Author Archives: Chris Norris

Security Note – ‘Shellshock’ Vulnerability

As you may have read in mainstream news media outlets, a vulnerability was recently discovered in the Bourne Again Shell (Bash) component of Unix-based operating systems. This vulnerability could allow an attacker to execute shell commands through shell environment variables. It has also been leveraged for denial of service attacks and other malicious activity.

ITS has already patched relevant local systems and is expecting vendors to patch any relevant externally-hosted systems. There is no evidence to suggest that Middlebury assets have been compromised.

More information about the vulnerability is available on the ITS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/486102/original/middlebury_threat_bulletin_shellshock.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

Security Note – Internet Explorer Zero-Day Bug

As you may have read in mainstream news media outlets, a security vulnerability was recently discovered in Internet Explorer which could allow a remote attacker to execute code on a compromised system. This vulnerability is being actively exploited through Flash-enabled web sites. The vulnerability allows an attacker to execute code on the compromised system and gain access with the same level of permissions as the system user.

Microsoft is releasing patches to address this vulnerability. Middlebury’s network has enhanced security protections already in place.

Here are some protective steps that you can take on your own:

More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/476056/original/middlebury_ie_zeroday.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

Security Note – OpenSSL ‘Heartbleed’ Vulnerability

As you may have read in mainstream news media outlets, a vulnerability was recently discovered in certain versions of OpenSSL which could allow a remote attacker access to sensitive data on certain types of servers.

LIS has already patched relevant local systems and is working with vendors to ensure that any relevant externally-hosted systems are similarly patched. There is no evidence to suggest that Middlebury account credentials have been compromised.

More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/475111/original/middlebury_threat_bulletin_openssl_heartbleed.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

New sign-in page for Middlebury Google Apps coming soon

Google has announced that all Google Apps services are getting a new sign-in page. This change will be rolled out to the Middlebury Google Apps instance by March 1st, 2014.

The new sign-in page requires users to sign in with their full email address, like this…

gapps_signin_new

The new sign-in page is intended to provide a streamlined and cohesive sign-in experience for all users, an account chooser that makes it easy to switch between Google accounts, and security enhancements, including advanced bot detection and improved account hijacking protection.

If you have any questions about this change, please comment below or email gadmin@middlebury.edu.

Regards,
The Middlebury Google Admin Team
(Chris)

Gartner Technology Research Access for Middlebury

The Middlebury campus community can find out what’s happening with global IT trends with access to research, news analysis and trends from Gartner Inc.

Gartner, Inc. (NYSE: IT) is the world’s leading information technology research and advisory company. Middlebury has a campus subscription to Gartner’s online research database. To access Gartner, simply visit http://go.middlebury.edu/gartner-login and authenticate using your Middlebury username and password.

Students can benefit by using Gartner to find research for assignments, learn where IT is headed and how it will shape our world, discover an area of interest, or even get ideas on careers. Gartner research enriches the educational experience by providing timely, objective real-world examples and content.

Faculty & Staff can benefit by using Gartner to stay current on IT industry trends. Gartner provides insight to the application of technology to real-world problems and enables understanding of the long-term trends and issues that current and future IT decision makers will face.

Should you have any problems accessing this resource or have any questions pertaining to Gartner research, please contact Chris Norris.

Interested in the most current and cutting edge information about technology?

The Middlebury campus community can find out what’s happening with global IT trends with access to research, news analysis and trends from Gartner Inc.

Gartner, Inc. (NYSE: IT) is the world’s leading information technology research and advisory company. Gartner delivers technology-related insight that helps clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is a valuable partner to 60,000 clients in 11,000 distinct organizations. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has 4,400 associates, including 1,200 research analysts and consultants, and clients in 85 countries.

Students can benefit by using Gartner to find research for assignments, learn where IT is headed and how it will shape our world, discover an area of interest, or even get ideas on careers. Gartner research enriches the educational experience by providing timely, objective real-world examples and content.

