Badlock: Critical Vulnerability or Hype?

Posted by Clayton Bellot on April 14, 2016
Uncategorized / No Comments

While there was much anticipation over the recent Windows and SAMBA vulnerability dubbed the “Badlock Bug“, the criticality level dropped to “high” with a Common Vulnerability Score of 7.1. So, was the bug as big of an issue as had previously been indicated? Probably not, but not addressed could lead to security issues such as Man-in-the-Middle (MitM) or Denial of Service (DoS) attacks, which can be mitigated using the following best practices:

  • Patch as you get to it, but no reason to rush this one
  • Do not use SMB over networks you don’t trust
  • Firewall SMB inbound and outbound
  • If you need to connect to remote file shares, do so over a VPN.

Getting Personal with University Credentials

Posted by Clayton Bellot on March 02, 2016
Uncategorized / No Comments

In a recent article, “thirteen faculty and staff members at Illinois State University were the apparent victims of an information breach that allowed someone to divert their direct-deposit payroll payments to another account, according to university officials.” Similar attacks have been made against universities and have “involved people filing fraudulent tax returns using the information they obtained to divert tax refunds.”

So, anyone thinking that they aren’t a target just because they don’t have access to important information should realize that attackers are indeed after “you” to make a quick buck!

IRS Recommendations for Keeping Tax Records Secure

Posted by Clayton Bellot on January 20, 2016
Uncategorized / No Comments

Here are just a few of the easy and practical steps to better protect your tax records:

  • File your tax returns early. This prevents identity thieves from being able to make a false claim on your behalf and reduces future headaches when attempting to file in the years to come.
  • Always retain a copy of your completed federal and state tax returns and their supporting materials. These prior-year returns will help you prepare your next year’s taxes, and receipts will document any credits or deductions you claim should question arise later.
  • If you retain paper records, you should keep them in a secure location, preferably under lock and key, such as a secure desk drawer or a safe.
  • If you retain you records electronically on your computer, you should always have an electronic back-up, in case your hard drive crashes. You should encrypt the files both on your computer and any back-up drives you use. You may have to purchase encryption software to ensure the files’ security.
  • Dispose of old tax records properly. Never toss paper tax returns and supporting documents into the trash. Your federal and state tax records, as well as any financial or health records should be shredded before disposal.
  • If you are disposing of an old computer or back-up hard drive, keep in mind there is sensitive data on these. Deleting stored tax files will not remove them from your computer. You should wipe the drives of any electronic product you trash or sell, including tablets and mobile phones, to ensure you remove all personal data. Again, this may require special disk utility software.

 

Scammers Using Dell Service Tag Information

Posted by Clayton Bellot on January 19, 2016
Uncategorized / No Comments

In a fairly recent posting on ArsTechnica, users have been reporting a scam similar to the Microsoft scam in which scammers posing as support technicians are using specific information to win your trust. In this particular case, however, the information being used is Dell’s Service Tag which is typically used for support.

Dell is aware of this scam and issued an advisory last October with instructions for reporting through Dell’s website.

January is National Cyber Stalking Awareness Month

Posted by Clayton Bellot on January 12, 2016
Uncategorized / No Comments

The best defense against cyber stalking is to avoid oversharing information – especially online. Here are some basic tips from the Stop.Think.Connect.™ Campaign, the Department of Homeland Security’s national cyber security awareness program, to keep in mind when sharing online.

  1. Don’t broadcast your location. Do not activate location or geo-tagging features on your devices. You could be telling a stalker exactly where to find you.
  2. Connect only with people you trust. While some social networks might seem safer for connecting because of the limited personal information shared through them, keep your connections to people you know and trust.
  3. Keep certain things private from everyone. Certain information should be kept completely off your social networks. While it’s fun to have everyone wish you a happy birthday, or for long-lost friends to reconnect with you online, listing your date of birth with your full name and address provides potential stalkers with crucial information that could give them further access to you.
  4. Be thoughtful about what you share. Be aware that when you share a post, picture or video online, you may also be revealing sensitive information about yourself and others. You don’t own anything you post online, and people could use your information, photos, or content for malicious purposes.

