[IS&T Security-FYI] SFYI Newsletter, September 17, 2012
Monique Yeaton
myeaton at MIT.EDU
Mon Sep 17 16:27:11 EDT 2012
In this issue:
1. October is National Cyber Security Awareness Month (NCSAM)
2. Hacked: Now What?
3. Critical Zero-Day Bug Found in IE
-----------------------------------------------------------------------------------
1. October is National Cyber Security Awareness Month (NCSAM)
-----------------------------------------------------------------------------------
Increase cybersecurity awareness in your area by using the NCSAM resource guide<https://wiki.internet2.edu/confluence/display/itsg2/NCSAM+Resource+Kit> to start planning easy-to-implement awareness activities during the month of October.
Plan to join the October 4 National Cybersecurity Kickoff webinar at 1:00 p.m. (ET). Efforts are being made by IS&T to host this webinar on the day. More information about this will be forthcoming.
If you would rather attend the webinar on your own or host it in your area, registration is free and will be available by September 27 on the EDUCAUSE Live! web page<http://www.educause.edu/conferences-events/educause-live-webinars>. Consider attending this event as a team or incorporate it into a campus event. Learn more about preparing for NCSAM<http://www.educause.edu/blogs/vvogel/prepare-national-cyber-security-awareness-month>.
October will be here before you know it, so start planning your awareness events now.
-----------------------------
2. Hacked: Now What?
-----------------------------
The most recent security awareness newsletter OUCH! explains how to determine if your accounts, your data or your information has been compromised and how to effectively respond.
Read the English version of the newsletter (pdf) here<http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201209_en.pdf>.
----------------------------------------------
3. Critical Zero-Day Bug Found in IE
----------------------------------------------
Researchers uncovered active malware attacks that exploit a critical and previously unknown vulnerability in the latest versions of Microsoft's Internet Explorer (IE) browser. The attacks install a backdoor Trojan when unsuspecting people browse a booby-trapped website using a fully patched version of Windows XP running the latest versions of IE 7 or IE 8 and also effects versions of IE 9 running on Windows Vista and Windows 7.
A Microsoft representative said that company engineers are investigating the reports and didn't have immediate comment. The article by arstechnica.com suggests Windows users should avoid using IE until more is known about the vulnerability. Java should be kept up-to-date or uninstalled if not used to enable other software to work.
Read the full article<http://arstechnica.com/security/2012/09/critical-zero-day-bug-in-microsoft-internet-explorer/>.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20120917/be98c470/attachment.htm
More information about the ist-security-fyi
mailing list