Computer Security News Archive

According to several security websites, upgrading to Apple's newest operating system, Leopard OS X 10.5, shuts off some basic security controls. Namely, it appears that upon installation, the default firewall rule in Leopard is "Accept all incoming connections".

This setting is highly risk since it exposes the computer to a possible network-based attack. It is recommended that the firewall rules are reviewed on all Macintoshes with Leopard installed. The firewall should be set to a more restrictive setting such as "Block all incoming connections" or "Only allow connections to these applications / services"

To do so in Leopard, go to System Preferences > Security > Firewall, change the setting to either of the aforementioned, and then save all changes.

Posted by cp493 at 01:25 PM | Permalink

Google Desktop is a desktop search application designed to simplify your access to information on your computer and the Internet. Among other features, this program automatically indexes and allows you to search the full text of virtually all your files.

As is the case with nearly every computer program, if Google Desktop is not properly maintained and updated, it could potentially allow attackers to compromise your computer and/or access your local files. Google Desktop does provide automatic updates as vulnerabilities are discovered, but if you handle or store sensitive University data on your computer, you should consider avoiding and/or uninstalling this program.

If you continue using Google Desktop, ITS strongly recommends that you do the following (click each link for instructions on the Google website):

• Set Desktop not to search or index any sensitive files or folders.
• Disable "Search Across Computers"
• Disable "Secure web history"
• Disable Google Integration
• Enable "Encrypt Index" (Please note that enabling this option will automatically disable "Search Across Computers.")

For more information about privacy and Google Desktop, see the Google Desktop website.

If you use a third-party desktop search program besides Google Desktop, ITS encourages you to review the program's supporting documentation to see what you can do to help secure the program and your data.

If you have questions about data security, contact ITS Technology Security Services at security@nyu.edu.

Posted by Kate at 10:15 AM | Permalink

There have been several reports of NYU members receiving suspicious email stating that a supposed "hit man", i.e. assassin, was being paid by a 3rd-party to 'terminate' the email recipient. The message also states that the assassin wishes to bargain with the victim by asking for monetary compensation to avoid being killed. Moreover, it goes on to instruct the recipient not contact any law enforcement agency, lest they wish for the issue to escalate

Continue reading "Beware "Hit Man" Scam Email" »

Posted by cp493 at 10:57 AM | Permalink

There have been recent reports of NYU members receiving suspicious phishing emails that purport to be from the Internal Revenue Service. The IRS does not send out unsolicited e-mails or ask for detailed personal and financial information. Additionally, the IRS never asks people for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts.

Phishing (as in "fishing for information" and "hooking" victims) is a scam where Internet fraudsters send e-mail messages to trick unsuspecting victims into revealing personal and financial information that can be used to steal the victims' identity. Current scams include phony e-mails which claim to come from the IRS and which lure the victims into the scam by telling them that they are due a tax refund.

An example of the phishing message appears as the following:

Continue reading "IRS Email Phishing Scam" »

Posted by cp493 at 04:49 PM | Permalink

On February 28, 2007, the Recording Industry Association of America (RIAA) announced that it is initiating hundreds of legal actions against people at thirteen colleges and universities "who engage in illegal file-trafficking of copyrighted content on peer-to-peer (P2P) systems." A press release on February 28, 2007 states that the RIAA will send "pre-litigation settlement letters" to universities on behalf of major record companies and will offer affected students the chance to settle before litigation is initiated and to thereby avoid a formal lawsuit. For this purpose, the RIAA has a new website (www.p2plawsuits.com) that provides a guide to settling a lawsuit prior to litigation.

NYU is not on the list of institutions that the RIAA calls "the initial wave of this new initiative." It's conceivable, though, that NYU will receive a "pre-litigation settlement" letter from the RIAA in a subsequent wave, since the RIAA has sued NYU students in the past. Should that occur, NYU will follow long-established procedures to alert affected individuals. It will be the responsibility of those individuals to determine whether to settle prior to litigation. NYU is not in a position to advise affected individuals on such matters.

