[IS&T Security-FYI] SFYI Newsletter, April 12, 2011
Monique Yeaton
myeaton at MIT.EDU
Tue Apr 12 11:39:21 EDT 2011
In this issue:
1. April 2011 Microsoft Security Updates
2. Calling on College Students with Cyber Security Skills!
3. Epsilon Security Breach Already Affecting Consumers
---------------------------------------------------
1. April 2011 Microsoft Security Updates
---------------------------------------------------
Microsoft plans to issue 17 security bulletins for Patch Tuesday, today, April 12th to address 64 vulnerabilities. Nine of these bulletins are rated critical, the remaining are rated important.
The bulletins will address flaws in Windows, Office, Internet Explorer, Office Web Apps and Microsoft Visual Studio and Visual C+ +.
Read the full April security bulletin:
<http://www.microsoft.com/technet/security/bulletin/ms11-apr.mspx>
-----------------------------------------------------------------------
2. Calling on College Students with Cyber Security Skills!
-----------------------------------------------------------------------
Do you know any college kids who have hands-on cyber security skills or computer skills and a strong interest in security? If so, tell them to register this week for the online CyberQuests competition.
The 260 who do best will get enormous career boosts by being invited to summer Cyber Camps where the top teachers will challenge them and help them. Congressmen, Governors, and other political leaders will recognize those who do well and job opportunities are highly likely to follow. Deadline April 18.
Tell them to get more information and register at <http://uscc.cyberquests.org/>.
-----------------------------------------------------------------------
3. Epsilon Security Breach Already Affecting Consumers
-----------------------------------------------------------------------
In case you have not been following this story in the news (see http://securityfyi.wordpress.com/2011/04/05/consumers-warned-of-fake-business-emails/), as a consumer you should be aware that you may be receiving some spear-phishing emails attempting to access your financial accounts.
A data breach at Epsilon exposed thousands of email addresses to the attackers who accessed Epsilon's servers via a spear-phishing attack that likely happened last November <http://www.computerworld.com/s/article/9215605/Epsilon_a_victim_of_spear_phishing_attack_says_report>.
The Better Business Bureau is reporting that some of the stolen information from Epsilon is already being used in spear-phishing attacks on consumers, targeting customers of Chase Online Banking. If you receive such emails, even ones that claim that they are helping you to secure your Chase account, do not respond to the emails. A legitimate business will never reach out to their customers in this way through email.
If you have a question or concern about your Chase account or any of your online banking accounts, contact your bank by phone or visit one of their branches.
===========================================================================================
To read all current and archived articles online, visit the Security-FYI Blog at <http://securityfyi.wordpress.com/>
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20110412/90de63b5/attachment.htm
More information about the ist-security-fyi
mailing list