[IS&T Security-FYI] Security FYI Newsletter, March 11, 2016

[Monique Buchanan]

In this issue:

1. At MIT: History of Online Spam and Scamming
2. MIT and Cambridge University Hackathon
3. SANS Institute Online Security Training
4. Seven Attack Trends



1. At MIT: History of Online Spam and Scamming

Artists: Joana Hadjithomas and Khalil Joreige
Exhibit: I Must First Apologize
Where: MIT List Visual Arts Center (E15)
When: Through April 17, 2016

The culmination of a major project by Joana Hadjithomas and Khalil Joreige, this exhibition at the MIT List Visual Arts Center<http://listart.mit.edu/exhibitions/joana-hadjithomas-and-khalil-joreige-i-must-first-apologize%E2%80%A6> presents a body of work that looks at the history of online spam and scamming through film, sculpture, photography, and installation.

Hadjithomas and Joreige have collected and archived a certain kind of spam e-mail—unsolicited messages from strangers—since 1999. These are schemes rooted in historical confidence tricks such as The Spanish Prisoner, which dates back to the sixteenth century. Aimed at swindling the recipient into transferring money to alleviate various invented personal hardships, collectively these e-mail scams delineate a map of recent geopolitical conflict, social unrest, and economic upheaval.

This exhibition is accompanied by the artists’ book: The Rumors of the World: Rethinking Trust in the Age of the Internet<http://listart.mit.edu/publications>, edited by Omar Khalif and published by Sternberg Press.


2. MIT and Cambridge University Hackathon

Students from MIT and the University of Cambridge in Cambridge, England, competed in a series of cyber challenges over the weekend (March 4-5). The competition is dubbed “Cambridge 2 Cambridge” (C2C)<http://news.mit.edu/2016/cambridge-2-cambridge-hackathon-0307>.

Events included a 24-hour Capture the Flag competition with blended teams, as well as password-cracking, lock-picking, and code-breaking challenges.


3. SANS Institute Online Security Training

The SANS Institute offers courses to professionals who are looking for information security training. More than 30 of the SANS Institute's most popular information security courses are available online.



Take a SANS cybersecurity training course on a tablet or laptop from the comfort of your own home or office. Whether you're interested in live or self-paced training, pen testing, forensics, incident handling or security management, there are a variety of online options

For a limited time, SANS is offering a new iPad mini 4 with any on demand or vLive course through March 30<https://www.sans.org/online-security-training/specials>.


4. Seven Attack Trends

At the 2016 RSA Conference in San Francisco last week, researchers with the SANS Institute shared a run-down of the threats and attack techniques<http://www.darkreading.com/risk/7-attack-trends-making-security-pros-sweat/d/d-id/1324563> that have come to the forefront lately, and which the security industry will be dealing with the most in the year to come.

The list:


  *   Weaponization of Windows PowerShell
  *   Stagefright-like mobile vulnerabilities
  *   Developer environment vulnerabilities such as Xcode Ghost
  *   Attacks on global infrastructure control systems (ICS)
  *   Targeting insecure third-party software components
  *   Turning the Internet of Things evil
  *   The push of ransomware due to changing malware economics



Monique Buchanan
Communications Specialist
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
http://ist.mit.edu
tel: 617.253.2715







-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20160311/b4a6fa73/attachment.html