[IS&T Security-FYI] SFYI Newsletter, July 30, 2012
Monique Yeaton
myeaton at MIT.EDU
Mon Jul 30 17:03:57 EDT 2012
In this issue:
1. Safari Updated to Fix Security Issues
2. IS&T Suggests Waiting to Upgrade to Mountain Lion
3. Four Million Hotel Rooms Could Be Hacked + Theft Is Increasing = Be Careful
--------------------------------------------------
1. Safari Updated to Fix Security Issues
--------------------------------------------------
Apple has released an updated version of its Safari browser. Safari 6 for OS X 10.7 (Lion) addresses more than 120 security issues present in 5.x versions of the browser that could have been exploited to allow cross-site scripting attacks, arbitrary code execution, and file theft. Safari 6 also incorporates several new features.
Read the story in the news<http://www.h-online.com/security/news/item/Safari-6-addresses-numerous-security-vulnerabilities-1652411.html>.
---------------------------------------------------------------------
2. IS&T Suggests Waiting to Upgrade to Mountain Lion
---------------------------------------------------------------------
Based on preliminary testing of prerelease versions of Mac OS X 10.8, Information Services and Technology (IS&T) recommends that Mac users wait to upgrade and continue to use Mac OS X 10.6 or 10.7 while IS&T completes its review and testing of OS X 10.8. The testing is done to ensure that incompatibilities or bugs can be addressed. Known issues and workarounds have been documented here<https://wikis.mit.edu/confluence/display/SWRT/OS+X+10.8+-+Mountain+Lion> (certificate required to view this link).
Limited support is being offered by the IS&T Computing Help Desk and documentation for 10.8 has been posted in the Knowledge Base<http://kb.mit.edu/confluence/display/istcontrib/OS+X+Mountain+Lion+%2810.8%29+Landing+Page>. The information included there will be frequently updated as testing is completed for applications and features commonly used at MIT.
For any questions regarding the release, please contact the Software Release Team<mailto:swrt at mit.edu>.
------------------------------------------------------------------------------------------------------
3. Four Million Hotel Rooms Could Be Hacked + Theft Is Increasing = Be Careful
------------------------------------------------------------------------------------------------------
With less than $50 of off-the-shelf hardware and a bit of programming, it's possible for a hacker to gain instant, untraceable access to millions of key card-protected hotel rooms. This hack was demonstrated<http://www.extremetech.com/computing/133448-black-hat-hacker-gains-access-to-4-million-hotel-rooms-with-arduino-microcontroller> at the Black Hat conference in Las Vegas. Apparently, there is no easy fix. If the hotels want to secure their guests, every single lock will have to be changed.
If you are traveling this year, I would recommend not leaving anything valuable in your hotel room. If the room has a safe, use it. If not, take your items with you, such as hard drives, thumb drives, computers, tablets, smart phones and iPods. Incidentally, if it's a Mac product, beware: according to the Wall Street Journal<http://online.wsj.com/article/SB10000872396390443931404577550823904439852.html>, 40% of all major city robberies now involve Apple products.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20120730/9cd34682/attachment.htm
More information about the ist-security-fyi
mailing list