To find out how you can support National Stalking Awareness Month or find out more information on stalking, please visit the National Stalking Resource Center and the National Stalking Awareness Month website.

Microsoft Ends Support for Internet Explorer Prior to Version 11

Posted by Clayton Bellot on January 05, 2016
Uncategorized / No Comments

After January 12, 2016, only the most recent version of Internet Explorer available for a supported operating system will receive technical support and security updates. For example, customers using Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 on Windows 7 SP1 should migrate to Internet Explorer 11 to continue receiving security updates and technical support. For more details regarding support timelines on Windows and Windows Embedded, see the Microsoft Support Lifecycle site.

Read more at https://blogs.msdn.microsoft.com/ie/2014/08/07/stay-up-to-date-with-internet-explorer/ and https://www.microsoft.com/en-us/WindowsForBusiness/End-of-IE-support.

Report Indicating Malware is Still Rampant Over File-Sharing

Posted by Clayton Bellot on December 14, 2015
Uncategorized / No Comments

For those who log a pirate visit every once in a while, a report commissioned by Digital Citizens Alliance for RiskIQ put some of the online threats on display. According to the report, users are 28 times more likely to contract malware from torrent sites than they are from mainstream websites or licensed content providers. The study used a sample of 800 sites that distribute copyrighted movies and television shows. One-third of websites with stolen content contained malware and a staggering 45 percent required but a single page-visit from you to cause the malware to download itself onto your computer.

Common Phishing Scams

Posted by Clayton Bellot on December 10, 2015
Uncategorized / No Comments

When it comes to phishing, the best line of defense is you. If you pay attention to potential phishing traps and watch for telltale signs of a scam, you can minimize your risk of becoming a victim. Here are some scenarios you may encounter:

  • An email appearing to be from a bank, credit card company, or other financial institution requests that you “confirm” your personal account information. Supposedly, your information has been lost, or your account is going to be closed, so it is “urgent” that you respond immediately.
  • A phony email from the “fraud department” of a well-known company asks you to verify your information because they suspect you may be a victim of identity theft.
  • An email may take advantage of a current event, such as the Anthem data breach, which scammers used to send phishing emails with malicious links for “free credit reporting.”
  • An email claiming to be from a state lottery commission requests your banking information to deposit the “winnings” into your accounts.
  • A scammer pretends to have a large sum of money and needs “someone trustworthy” to help access it. The scammer promises to share the wealth in exchange for your help – specifically, your financial information.

Adobe Flash Player Zero-Day Vulnerability

Posted by Clayton Bellot on July 08, 2015
Uncategorized / No Comments

Recently, Information Technology Services was made aware of a zero-day vulnerability for Adobe Flash Player. Dubbed “the most beautiful Flash bug for the last four years” by the hacker group who’s leaked documentation lead to the publicity of the vulnerability. Sources indicate that this vulnerability is actively being exploited in the wild. Successful exploitation could result in remote code execution. Adobe states that all previously released versions of Adobe Flash are affected, including those bundled with Adobe AIR.

Information Technology Services strongly recommends the following action be taken to mitigate this vulnerability

  • Immediately update Adobe Flash Player to 18.0.0.203.
  • Immediately update AIR Desktop Runtime to 18.0.0.180.
  • Enable Click-to-Play for the Adobe Flash Player add-on to help mitigate potential future threats.

Additional information
+ Adobe’s Player Download Center site
+ Helpful hints for managing the Adobe Flash add-on
+ Enabling ‘Click-to-Play’ for the Adobe Flash Player add-on
+ Details regarding the latest vulnerability

Outlook for iOS and Android

Posted by Clayton Bellot on February 04, 2015
Uncategorized / No Comments

While the university promotes the use of innovative technologies and yearns for better integration between core services and mobile applications, the Information Security Office recommends that thoutlookappe UIS community not install or configure Microsoft’s latest mobile app “Outlook for iOS and Android” to be used for connecting to the university’s Exchange services. For those users who have already done so, we recommend that the app be uninstalled and your university password be reset.

This particular application not only stores a copy of the username and password on their servers, but, also stores email messages (including attachments), contacts, and calendar data. This practice violates campus and university policy and as a preventative measure will be blocked from connecting to the UIS mail servers beginning Friday, February 6, 2015.