<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;">In this issue:</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">1. Malvertising Campaign Hits PCs and Macs</div>
<div style="margin: 0px; font-family: Helvetica;">2. Adobe Releases Flash Player Update, Delays Reader and Acrobat Fixes</div>
<div style="margin: 0px; font-family: Helvetica;">3. Funny: Forgot Password</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">------------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica;">1. Malvertising Campaign Hits PCs and Macs</div>
<div style="margin: 0px; font-family: Helvetica;">------------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">A malware campaign that began in May 2014 is delivering customized concoctions of spyware, adware, and browser hijacking malware to PCs and Mac users. The “malvertising” network (a merging of the words “malware”
and “advertising”), which has been dubbed Kyle and Stan, has 700 domains. </div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">Getting a malicious ad into an advertising network distribution, even for a short time, can infect many computers, especially if it is on a popular site like Amazon or YouTube. The combination of malware downloaded
to each machine is different, which means the checksum varies, thwarting detection.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">Malvertising attacks are not new, and have been around for a few years. Generally, criminals use ads on popular sites or networks, such as Spotify or Facebook to spread malware. They place an ad with the network,
then change the code in the ad to exploit flaws in the browser which allows them to inject malware on the user’s computer. </div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">To protect yourself against these attacks, it is recommended to run malware detection software (<a href="http://ist.mit.edu/sophos">Sophos</a> is distributed for free for MIT users) and to make sure your browser
is up to date with the latest security patches. Another option is to filter sites based on their potential threat level. Browser plug-ins such as
<a href="https://getadblock.com/">AdBlock</a>, and <a href="http://www.webutations.info/go/about">
Webutation</a> can block ads and warn users if they have accessed a site that is known to host malware. These plug-ins are free and can be run on different types of browsers.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;"><a href="http://www.darkreading.com/kyle-and-stan-parks-malvertising-on-amazon-youtube/d/d-id/1307036?">Read the full story in the news</a>.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">----------------------------------------------------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica;">2. Adobe Releases Flash Player Update, Delays Reader and Acrobat Fixes</div>
<div style="margin: 0px; font-family: Helvetica;">----------------------------------------------------------------------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">Last week, Adobe released an update for Flash to address a dozen critical flaws. Chrome and IE 11 users will find their versions of Flash automatically updated. You can see
<a href="https://www.adobe.com/software/flash/about/">which version you have installed here</a>, or
<a href="http://www.adobe.com/products/flashplayer/distribution3.html">download Adobe Flash Player here.</a></div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">Fixes for flaws in <a href="http://blogs.adobe.com/psirt/?p=1121">
Reader and Acrobat</a> that had been scheduled to be released last week are delayed until this week so Adobe can conduct further testing.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;"><a href="http://www.computerworld.com/article/2604738/adobe-fixes-critical-flaws-in-flash-player-delays-reader-and-acrobat-updates.html">Read the full story in the news</a>.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica;">3. Funny: Forgot Password</div>
<div style="margin: 0px; font-family: Helvetica;">-------------------------------------</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">Have you ever forgotten a password? Comedian Don Friesen goes on a hilarious rant that is completely relatable. </div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;"><a href="https://www.youtube.com/watch?v=2tJ-NSPES9Y">Watch the 5 minute video on YouTube</a>.</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div style="margin: 0px; font-family: Helvetica;">=======================================================================================</div>
<div style="margin: 0px; font-family: Helvetica;">Read all archived Security FYI Newsletter articles and submit comments online at
<a href="http://securityfyi.wordpress.com/"><span style="color: rgb(4, 46, 238);">http://securityfyi.wordpress.com/</span></a>.</div>
<div style="margin: 0px; font-family: Helvetica;">=======================================================================================</div>
<div style="margin: 0px; font-family: Helvetica; min-height: 17px;"><br>
</div>
<div apple-content-edited="true">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<br>
Monique Buchanan<br>
IT Security Communications Coordinator<br>
Information Systems & Technology (IS&T)<br>
Massachusetts Institute of Technology<br>
<a href="http://ist.mit.edu/secure">http://ist.mit.edu/secure</a><br>
tel: 617.253.2715<br>
<br>
<br>
</div>
</div>
</div>
</div>
<br>
</body>
</html>