Faculty & Staff can benefit by using Gartner to stay current on IT industry trends. Gartner provides insight to the application of technology to real-world problems and enables understanding of the long-term trends and issues that current and future IT decision makers will face.

The Gartner home page is the starting point to learn about which technologies are just hype, what innovations will change how people work and play, how current events will impact technology and business, and which issues keep IT leaders awake at night.

Gartner’s research is licensed for use and is accessible at no cost to our students, faculty and staff. To access Gartner, you’ll need to first authenticate using your Middlebury username and password at http://go.middlebury.edu/gartner-login.

(Middlebury username and password required)

Should you have any problems accessing this resource or have any questions pertaining to Gartner research, please contact Chris Norris in LIS Administration at cnorris@middlebury.edu.

GO/phish

Early this morning, Middlebury experienced another email phishing attempt. The email message read like this:

— Message Start —

Warning !!!

Web administration has noticed your email was logged in in another location we advised that you change your PASSWORD to submit your new information CLICK HERE

Thank you for using our email.

Copyright ©2013 Email Helpdesk Centre.

— Message End —

Had you followed the CLICK HERE link in the phishing email, you might have seen another fraudulent Google form asking for your account credentials and other personal information.

Be advised that Google recently implemented security improvements to the Google Drive/Docs service that blocked the fraudulent form almost immediately. In addition, controls were enabled on our systems to block any additional matching messages from being delivered.

Still, if you suspect that you may have recently provided your Middlebury credentials to a fraudulent Google web form, you should immediately reset your password at go/activate and then contact the Helpdesk. If you become aware that your Middlebury account has been disabled, you must contact the Helpdesk to resolve.

It is important that community members keep themselves informed about these types of information security threats and be vigilant about protecting their credentials and personal information.

More information about safe computing practices is available at go/infosec and remember that you can report phishing attempts to phishing@middlebury.edu.

Re: EDUCAUSE Security Breach

Earlier today, we received notification from EDUCAUSE that they experienced a security breach in early February. We immediately changed our domain administration passwords for miis.edu and middlebury.edu, as recommended by EDUCAUSE. In addition, we have verified that our domain details for miis.edu and middlebury.edu are okay.

Any Middlebury and Monterey users who have an EDUCAUSE account and/or profile should immediately reset their EDUCAUSE passwords  and verify their account information at http://www.educause.edu.

–Chris
PS. If you cannot reach the EDUCAUSE website right now, you might try again in a little while after the initial rush to action has subsided.

Please review the statement from EDUCAUSE below;

February 19, 2013 – Garth Jordan, Vice President, Operations, of EDUCAUSE, issued the following statement with regard to a recent breach of EDUCAUSE servers by an unauthorized third party.

“On February 5th, EDUCAUSE discovered that the server that maintains the .edu domain information and our member profile information was breached. The breach may have compromised .edu domain passwords and information contained in individual EDUCAUSE website profiles, including names, titles, e-mail addresses, usernames, and passwords. Based on our investigation to date, we do not believe the breach included access to credit card data, financial accounts, or other sensitive information.

“EDUCAUSE took immediate steps to contain this breach and we are working with Federal law enforcement, investigators, and security experts to make sure this incident is properly addressed. Additional security measures have been implemented to help prevent any future occurrences.

“As a precaution, we are proceeding as though all individual EDUCAUSE website profiles and all .edu domain holders might have been impacted. We have notified via email all .edu domain holders and all individuals with website profiles about the breach and requested that they change their passwords. All that is required from those impacted by this breach is a password re-set.

“The threat of a breach is a constant business concern; no organization is immune from these illegal and harmful activities. Therefore, our priority remains ensuring the security and privacy of our members, domain holders, and everyone who relies on our services.”

For help with EDUCAUSE website profile password changes, please contact EDUCAUSE Member Services at info@educause.edu or +1-303-449-4430.