[IS&T Security-FYI] SFYI Newsletter, June 17, 2014

[Monique Buchanan]

In this issue:

1. IT Partners Conference Security Topics
2. Laptop Tagging & Registration Today
3. GameOver Zeus P2P Malware


-------------------------------------------------------
1. IT Partners Conference Security Topics
-------------------------------------------------------


Come join us today, Tuesday, June 17, at the IT Partners Conference in Stata. The security topics this year are:

  *   Security Operations: How Can We Help You? This has been a year of change for the Security Operations group. We invite you to come meet the new members of the team, talk about new initiatives and services and provide feedback on community wants and needs from a security perspective.
  *   FileMaker Server and Security Reconnaissance, Recommendations, Ruminations In the first half of this session we will address questions of FileMaker and the greatest security risks associated with its usage on campus.   In the second half of the session, we will talk about some of the post Heartbleed Bug heartache we've experienced trying to set up a stable FileMaker 13 Server.  If you manage a FileMaker server and/or support users of stand-alone FileMaker files, we invite you to come learn from our own trials and tribulations.
  *   Emergency Communications The presentation will cover various aspects of emergency preparedness including violent intruder protective actions, emergency evacuation/accountability, and continuity of operations. We will also provide an overview of the emergency management structure at MIT.
  *   Quick Steps to Security Don’t wait! In this session we will guide you through implementing some of the quick things you can do to be more secure right now. You will leave having the tools and instructions you need to get going on these today.
  *   Operations & Infrastructure Projects This talk will cover the Operations & Infrastructure projects and services for the upcoming fiscal year in the networking, systems administration and security areas.  Additional topics include: the overall effort to move IS&T towards a platform-based service delivery model; upcoming summer pilot projects; and experiments in the platform area for Operations & Infrastructure.

See more information on the IT Partners Conference<http://kb.mit.edu/confluence/x/jmAYCQ>.

-----------------------------------------------------
2. Laptop Tagging & Registration Today
-----------------------------------------------------

Where: In Stata, student street
When: Tuesday, June 17 (today) from 11:00 am - 1:00 pm

Cost: $10 cash (no cards) or MIT Cash Object

Bring your laptop to Stata today to get it tagged and registered. Just as you might register a bike with the police, you can also register your laptop. Information Systems & Technology partners with MIT Police to provide STOP (Security Tracking of Office Property) tags for laptops. The tag is affixed to the device, has a unique number, and is registered with a world-wide database.

Sgt. Cheryl Vossmer of the MIT Police says that although a STOP tag is not software that can track a device via GPS or other means, it has been very effective at providing a way for lost or stolen laptops to be returned to their rightful owners.

Read laptop recovery stories here<https://www.stoptheft.com/>.

Learn more about laptop registration at MIT<http://kb.mit.edu/confluence/display/istcontrib/MIT+Police+Laptop+Tagging+and+Registration>.


--------------------------------------------
3. GameOver Zeus P2P Malware
--------------------------------------------

GameOver Zeus (GOZ), a peer-to-peer variant of the Zeus family of bank credential-stealing malware identified in September 2011­, uses a decentralized network infrastructure of compromised personal computers and web servers to execute command-and-control.

The malware was used by criminals to infect victims with ransomware such as Cryptolocker<http://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/>. Although the government has taken control of GameOver’s servers, preventing further infection of Cryptolocker, there are many, perhaps hundreds of thousands of computers still infected.

Systems at risk:


  *   Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8
  *   Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012

The US government recently released this technical advisory<https://www.us-cert.gov/ncas/alerts/TA14-150A> on GOZ to provide further information. A system infected with GOZ may be employed to send spam, participate in DDoS attacks, and harvest users' credentials for online services, including banking services.

One of the solutions provided in the advisory is to use and maintain anti-virus software. The software supplied by Information Systems & Technology at MIT, Sophos Anti-Virus<http://ist.mit.edu/sophos>, protects against this malware. To clean up a computer already infected, Sophos also offers a separate, free Virus Removal Tool<http://www.sophos.com/en-us/products/free-tools/virus-removal-tool.aspx>.

Read more at Sophos online<http://blogs.sophos.com/2014/06/02/heres-how-you-can-help-stop-gameoverzeus-and-cryptolocker/>.


=======================================================================================
Read all archived Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
=======================================================================================

Monique Buchanan
IT Security Communications Coordinator
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
http://ist.mit.edu/secure
tel: 617.253.2715



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20140617/b81a767b/attachment.htm