<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Garamond, sans-serif; ">
<div>
<div>
<div>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
In this issue:</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">1. PGP Incompatible with Mac OS X 10.8</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">2. Phishing Emails Appear to Come from MIT</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">3. SQL Injection Attacks Up 69%</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">----------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">1. PGP Incompatible with Mac OS X 10.8</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">----------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">Symantec Corporation, maker of PGP Whole Disk Encryption software, has released a statement regarding the recent release of OS X 10.8 Mountain Lion. The statement warns users:</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">"Based on past experiences, we do NOT recommend that users, currently encrypted with PGP Whole Disk Encryption for Macs, upgrade to OS X 10.8 when it is made available by Apple."</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">Symantec is actively testing both products with the 10.8 release. According to latest reports from Symantec, support for 10.8 will be available in September 2012.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica"><b>IS&T Recommendation</b>: You should not upgrade to 10.8 if you wish to continue using PGP. If you want to upgrade to 10.8, please decrypt your disk and uninstall PGP prior to installing 10.8.
See your local IT support for environment specific recommendations.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">IS&T provides <a href="http://kb.mit.edu/confluence/x/dABpC">
steps for FileVault</a>, which is native to the operating system.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">---------------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">2. Phishing Emails Appear to Come from MIT</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">---------------------------------------------------------<span class="Apple-tab-span" style="white-space:pre">
</span></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">You may receive emails in your inbox that appear to come from MIT, warning you about your email quota being reached, or requiring a response to the "MIT Help Desk."</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">These emails are spoofed, written to look like they come from a legitimate source, but were actually sent by cyber criminals who are trying to get you to click on a link or to provide your personal
information (such as your email account information). See some <a href="http://kb.mit.edu/confluence/x/VxhB">
examples of these fake emails</a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">Unfortunately, many of these emails make it through the spam-filtering tools of MIT. The best way to handle the emails is to not reply, or click on the links or attachments provided, but to
delete them immediately. If you are concerned about spam, please contact the <a href="http://ist.mit.edu/help">
IS&T Help Desk</a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">IMPORTANT: IS&T will never send a request via email to MIT users to either update their email account or follow a link to verify their account.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">3. SQL Injection Attacks Up 69%</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">According to an article by ZDNet, SQL Injection attacks are becoming more popular amongst hackers. The numbers jumped 69% between the first and second quarters of 2012. This might explain how
all those email addresses and passwords are being stolen lately. In the last few months, there have been a slew of attacks against popular sites such as LinkedIn, eHarmony, and Yahoo. </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">A <a href="http://en.wikipedia.org/wiki/SQL_injection">
SQL Injection</a> is a technique used to access a database through a website, often by exploiting a vulnerability in the site's software.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica"><a href="http://www.zdnet.com/sql-injection-attacks-up-69-7000001742/">Read the full story in the news</a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===================================================================================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read all Security FYI Newsletter articles and submit comments online at
<a href="http://securityfyi.wordpress.com/"><span style="text-decoration: underline ; color: #1e37ee">http://securityfyi.wordpress.com/</span></a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===================================================================================</p>
<p></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-height: 17.0px">
<br>
</p>
</div>
<div>
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; font-family: Helvetica; ">
<span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; ">
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">Monique
Yeaton</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">IT
Security Communications Consultant</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">MIT
Information Services & Technology (IS&T)</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">(617)
253-2715</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">http://ist.mit.edu/security</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><br class="khtml-block-placeholder">
</div>
<br class="Apple-interchange-newline">
</span></span></span></span></span></div>
</div>
</div>
</div>
</body>
</html>