[IS&T Security-FYI] SFYI Newsletter, March 19, 2012
Monique Yeaton
myeaton at MIT.EDU
Mon Mar 19 15:24:17 EDT 2012
In this issue:
1. The Six Most Dangerous IT Attacks
2. Pattern Locks on Cell Phones
3. Tax-Related Identity Theft
------------------------------------------------
1. The Six Most Dangerous IT Attacks
------------------------------------------------
The most popular track session of RSA San Francisco for the past five years was again packed to the rafters this year.
Hundreds of delegates poured in to see the vivacious Ed Skoudis and Joannes Ullrich discuss the six most dangerous IT security threats of 2011 and to hear what to expect in the year ahead.
Skoudis, founder of Counter Hack Challenges and an incident responder for large organizations, kicked off the session at the 2012 RSA conference earlier this month with three of the top security threats and how to defend against them.
Read the story in the news<http://www.scmagazine.com.au/News/292784,the-six-most-dangerous-infosec-attacks.aspx>.
-----------------------------------------
2. Pattern Locks on Cell Phones
-----------------------------------------
A pattern lock is a modern type of password installed on electronic devices, typically cellular telephones. To unlock the device, a user must move a finger or stylus over the keypad touch screen in a precise pattern so as to trigger the previously coded un-locking mechanism. Entering repeated incorrect patterns will cause a lock-out, requiring a Google e-mail login and password to override. Without the Google e-mail login and password, the cellular telephone’s memory can not be accessed.
The lock is apparently so hard to by-pass that it recently stumped the FBI when they attempted to break the pattern lock on a suspect's Android phone.
Read the story in the news<http://www.wired.com/threatlevel/2012/03/fbi-android-phone-lock/>.
-------------------------------------
3. Tax-Related Identity Theft
-------------------------------------
It's tax season! Some identity thieves send emails that appear to be from the IRS to try to get you to divulge your personal information. In fact, the IRS generally does not contact taxpayers by email. If you get an email that claims to be from the IRS, do not reply or click on any links. Instead, forward it to phishing at irs.gov.
If you have a reason to believe that someone is using your identity to gain access to your tax refund or to do other damage to your credit, let the IRS know as soon as possible and be sure to file a police report. This will prevent anyone using your identity for obtaining credit or making purchases in your name.
Learn more at the FTC website (OnGuardOnline.gov)<http://onguardonline.gov/articles/0008-tax-related-identity-theft>.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20120319/a7461c47/attachment.htm
More information about the ist-security-fyi
mailing list