Cloud Security Research at MIT

For several years, computer science researchers at MIT have been reviewing and attempting to address the problem of attacks on data in the cloud. A recent method designed by faculty in MIT’s Department of Electrical Engineering and Computer Science would thwart attacks by disguising memory-access patterns. The scheme would be implemented in custom-built chips that write multiple data queries at the point where data is accessed, serving as a sort of decoy for attackers who are spying on other people’s data.

Read the full MIT News story.

Event: Laptop Tagging and Registration, May 6th

Come next week to Lobby 10 to register and tag your laptop. This is the last opportunity to do so this semester!

Where: Lobby of Building 10
When: Wed., May 6th, 11:00 am – 1:15 pm

How to pay: $10 cash (no cards) or MIT Cost Object

Just as you might register a bike with the police, you can also register your laptop. Information Systems & Technology partners with MIT Police to provide STOP (Security Tracking of Office Property) tags for laptops. The tag is affixed to the device, has a unique number, and is registered with a world-wide database.

Capt. Cheryl Vossmer of the MIT Police says that although a STOP tag is not software that can track a device via GPS or other means, it has been very effective at providing a way for lost or stolen laptops to be returned to their rightful owners.

Read recovery stories here of laptops with STOP tags.

Laptop tagging and registration takes a break during the summer and we will post the next laptop tagging session when available. Laptop registration at MIT.

WordPress Releases Update to Address Zero Day Flaw

This week WordPress released a critical update to fix a vulnerability in its content management system that could be exploited to hijack web admin accounts. An exploit for the vulnerability was released over the weekend.

Attackers could exploit the flaw by embedding malicious code in a comment. If the attacker has previously made an innocuous post that gets approved by a site administrator, the new comment containing the code would post automatically and the code would execute. The WordPress update brings the most current version to 4.2.1.

Read the story in the news.

Microsoft Security Updates for April 2015

On Patch Tuesday this week, Microsoft released eleven security bulletins (MS15-032 through MS15-042). Four bulletins are labeled as critical and the remaining seven as important.

Systems affected include Windows client and server operating systems as well as various Office products and Internet Explorer. One of the bulletins, MS15-033, addresses a zero-day vulnerability in Microsoft Office which is currently under limited attacks on Word 2010. The bulletin also fixes two critical RCE (remote code execution) flaws that could be exploited in Office 2007 and 2010 if a user looks at an email in the Outlook preview pane.

Be sure to accept the updates as they occur, or go to the Windows Update site. You may need to restart your machine after installing patches.

Read the story in the news.

Adobe and Oracle Release Critical Updates

Adobe released a fix for a zero-day bug in Adobe Flash Player for Windows and Mac. Users should update to Adobe Flash Player 17.0.0.169. If you are unsure whether your browser has Flash installed or what version it may be running, go to Adobe’s Flash Player page. Internet Explorer on Windows 8 and Chrome should automatically update.

Oracle’s quarterly critical patch update plugs 15 security holes in Java 8. If you have Java installed and use it for specific websites or applications, update as soon as possible. Windows users can check for the program in the Add/Remove Programs listing or visit Java.com and click the “Do I have Java?” link on the home page. Note that Oracle will be ending support for Java 7 after this update of Java 8 (Update 45).

Read the full story at Krebs on Security.

The Simda Botnet

The Simda botnet (a botnet is a network of computers infected with self-propagating malware) has compromised more than 770,000 computers worldwide in the past six months. The botnet has recently been taken down by law enforcement groups and private security companies by seizing 14 command-and-control servers located in various countries, including the US.

Simda malware takes advantage of Windows computers with unpatched software to re-route a user’s Internet traffic to websites under control by the criminals. The infected computers can also be used to install additional malware, give criminals access to harvest user credentials, or cause other malware attacks.

Read a full report on this threat in the alert released by the DHS and FBI: TA15-105A, which includes the recommended actions users can take:

  • Use and maintaining anti-virus software
  • Change your passwords
  • Keep your operating system and software up to date
  • Do a manual check of your system (or ask for assistance to do so) to see if it is infected. Microsoft has developed a free cleaning agent for Simda. If you have been infected by Simda.AT, run a comprehensive scan of your environment using Microsoft Safety Scanner, Microsoft Security Essentials or Windows Defender.

Read the story in the news here and here.

Phishing Attack List: E-Z Pass Virus Spam

This is a new category I will be including in the newsletter: phishing attacks that are currently trending and which you may see some examples of in your inbox. If you have any examples to share with the list, please forward it to me with a link to the information or news story that describes the phishing attack.

A series of fake E-Z Pass virus spam emails are going around, that claim you owe money for driving on a toll road. A zip file attached to the spam email contains a javascript file that downloads malware. The javascript files aren’t for execution by a browser but by Windows Script Host, so Windows machines are vulnerable. If you use Windows + Internet Explorer you will receive a randomly-named .gif file that is actually an .exe file.

Read more about this phishing attack here.

Follow

Get every new post delivered to your Inbox.

Join 75 other followers