March 15th, 2012 by dmbello@brown.edu
If you missed Microsoft’s “Patch Tuesday” announcements this week, Microsoft reported that there is a vulnerability in the RDP service that may allow a remote unauthenticated attacker to execute arbitrary code on the host running RDP. This vulnerability is labeled critical.
The Internet Storm Center is warning that hackers will likely reverse engineer the patch to “understand the details of the bug and craft an exploit.” They estimate that a viable exploit will probably be available in less than 30 days.
It is imperative that you apply the patch for this vulnerability as soon as possible. First, many departments are still wide open to the Internet (i.e., not as yet behind a firewall) and secondly, being behind a firewall doesn’t protect you from a computer on our networks that is compromised. Successful exploitation may mean an attacker can install a backdoor onto your system, among other things.
Please consult the following links for additional information about this vulnerability.
http://technet.microsoft.com/en-us/security/bulletin/ms12-020
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0002
http://isc.sans.edu/diary.html?storyid=12781&rss
June 1st, 2011 by pfalcon@brown.edu
UPDATE: US-CERT announced today that Apple has released Security Update 2011-003 for Mac OS X in response to the recent Mac fake anti-virus software. This update:
>> Adds a malware definition to the File Quarantine application
>> Causes the File Quarantine application to automatically update its malware definition list daily
>> Removes MacDefender fake anti-virus software if detected
Read the rest of this entry »
April 8th, 2011 by pfalcon@brown.edu
In our efforts to prevent the further spread of the HomeRun spam attack within the Brown community we have blocked the domain homerun.com. Currently, the graphics and links in the spam point back to this domain. Blocking the domain will insure that not only will the graphics not appear in the spam email but clicking on the links will not work either.
Read the rest of this entry »
April 8th, 2011 by pfalcon@brown.edu
The HomeRun.com (free movie ticket offer) email scam is still plaguing the Brown community.
You can help stem the tide by:
1. Not responding to the offer. This results in sending the message to those in your contact list.
Read the rest of this entry »
April 4th, 2011 by pfalcon@brown.edu
The Information Security Group has received questions about various data breach notifications, from retailers such as Best Buy and New York & Company.
In letters to their customers, these major businesses (some 2,500 affected) say that they had been informed by their email service provider — Epsilon — that email addresses they manage had been “exposed by unauthorized entry into their system.”
Read the rest of this entry »
January 21st, 2011 by pfalcon@brown.edu
The Information Security Group (ISG) may periodically post detailed advisories to the Brown community via the CIS blog (located in the “Security Advisories” section). These posts will be used to alert the campus to:
- rapidly spreading threats of high impact and/or broad distribution;
- recommendations for remedial as well as proactive responses to existing and developing situations;
- updates on information security situations; and
- general reminders of safe computing best practices in light of shifting security trends and attack vectors.
