Skip redundant pieces
The Breach Blog
F-Secure: News from the Lab
Podcasts
Security Now!
Security Bites
Computer Security Awareness Poster &         
Video Contest 2009

Voice + Phishing = Vishing

UPDATE:

Please be alert for SMS messages (also commonly referred to as "text messages" or simply "texts") arriving on your mobile phones. Users report receiving the following text message from "system(at)66fcu.org":

Computer Security Awareness Poster & Video Contest 2009

Win cash, gain experience, and earn national recognition with a poster or one short video!

The EDUCAUSE/Internet2 Computer and Network Security Task Force, with the help of ResearchChannel, is conducting a contest in search of short computer security awareness videos and posters developed by college students for college students. The contest seeks creative, topical, and effective posters and videos of two minutes or less that focus attention on computing security problems and how best to handle them.

Make your Mac a little safer

So you got your shiny new MacBook and you're keen to use it at the library, the bookstore, the coffeshop. The cords have been cut and you're ready to go on the road! Having a mobile Mac is handy, but you want to protect your computer and your data.

Graham Lee, Senior Macintosh Software Engineer at Sophos, published a whitepaper entitled 10 steps to better secure your Mac laptop from physical data theft. Here's a summary:

We get phished so you don't have to.

It's okay, you can admit it. You know that e-mail from that credit union you've never done business with is a fake. You've heard your IT person tell you a million times never to click those links in e-mails. Maybe you even heard it here, but...man, it's tempting. You just want to know what those phishing sites look like! Or maybe you want to see if this one might be real this time!

Earthquake Relief Scam

The IT Security Office has received spam e-mails attempting to solicit donations for relief to the residents of the Sichuan province in southwestern China. We strongly recommend that you do not respond to unsolicited requests; if you wish to give, seek out a trustworthy charity organization.

An example of the solicitation appears below:

Click to enlarge:

Malicious payloads in my P2P downloads? It's more common than you think!

You may think you've heard some bad music and seen some bad movies, but they probably didn't infect your computer with malicious software. This week that could change.

Recycle your electronic goodies this Saturday, April 26, 2008!

The City of Lawrence will host the first electronic recycling event this Saturday, April 26 from 9:00 a.m. to 1:00 p.m. at the KU Lied Center parking lot, 1600 Stewart Drive.

The city invites residents and small businesses to recycle old, unwanted electronic equipment. Electronic equipment may contain hazardous components such as lead, mercury and cadmium. Recycling your unwanted electronic equipment keeps these hazardous components out of the landfill.

Items accepted for recycling are:

Please do not click here to verify your KU e-mail account.

The IT Security Office is seeing an uptick in reports of phishing e-mails purporting to come from the KU Help Desk. These messages are generally variations on this one:

Click to enlarge

Fake Help Desk E-mail

Still using a D-Link DWL-1000AP?

It's probably time to recycle it and do a little upgrading. The DWL-1000AP, in addition to being end-of-lifed by D-link, is being exploited by hackers.

Forget the tinfoil hat!

You need a tinfoil (okay, stainless steel) wallet, especially if you carry a credit card with an embedded RFID chip. Why? For eight bucks, a bad guy can make your card sing like a bird. Watch:

So that's the bad news. Here's some good news: