Author Archives: Chris Norris

Security Note – OpenSSL ‘Heartbleed’ Vulnerability

As you may have read in mainstream news media outlets, a vulnerability was recently discovered in certain versions of OpenSSL which could allow a remote attacker access to sensitive data on certain types of servers.

LIS has already patched relevant local systems and is working with vendors to ensure that any relevant externally-hosted systems are similarly patched. There is no evidence to suggest that Middlebury account credentials have been compromised.

More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/475111/original/middlebury_threat_bulletin_openssl_heartbleed.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

New sign-in page for Middlebury Google Apps coming soon

Google has announced that all Google Apps services are getting a new sign-in page. This change will be rolled out to the Middlebury Google Apps instance by March 1st, 2014.

The new sign-in page requires users to sign in with their full email address, like this…

gapps_signin_new

The new sign-in page is intended to provide a streamlined and cohesive sign-in experience for all users, an account chooser that makes it easy to switch between Google accounts, and security enhancements, including advanced bot detection and improved account hijacking protection.

If you have any questions about this change, please comment below or email gadmin@middlebury.edu.

Regards,
The Middlebury Google Admin Team
(Chris)

Gartner Technology Research Access for Middlebury

The Middlebury campus community can find out what’s happening with global IT trends with access to research, news analysis and trends from Gartner Inc.

Gartner, Inc. (NYSE: IT) is the world’s leading information technology research and advisory company. Middlebury has a campus subscription to Gartner’s online research database. To access Gartner, simply visit http://go.middlebury.edu/gartner-login and authenticate using your Middlebury username and password.

Students can benefit by using Gartner to find research for assignments, learn where IT is headed and how it will shape our world, discover an area of interest, or even get ideas on careers. Gartner research enriches the educational experience by providing timely, objective real-world examples and content.

Faculty & Staff can benefit by using Gartner to stay current on IT industry trends. Gartner provides insight to the application of technology to real-world problems and enables understanding of the long-term trends and issues that current and future IT decision makers will face.

Should you have any problems accessing this resource or have any questions pertaining to Gartner research, please contact Chris Norris.

Interested in the most current and cutting edge information about technology?

The Middlebury campus community can find out what’s happening with global IT trends with access to research, news analysis and trends from Gartner Inc.

Gartner, Inc. (NYSE: IT) is the world’s leading information technology research and advisory company. Gartner delivers technology-related insight that helps clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is a valuable partner to 60,000 clients in 11,000 distinct organizations. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has 4,400 associates, including 1,200 research analysts and consultants, and clients in 85 countries.

Students can benefit by using Gartner to find research for assignments, learn where IT is headed and how it will shape our world, discover an area of interest, or even get ideas on careers. Gartner research enriches the educational experience by providing timely, objective real-world examples and content.

Faculty & Staff can benefit by using Gartner to stay current on IT industry trends. Gartner provides insight to the application of technology to real-world problems and enables understanding of the long-term trends and issues that current and future IT decision makers will face.

The Gartner home page is the starting point to learn about which technologies are just hype, what innovations will change how people work and play, how current events will impact technology and business, and which issues keep IT leaders awake at night.

Gartner’s research is licensed for use and is accessible at no cost to our students, faculty and staff. To access Gartner, you’ll need to first authenticate using your Middlebury username and password at http://go.middlebury.edu/gartner-login.

(Middlebury username and password required)

Should you have any problems accessing this resource or have any questions pertaining to Gartner research, please contact Chris Norris in LIS Administration at cnorris@middlebury.edu.

GO/phish

Early this morning, Middlebury experienced another email phishing attempt. The email message read like this:

— Message Start —

Warning !!!

Web administration has noticed your email was logged in in another location we advised that you change your PASSWORD to submit your new information CLICK HERE

Thank you for using our email.

Copyright ©2013 Email Helpdesk Centre.

— Message End —

Had you followed the CLICK HERE link in the phishing email, you might have seen another fraudulent Google form asking for your account credentials and other personal information.

Be advised that Google recently implemented security improvements to the Google Drive/Docs service that blocked the fraudulent form almost immediately. In addition, controls were enabled on our systems to block any additional matching messages from being delivered.

Still, if you suspect that you may have recently provided your Middlebury credentials to a fraudulent Google web form, you should immediately reset your password at go/activate and then contact the Helpdesk. If you become aware that your Middlebury account has been disabled, you must contact the Helpdesk to resolve.

It is important that community members keep themselves informed about these types of information security threats and be vigilant about protecting their credentials and personal information.