NYU does, as a higher educational institution, encourage broad academic freedom, while also striving to ensure privacy, to protect intellectual property rights, and to abide by laws that cover the fair use of copyrighted materials. In numerous efforts throughout the year, NYU reminds all members of its community, and especially students, to recognize the legitimate concerns of the recording industry. In particular, be aware that most music files are copyright protected, which means that they can be distributed only with the permission of the people who own that copyright. For more information, check NYU's Peer-to-Peer File Sharing website: www.nyu.edu/its/p2p/.

Posted by Kate at 11:03 AM | Permalink

Microsoft released three critical Windows patches on Jan. 9th that resolve multiple vulnerabilities. The patches address, amongst other issues, vulnerabilities in Excel, Outlook, and VML handling.

The vulnerabilities, if not patched, can allow an attacker to execute arbitrary code and compromise your computer.

These updates concern multiple versions of Windows including, but not limited to, Windows XP Professional SP2 and the Mac versions of the Office Suite. It is very important that you update your Windows operating system as soon as possible.

Download the latest updates here:

http://update.microsoft.com

Posted by cp493 at 04:41 PM | Permalink

The Mozilla group has released the latest version of FireFox, updating it to version 2.0. This latest version of the popular web browser touts updated security features amongst other improvements.

One of the newest updates in this iteration of the popular web browser is the "Phishing Filter" feature. This component will protect web surfers by blocking malicious phishing websites from displaying any content. Phishing is defined as:

"A form of Internet fraud that aims to steal valuable information such as credit cards, social security numbers, user IDs and passwords."

Firefox 2.0 will also add protection from spyware installations. Such applications will not install by default, and users will be clearly prompted for such types of installations.

You can download Firefox 2.0 from the ITS Software page: www.nyu.edu/its/software/.

Posted by cp493 at 12:14 PM | Permalink

ITS has received reports about a new type of email phishing scam that attempts to convince the recipient to download a Diagnostics test tool to "repair Windows registry" problems. What makes this a phishing scam is that it does not originate from an NYU email address, the links do not redirect the user to any NYU page, and it refers to a previous "notification" that was supposedly sent one-week previously.

Do not click on any link within the body of the message. This may compromise your computer and put your information at risk. If you do receive this message, please forward it directly to is.spam@nyu.edu. A portion of the phishing message is reprinted below:

File Error Notification Follow-up:

We contacted you last week, and we noticed that you hadn't run the diagnostics test to check for any potentially harmful file errors located in your registry.

Press below to launch the Diagnostics Test download:

Press HERE to begin: [ link to malicious website goes here ]

Please read carefully to learn how to locate these potentially harmful file errors locate on your PC, and how to fix them.

Posted by Kate at 05:49 PM | Permalink

During a recent survey of smartphones and PDA's being sold on eBay, a security software company called 'Trusted Digital' found that a large majority of these devices still contained personal information from their previous owners.

In certain cases, the data on the device was completely "as-is" and appeared to not have been erased at all. In other cases, the data was 'reset' but not fully erased, allowing someone with basic technical skills to retrieve the original proprietor's information. Data on these devices included banking information, credit card numbers, and even highly confidential investor and corporate data.

Many of these devices offer what is termed "hard reset" options. The Treo 650 and the Blackberry, both supported at NYU, have these features built into each device. Moreover, many smartphones and PDA, including the Treo 650 and Blackberry, have password protection capabilities, affording for added security.

Learn more about securing the Treo 650 or Blackberry on the ITS website:
Secure your Treo 650
Secure your Blackberry

Posted by Kate at 12:18 PM | Permalink

Code was recently released that exploits two of the vulnerabilities patched in last week's Microsoft "patch Tuesday." The first exploit attacks a vulnerability in DHCP, the software used by a computer to obtain its IP address on a network. The other, which is currently a "proof of concept," attacks a Windows component called "mailslot." These exploits reinforce the necessity of applying MS patches as soon as they become available. See this CNET story for more information.

Posted by Kate at 11:42 AM | Permalink