[IS&T Security-FYI] SFYI Newsletter, March 5, 2013
Monique Yeaton
myeaton at MIT.EDU
Tue Mar 5 11:19:54 EST 2013
In this issue:
1. Next laptop tagging event is Wednesday, March 6
2. New Copyright Alert System Plan in Place
3. Java 7 Still Vulnerable
4. Future of Security Doomed for Failure?
---------------------------------------------------------------------
1. Next laptop tagging event is Wednesday, March 6
---------------------------------------------------------------------
On March 6, 11:00am - 1:30pm, laptop registration will be in E17-121
This Wednesday, MIT Police is providing an opportunity to tag and register laptop computers and electronic devices.
When registering your device, it receives a STOP tag. This loss prevention measure is a visible deterrent to theft. Take a look at this video<http://web.mit.edu/cp/www/_docs/theft_deterrent.wmv> to see the results. Each tag costs $10. Cash or a G/L account is accepted (no TechCash).
Details of this service and all upcoming dates and locations are listed here<http://kb.mit.edu/confluence/x/e4CSAw>.
-----------------------------------------------------------
2. New Copyright Alert System Plan in Place
-----------------------------------------------------------
The Copyright Alert System is a plan, more than four years in the making, that was pushed by the recording and movie industries, and backed by the president. It includes participation by AT&T, Cablevision, Comcast, Time Warner Cable and Verizon. Comcast and other internet service providers can now begin hijacking browsers of their internet subscribers who are detected of repeatedly infringing on public file-sharing networks.
Read the full article online<http://www.wired.com/threatlevel/2013/02/comcast-browser-hijack/>.
---------------------------------
3. Java 7 Still Vulnerable
---------------------------------
Researchers have found two new Java zero-day vulnerabilities. Browsers running Java 1.6 update 41 and Java 1.7 update 15 are now vulnerable to malware attack that installs a remote access tool called McRAT.
Apple released an update to Java following an earlier attack. The vulnerability exists only in the browser plug-in for Java, not in applications that use Java Runtime.
The recommendation is for users to disable Java in the browser until Oracle addresses the issue. If you have a Java plug-in in your browser, you can learn how to disable it here<http://www.zdnet.com/how-to-disable-java-in-your-browser-on-windows-mac-7000009732/>.
Read the full story online<http://www.zdnet.com/oracle-investigating-after-two-more-java-7-zero-day-flaws-found-7000011965>.
-------------------------------------------------------
4. Future of Security Doomed for Failure?
-------------------------------------------------------
Speaking at the 2013 RSA Conference last week, Mike Fey, CTO of McAfee said that many companies just aren't ready for the sophisticated attacks headed their way these days.
Basically, Fey suggested that based on the way the enterprise landscape looks now, we're on our way to complete breakdown if companies don't change their security strategies immediately.
Read the full article online<http://www.zdnet.com/mcafee-cto-current-security-landscape-is-on-its-way-to-failure-7000011914>.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20130305/8d2b6b40/attachment.htm
More information about the ist-security-fyi
mailing list