates Its Malware Blacklist
--------------------------------------------------
As is becoming more apparent, Macs are not immune to malware and are being targeted more by cyber criminals as their market share expands. Last week Apple updated its Xprotect anti-malware blacklist tool to address a new Trojan for OS X that recently surfaced. The Trojan, aptly named SMSSend, looks like a normal program installer for an app called VKMusic 4 Mac, but tricks the users into sharing their cell phone number as part of the registration process and then entering a code sent via text. After doing so, the user is signed up for a subscription service that charges their monthly phone bill.
The discovery of the Trojan provides further support to the risks of downloading programs from unofficial software websites.
Learn more in the news here<http://www.theverge.com/2012/12/13/3763970/apple-blacklist-smssend-trojan-mac-os-x> and here<http://www.net-security.org/malware_news.php?id=2358>.
------------------------------------------------------
4. Adobe Updates Flash and Cold Fusion
------------------------------------------------------
Adobe has released updates for Flash and AIR which include high priority fixes for Flash Player on Windows. The vulnerabilities are being actively exploited in the wild. Three vulnerabilities are addressed including a buffer overflow, an integer overflow and a memory corruption problem, all of which can, Adobe says, lead to code execution. Adobe also released a security hotfix for ColdFusion 10, not currently being exploited in the wild. The fix is available for Windows, Mac OS X and UNIX.
Learn more in the news<http://www.h-online.com/security/news/item/Adobe-updates-Flash-Player-and-Cold-Fusion-1767017.html>.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20121218/3e607c3b/attachment.htm
More information about the ist-security-fyi
mailing list