[IS&T Security-FYI] SFYI Newsletter, October 28, 2013

Mon Oct 28 15:46:24 EDT 2013

In this issue:

1. Security for your iPhone using iCloud

2. Apple Releases New OS

3. CryptoLocker Ransomware

-----------------------------------------------------

1. Security for your iPhone using iCloud

-----------------------------------------------------

Security on iPhones is getting more sophisticated with each new operating system and iPhone release.

Find my iPhone in iOS 7 has a new feature called Activation Lock. This makes it more difficult for someone else to use or sell your iPhone, iPad or iPod touch if it was stolen or you lost it.

Activation Lock requires your Apple ID and password before anyone can:

  *   Turn off Find my iPhone on your device
  *   Erase your device
  *   Reactivate and use your device

Learn more about Activation Lock<http://support.apple.com/kb/HT5818?viewlocale=en_US>.

If you ever misplace your device or think it was stolen, you should put it in Lost Mode immediately using Find my iPhone. This locks your screen with a four-digit passcode.

Learn more on how to remotely locate, lock or wipe your device via iCloud<http://kb.mit.edu/confluence/display/istcontrib/How+to+remotely+locate%2C+lock%2C+or+wipe+your+iPhone+via+iCloud>.

The new iPhones just came out! You may be thinking of selling your old iPhone and want to make sure it's been completely wiped before you do. Caution: remove the data just from the device, not from all iCloud servers.

What to do before selling or giving away your Apple device<http://support.apple.com/kb/HT5661?viewlocale=en_US>.

The newest iPhone (iPhone 5S) has a built-in fingerprint identity sensor. The thinking behind the sensor is that entering a passcode on a phone is slow, and you probably check your phone dozens if not more times per day. The Touch ID home button unlocks your phone using your fingerprint.

Learn more about Touch ID on iPhone 5S<http://support.apple.com/kb/HT5883>.

------------------------------------

2. Apple Releases New OS

------------------------------------

Earlier this month, Apple released the newest version of their operating system for both the iOS platform (7.0.3) and desktop (OS X 10.9, aka Mavericks). Many security vulnerabilities<http://support.apple.com/kb/HT6011> are fixed in these releases. Both releases are free.

Information Services & Technology recommends users at MIT wait to upgrade to Mavericks on their desktops because of compatibility concerns with crucial applications in the MIT environment. Limited support is being provided to early adopters and users whose computer comes installed with Mavericks.

Support documentation for OS X Mavericks<http://kb.mit.edu/confluence/x/ox4YCQ>.

----------------------------------------

3. CryptoLocker Ransomware

----------------------------------------

Ransomware known as CryptoLocker has been spreading to Windows computers. The malware encrypts files on infected machines and the attackers demand $300 to release the data. CryptoLocker generally spreads through botnets and as attachments to phishing emails.

If you haven't installed it yet, download Sophos Anti-Virus<http://ist.mit.edu/sophos> from the IS&T Software Download site to protect yourself against the ransomware.

Read more in the news and watch a video of CryptoLocker in action<http://www.theregister.co.uk/2013/10/18/cryptolocker_ransmware/>.

===================================================================================

Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.

===================================================================================

Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20131028/33f877bb/attachment.htm