<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="margin: 0px; font-family: Arial; min-height: 16px;">In this issue:</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">1. IT Partners Conference Security Topics</div>
<div style="margin: 0px; font-family: Arial;">2. Laptop Tagging & Registration Today</div>
<div style="margin: 0px; font-family: Arial;">3. GameOver Zeus P2P Malware</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">-------------------------------------------------------</div>
<div style="margin: 0px; font-family: Arial;">1. IT Partners Conference Security Topics</div>
<div style="margin: 0px; font-family: Arial;">-------------------------------------------------------</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<p style="margin: 0px 0px 12px; font-family: Arial;">Come join us today, Tuesday, June 17, at the IT Partners Conference in Stata. The security topics this year are:</p>
<ul>
<li style="margin: 0px 0px 12px; font-family: Arial;"><b>Security Operations: How Can We Help You?</b> This has been a year of change for the Security Operations group. We invite you to come meet the new members of the team, talk about new initiatives and services
and provide feedback on community wants and needs from a security perspective. </li><li style="margin: 0px 0px 12px; font-family: Arial;"><b>FileMaker Server and Security Reconnaissance, Recommendations, Ruminations</b> In the first half of this session we will address questions of FileMaker and the greatest security risks associated with
its usage on campus. In the second half of the session, we will talk about some of the post Heartbleed Bug heartache we've experienced trying to set up a stable FileMaker 13 Server. If you manage a FileMaker server and/or support users of stand-alone FileMaker
files, we invite you to come learn from our own trials and tribulations. </li><li style="margin: 0px 0px 12px; font-family: Arial;"><b>Emergency Communications</b> The presentation will cover various aspects of emergency preparedness including violent intruder protective actions, emergency evacuation/accountability, and continuity of
operations. We will also provide an overview of the emergency management structure at MIT.
</li><li style="margin: 0px 0px 12px; font-family: Arial;"><b>Quick Steps to Security</b> Don’t wait! In this session we will guide you through implementing some of the quick things you can do to be more secure right now. You will leave having the tools and instructions
you need to get going on these today. </li><li style="margin: 0px 0px 12px; font-family: Arial;"><b>Operations & Infrastructure Projects</b> This talk will cover the Operations & Infrastructure projects and services for the upcoming fiscal year in the networking, systems administration and security
areas. Additional topics include: the overall effort to move IS&T towards a platform-based service delivery model; upcoming summer pilot projects; and experiments in the platform area for Operations & Infrastructure.
</li></ul>
<p style="margin: 0px 0px 12px; font-family: Arial;"><a href="http://kb.mit.edu/confluence/x/jmAYCQ">See more information on the IT Partners Conference</a>.</p>
<div style="margin: 0px; font-family: Arial;">-----------------------------------------------------</div>
<div style="margin: 0px; font-family: Arial;">2. Laptop Tagging & Registration Today</div>
<div style="margin: 0px; font-family: Arial;">-----------------------------------------------------</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">Where: In Stata, student street</div>
<div style="margin: 0px; font-family: Arial;">When: Tuesday, June 17 (today) from 11:00 am - 1:00 pm</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">Cost: $10 cash (no cards) or MIT Cash Object</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">Bring your laptop to Stata today to get it tagged and registered. Just as you might register a bike with the police, you can also register your laptop. Information Systems & Technology partners with MIT Police to
provide STOP (Security Tracking of Office Property) tags for laptops. The tag is affixed to the device, has a unique number, and is registered with a world-wide database.</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">Sgt. Cheryl Vossmer of the MIT Police says that although a STOP tag is not software that can track a device via GPS or other means, it has been very effective at providing a way for lost or stolen laptops to be
returned to their rightful owners.</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">Read <a href="https://www.stoptheft.com/">
laptop recovery stories here</a>.</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;"><a href="http://kb.mit.edu/confluence/display/istcontrib/MIT+Police+Laptop+Tagging+and+Registration">Learn more about laptop registration at MIT</a>.</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">--------------------------------------------</div>
<div style="margin: 0px; font-family: Arial;">3. GameOver Zeus P2P Malware</div>
<div style="margin: 0px; font-family: Arial;">--------------------------------------------</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">GameOver Zeus (GOZ), a peer-to-peer variant of the Zeus family of bank credential-stealing malware identified in September 2011, uses a decentralized network infrastructure of compromised personal computers and
web servers to execute command-and-control. </div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">The malware was used by criminals to infect victims with ransomware such as
<a href="http://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/">
Cryptolocker</a>. Although the government has taken control of GameOver’s servers, preventing further infection of Cryptolocker, there are many, perhaps hundreds of thousands of computers still infected.</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">Systems at risk:</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<ul>
<li style="margin: 0px; font-family: Arial;">Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8
</li><li style="margin: 0px; font-family: Arial;">Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012
</li></ul>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">The US government recently released
<a href="https://www.us-cert.gov/ncas/alerts/TA14-150A">this technical advisory</a> on GOZ to provide further information. A system infected with GOZ may be employed to send spam, participate in DDoS attacks, and harvest users' credentials for online services,
including banking services. </div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;">One of the solutions provided in the advisory is to use and maintain anti-virus software. The software supplied by Information Systems & Technology at MIT,
<a href="http://ist.mit.edu/sophos">Sophos Anti-Virus</a>, protects against this malware. To clean up a computer already infected, Sophos also offers a separate,
<a href="http://www.sophos.com/en-us/products/free-tools/virus-removal-tool.aspx">
free Virus Removal Tool</a>. </div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial;"><a href="http://blogs.sophos.com/2014/06/02/heres-how-you-can-help-stop-gameoverzeus-and-cryptolocker/">Read more at Sophos online</a>.</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">=======================================================================================</div>
<div style="margin: 0px; font-family: Helvetica;">Read all archived Security FYI Newsletter articles and submit comments online at
<a href="http://securityfyi.wordpress.com/"><span style="color: rgb(4, 46, 238);">http://securityfyi.wordpress.com/</span></a>.</div>
<div style="margin: 0px; font-family: Helvetica;">=======================================================================================</div>
<div apple-content-edited="true">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<br>
Monique Buchanan<br>
IT Security Communications Coordinator<br>
Information Systems & Technology (IS&T)<br>
Massachusetts Institute of Technology<br>
<a href="http://ist.mit.edu/secure">http://ist.mit.edu/secure</a><br>
tel: 617.253.2715<br>
<br>
<br>
</div>
</div>
</div>
</div>
<br>
</body>
</html>