[IS&T Security-FYI] SFYI Newsletter, November 17, 2009

Monique Yeaton myeaton at MIT.EDU
Tue Nov 17 16:09:10 EST 2009 

Better late than never, here is this week's Security FYI Newsletter.

In this issue:

1. McAfee Security for Mac Released
2. Smartphone Threats
3. Data Protection Going Federal


-----------------------------------------------
1. McAfee Security for Mac Released
-----------------------------------------------

Information Services and Technology (IS&T) has announced support for  
McAfee Security 1.0 for Mac OS X users.

McAfee Security 1.0 is the antivirus software for all Macintosh  
computers running Mac OS X 10.4 or later, and replaces VirusScan.  
(Note: McAfee Security is a renamed and updated version of VirusScan.)

IS&T recommends that all Macintosh users running Mac OS X 10.4 or  
later upgrade to McAfee Security 1.0. For features and further details  
on this product, please see:

<http://ist.mit.edu/news/mcafeesecurity1.0>


------------------------------
2. Smartphone Threats
------------------------------

As iPhones, Blackberry phones and other devices become more popular,  
harmful software such as viruses and spyware is emerging to exploit  
their vulnerability.

How can a phone become infected? The same way a computer does: through  
infected applications you can download from the Internet to your  
phone, phishing emails, and infected web sites.

As more smartphones users use their phones for business purposes and  
access sensitive data through their phones (for instance by purchasing  
an item online or checking their online financial accounts), they need  
to be aware of the risks they are taking. One in five smartphone users  
has already encountered a phishing scam, according to a survey  
conducted by TrendMicro last May.

What are phone makers or mobile carriers doing about the problem? Not  
as much as you might think. Security software vendors stand to gain  
quite a lot by filling the gaps with third-party software. But don't  
just depend on a product to safeguard your phone's data, use your  
brain. If there's any chance anyone else could access the private data  
you can access through your phone, it may not be safe to put it there  
or have it accessible through your phone.

Read the full story here:
<http://www.businessweek.com/technology/content/nov2009/tc20091116_827479.htm 
 >

For more on security issues for mobile phones see:
<http://ist.mit.edu/security/support/mobilephones>

On a related note, Georgia Tech is conducting mobile security research:
<http://campustechnology.com/articles/2009/11/16/georgia-tech-researchers-attack-cell-phone-malware.aspx 
 >


------------------------------------------
3. Data Protection Going Federal
------------------------------------------

A federal law is in the works that would provide protection to  
personal data. The Senate Judiciary Committee approved the Personal  
Data Privacy and Security Act of 2009. The bill is headed to the full  
Senate for consideration. If it becomes law, it would require  
companies, organizations, and government agencies to follow specific  
rules for protecting sensitive and personally identifiable data.

If approved, the bill would likely preempt similar data-protection  
laws that have already been passed in 46 states. Many security  
analysts have been calling for a federal bill, arguing that it would  
be easier for companies to comply with one national law rather than a  
patchwork of 46 state laws.

Read the full story here:
<http://www.computerworld.com/s/article/9140408/Federal_data_protection_law_inches_forward 
 >

= 
= 
= 
========================================================================

Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB 
 >



Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security

---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you  
for your password.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20091117/49de7e53/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1846 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20091117/49de7e53/attachment.bin

More information about the ist-security-fyi mailing list