More information about safe computing practices is available at go/infosec and remember that you can report phishing attempts to phishing@middlebury.edu.

Re: EDUCAUSE Security Breach

Earlier today, we received notification from EDUCAUSE that they experienced a security breach in early February. We immediately changed our domain administration passwords for miis.edu and middlebury.edu, as recommended by EDUCAUSE. In addition, we have verified that our domain details for miis.edu and middlebury.edu are okay.

Any Middlebury and Monterey users who have an EDUCAUSE account and/or profile should immediately reset their EDUCAUSE passwords  and verify their account information at http://www.educause.edu.

–Chris
PS. If you cannot reach the EDUCAUSE website right now, you might try again in a little while after the initial rush to action has subsided.

Please review the statement from EDUCAUSE below;

February 19, 2013 – Garth Jordan, Vice President, Operations, of EDUCAUSE, issued the following statement with regard to a recent breach of EDUCAUSE servers by an unauthorized third party.

“On February 5th, EDUCAUSE discovered that the server that maintains the .edu domain information and our member profile information was breached. The breach may have compromised .edu domain passwords and information contained in individual EDUCAUSE website profiles, including names, titles, e-mail addresses, usernames, and passwords. Based on our investigation to date, we do not believe the breach included access to credit card data, financial accounts, or other sensitive information.

“EDUCAUSE took immediate steps to contain this breach and we are working with Federal law enforcement, investigators, and security experts to make sure this incident is properly addressed. Additional security measures have been implemented to help prevent any future occurrences.

“As a precaution, we are proceeding as though all individual EDUCAUSE website profiles and all .edu domain holders might have been impacted. We have notified via email all .edu domain holders and all individuals with website profiles about the breach and requested that they change their passwords. All that is required from those impacted by this breach is a password re-set.

“The threat of a breach is a constant business concern; no organization is immune from these illegal and harmful activities. Therefore, our priority remains ensuring the security and privacy of our members, domain holders, and everyone who relies on our services.”

For help with EDUCAUSE website profile password changes, please contact EDUCAUSE Member Services at info@educause.edu or +1-303-449-4430.

2013 NERCOMP Annual Conference – “Improvising the Future”

— From the EDUCAUSE web site —

This year’s annual NERCOMP conference, March 11-13, 2013 in Providence, Rhode Island, and online, will focus on “Improvising the Future.” In a time of perpetual change and when long range planning is difficult, we often cannot perform according to a set script or score; indeed, we find we must be agile and innovative enough to create new systems and processes to meet the expectations of our communities. We need to be able to improvise, collaborate with colleagues, and build on existing frameworks to arrive at creative solutions for the future.

Preconference seminars will be held in Providence Monday, March 11, with the full face-to-face and online conference programs March 12-13. Program sessions will focus on these key topic areas:

  • Corporate and Campus Solutions
  • IT Services: Support Models and Practices
  • Leadership and Organizational Development
  • Libraries and Scholarship in the 21st Century
  • Policy, Regulations, and Security
  • Systems and Solutions
  • Teaching and Learning

More information: http://www.educause.edu/nercomp-annual-conference

Middlebury Google Apps – Security Alert

Hello Middlebury Google Apps users,

While this is NOT a phishing message, it does relate to the general topic of phishing as it pertains to Middlebury’s Google Apps live pilot instance. Please read on for important information.

As you may be aware, LIS recently sent an email message to all students about an increase in the number of successful phishing attempts that are targeting middlebury.edu email addresses. In order to limit the number of compromised accounts from this most recent wave of phishing attempts, students were required to change their Middlebury password. This action has greatly reduced the number of compromised accounts, which is good!

However, we also discovered that a behavior of the Google Drive/Docs service may be causing our users to believe that certain fraudulent web forms, (such as the example screenshot below), are legitimate because the URL appears to be within our Middlebury Google Apps instance, to authenticated users.

These are NOT legitimate web forms! As standard practice, LIS does NOT request the type of information shown in the example below via Google web forms. Additionally, Google has advised that security improvements to the Google Drive/Docs service will soon be introduced to address this problem.

If you suspect that you may have recently provided your Middlebury credentials to a fraudulent Google web form, you should immediately reset your password at go/activate and then contact the Helpdesk.

If you become aware that your Middlebury account has been disabled, you must contact the Helpdesk to resolve.

It is also important that community members keep themselves informed about these types of information security threats and be vigilant about protecting their credentials and personal information. More information about safe computing practices is available at go/infosec.

EXAMPLE OF FRAUDULENT GOOGLE WEB FORM

MIDD-PHISH-WIN7-IE-400