<HTML><BODY style="word-wrap: break-word; -khtml-nbsp-mode: space; -khtml-line-break: after-white-space; "><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">In this issue:</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">1. Security Awareness Might Not Be Enough</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">2. IT Bloopers: MediaDefender Internal Communications Leaked</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">3. Tip of the Week: When Hard Drives Fail</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">--------------------------------------------------------</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">Security Awareness Might Not Be Enough</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">---------------------------------------------------------</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">A study conducted by Harvard and MIT earlier this year to determine online gullibility shows that education alone will not stop all people from behaving dangerously on the Internet. When we go online to do a specific thing (for instance pay bills or chat with friends), our last concern is about security. The study showed this is true even when we are reminded to pay attention to warnings.</SPAN></FONT><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;"> </SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">The problem seems to be that people are lulled into a false sense of security. When asked for a username and password, we may assume we are accessing a "secure" area of a website. But without paying attention to details such as the "HTTPS" before a web address or noticing a browser padlock icon, there is no guarantee that the information given is being encrypted. With multi-tasking behavior being the norm these days, who has the time or inclination to slow down enough to check these things?</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">Is there a way to relieve computer users of some of the responsibility for security? Some ISPs are already offering security software to reduce the risks of spam and malware. But it may be time for the IT industry to step in and close the gap left by consumer inaction. One way is to write software and build websites using secure code, which requires some skill.</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">The good news is that more than 70 enterprise partners have committed to using the GIAC Secure Software Programmer (GSSP) exam for IT employee skill development and to ensure outsourcers and suppliers have the necessary skills to create secure code. University partners will also teach secure coding as part of their core curriculum.</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">If you write code for a living, go here to learn more about the SANS Institute Certification Exam:</SPAN></FONT><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;"> </SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;"><<A href="http://www.sans.org/gssp/">http://www.sans.org/gssp/</A>></SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">Read about the Harvard-MIT study:</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;"><<A href="http://cgi.advisorsites.net/cgi-bin/articles/formatarticle.pl?type=finbriefs&page=finbriefs&domain=cliftonfinancial.com&article=1191427157&override=true&alllinks=true">http://cgi.advisorsites.net/cgi-bin/articles/formatarticle.pl?type=finbriefs&page=finbriefs&domain=cliftonfinancial.com&article=1191427157&override=true&alllinks=true</A>></SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">---------------------------------------------------------------------------------------</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">2. IT Bloopers: MediaDefender Internal Communications Leaked</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">---------------------------------------------------------------------------------------</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">This new topic, IT Bloopers, introduces mistakes made in IT that I consider to be in the "funny" category. Usually they are funny only in the sense of the irony of the situation and the idea that these people *especially* should know better.</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">Our first story is about MediaDefender. This company has made a name for itself waging war against intellectual property pirates on behalf of the movie and music industries. Some of the practices they used to prevent alleged pirates from doing their work are a bit sketchy, for instance flooding the Internet with fake files that mimic real content to make it difficult for pirates to find the real thing.</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">Last month detailed information about these practices was revealed when more than 6500 of this company's emails were accessed by a group of hackers who call themselves "Media Defender Defenders." The company emails that were posted onto the Internet by this group revealed tactics MediaDefender had been testing to entrap peer-to-peer users.</SPAN></FONT><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;"> </SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">How did these company emails get accessed in the first place? The company is still investigating this, but it most likely happened when an employee forwarded all his emails to a Gmail account, thereby circumventing the company's email security. Not too smart! It also shows how the company underestimated its opponents ingenuity.</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">To read more about this story:</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">TorrentFreak: <<A href="http://torrentfreak.com/mediadefender-emails-leaked-070915/">http://torrentfreak.com/mediadefender-emails-leaked-070915/</A>></SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">Wall Street Journal: <<A href="http://online.wsj.com/article_email/SB118998414197229169-lMyQjAxMDE3ODE5NjkxODY0Wj.html">http://online.wsj.com/article_email/SB118998414197229169-lMyQjAxMDE3ODE5NjkxODY0Wj.html</A>></SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">--------------------------------------------------------</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">3. Tip of the Week: When Hard Drives Fail</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">--------------------------------------------------------</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">Last week I was speaking to a friend who had just experienced a hard drive failure on his laptop. He had no backup for the files on his computer and lost all his emails and work he'd done in the past 9 months. While he was distraught over this loss, he did learn an important lesson: Make a back up!</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">While hard drive failures or computer crashes probably happen more often than we care to know about, there is some light on the horizon. There are tools to recover "lost" files from broken hard drives. If you do find yourself in this situation, your first step to seeing if it is even possible to recover the files would be to contact your local IT administrator or the IS&T Help Desk Service Center. One of the services IS&T can provide is a disaster recovery assessment. If they can't help you, they can point you towards who might, but be aware data recovery can be very expensive.</SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT class="Apple-style-span" size="3"><SPAN class="Apple-style-span" style="font-size: 12px;">For more info on IS&T's services see: <<A href="http://web.mit.edu/ist/topics/hardware/hwsw.html">http://web.mit.edu/ist/topics/hardware/hwsw.html</A>></SPAN></FONT></DIV><DIV style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><BR></DIV><BR><DIV> <SPAN class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><SPAN class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><SPAN class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><SPAN class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><DIV style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; ">=========================</SPAN></SPAN></DIV><DIV style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; ">Monique Yeaton</SPAN></SPAN></DIV><DIV style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; ">IT Security Awareness Consultant</SPAN></SPAN></DIV><DIV style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; ">MIT Information Services & Technology (IS&T)</SPAN></SPAN></DIV><DIV style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; ">(617) 253-2715</SPAN></SPAN></DIV><DIV style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; "><SPAN class="Apple-style-span" style="font-size: 12px; "><A href="http://web.mit.edu/ist/security">http://web.mit.edu/ist/security</A></SPAN></SPAN></DIV><DIV style="font-size: 12px; "><BR class="khtml-block-placeholder"></DIV><BR class="Apple-interchange-newline"></SPAN></SPAN></SPAN></SPAN> </DIV><BR></BODY></HTML>