[IS&T Security-FYI] Security FYI Newsletter, November 4, 2014

Tue Nov 4 10:14:12 EST 2014

In this issue:

1. NCSAM at MIT Wrapped Up
2. Apple Issues iCloud Security Advisory
3. Program in Applied Cyber Security at MIT
4. Malicious Ebola-Themed Emails

-----------------------------------------------------
1. NCSAM at MIT Wrapped Up
-----------------------------------------------------

NCSAM 2014 is officially over.

Thank you to all who participated in the events hosted by MIT, including the desk in the Student Center, the talk by Nathan Freitas on Tor going mobile, and the Shred IT effort in the Stata Center lobby. Special thanks to the IS&T Site Team, DITR, Facilities, Cintas Document Management, and The Tor Project for their efforts and time.

How did we do?

  *   We had about 150 visitors to the student desk.
  *   The talk on Tor was attended by 50 people.
  *   At the shredding event we collected nine large bins of paper and at least 2 full pallets of hard drives and floppy disks.

Several people have asked when we will repeat the shredding event. It is possible this may become an annual or bi-annual event; we will be sure to let the community know when the next one is happening.

Due to busy schedules, we are also considering video-taping the security talks, which are schedule to happen every two months. A schedule of upcoming talks will be shared when it becomes available.

Photos of the Tor talk and the shredding event are posted online<http://securityfyi.wordpress.com/2014/11/04/ncsam-at-mit-wrapped-up/>.

-----------------------------------------------------
2. Apple Issues iCloud Security Advisory
-----------------------------------------------------

Last week Apple issued a security warning about attacks attempting to steal information from iCloud users with fraudulent certificates. An Apple support page warns users to heed invalid certificate warnings while visiting iCloud, saying they should never enter login information into websites that present certificate warnings.

Verify that your browser is securely connected to iCloud.com<http://support.apple.com/en-us/HT6550>

----------------------------------------------------------
3. Program in Applied Cyber Security at MIT
----------------------------------------------------------

Have you ever considered taking advantage of the amazing educational opportunities at MIT?

MIT Professional Education is organized under the School of Engineering, and provides continuing education courses and lifelong learning opportunities for science and engineering professionals at all levels. MIT faculty teach all Professional Education offerings.

I was poking around their site last week and wouldn’t you know it: a course in Applied Cyber Security is being offered in 2015<http://web.mit.edu/professional/short-programs/courses/applied_cyber_security.html>. According the course description, “experts from academia, the military, and industry share their knowledge to give participants the principles, the state of the practice, and strategies for the future.”

Learn more<http://web.mit.edu/professional/short-programs/courses/applied_cyber_security.html>.

----------------------------------------------
4. Malicious Ebola-Themed Emails
----------------------------------------------

Fake emails that purport to be from the World Health Organization are inviting people to download an attachment or click a link for more information about the Ebola virus.

Last week US-CERT, a division of the Department of Homeland Security, issued an advisory<https://www.us-cert.gov/ncas/current-activity/2014/10/16/Ebola-Phishing-Scams-and-Malware-Campaigns> warning users about spam campaigns that use the Ebola virus to bait users into inadvertently downloading malware. Once the malware program is on the victim’s machine, it can grab shots off the webcam, take control of the machine remotely, or steal passwords.

Read the full story online<http://bits.blogs.nytimes.com/2014/10/24/malicious-ebola-themed-emails-are-on-the-rise/>.

=======================================================================================
Read all archived Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
=======================================================================================

Monique Buchanan
IT Security Communications Coordinator
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
http://ist.mit.edu/secure
tel: 617.253.2715

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20141104/09aed938/attachment.htm