Author Archives: Chris Norris

Email Security Update: New Spam Quarantine Feature Launches 7/22/16

ITS will implement a new “spam quarantine” feature on Friday, July 22, 2016. This change will help keep spam and phishing messages out of your mailbox, better protecting the Middlebury College community from phishing attacks and other email-borne threats. The new quarantine feature will change how you manage messages identified as spam by the mail system. Spam email will now be placed in a separate quarantine area, rather than being directed to your Junk Email folder.

Important: All messages in your quarantine area should be treated with special caution as they are most likely harmful to you and others! Do not click any links in these messages or release them to your Inbox unless you are absolutely sure that the message is legitimate. Be particularly suspicious of messages asking you to update your account, reset your password, expand your email storage quota, etc. Remember, any message that asks for your password or username is not to be trusted. For more information about how to protect yourself from phishing attacks, please see go/phish.

Messages identified as spam will be stored in the Spam Quarantine for 15 days. If you have received suspect messages, Microsoft will send you a daily “Spam Notification” email message. The messages are sent from quarantine@messaging.microsoft.com, once per day.

You can check your Spam Quarantine at any time by logging into go/quarantine (or directly via https://admin.protection.outlook.com/quarantine).

If you are missing a time-critical message, check your Junk E-Mail folder first, then check the Spam Quarantine, via go/quarantine.

For more details on managing the spam with the Spam Quarantine, as well as tips on how to use the the Blocked Senders/Safe Senders tools to allow or block specific email message senders, please visit go/spam.

MIIS users: Please be sure to login using the “username@middlebury.edu” format, “miis.edu” will not be recognized.

Sophos Anti-Virus for Home Use

All Middlebury students, faculty, and staff are entitled to a full installation of Sophos anti-virus software for use on a personally-owned computer. ITS has changed the location for virus definition updates and request that all users update their Sophos clients on their personally-owned computers. The latest installers are now available at http://go.middlebury.edu/sophos.

These versions are for student and faculty/staff home-users, on their personally-owned devices. Middlebury provides managed anti-virus software for Middlebury-owned devices that updates automatically. Please do not attempt to install a home-use version of Sophos on a Middlebury-owned system.

Thank you!

Wi-Fi Calling is Here

Following T-Mobile and Sprint, AT&T has just enabled a much-anticipated feature called Wi-Fi Calling for people who have an iPhone 6, 6 plus, 6s, or 6s plus running iOS 9.x on AT&T.

From AT&T’s web site…

With Wi-Fi Calling, you can talk and text over Wi-Fi when cellular coverage is limited or unavailable. For example, some indoor locations may be difficult for even a strong cellular signal to reach. Now, with a Wi-Fi connection, you can talk and text in those hard-to-reach places.

  • Wi-Fi Calling is easy to set up and use.
  • Once you set up Wi-Fi Calling, your phone automatically detects when to use it. Wi-Fi Calling will only be used if cellular coverage is weak or unavailable.
  • It works with your AT&T mobile number and compatible device—no new number or app required.

Once you set up Wi-Fi Calling on your phone, you’ll be able to enjoy the benefits. Just follow the steps in your phone’s settings to get started.

  • Make and receive unlimited domestic calls within the U.S., Puerto Rico, and U.S. Virgin Islands at no additional charge.
  • International long distance rates apply for calls made to international numbers.
  • Text messages sent or received using Wi-Fi Calling are counted and charged under your existing rate plan.

Here is a link to AT&T’s FAQ page on Wi-Fi Calling that should answer any questions that you might have.

Middlebury Google Apps Issues (Resolved)

At 3:07pm (ET) Google made us aware they they were investigating issues with Google Drive and related services like Docs, Sheets, and Slides. These issues affected all Google Apps customers, not just Middlebury. As of 5:37pm (ET), Google Apps services appear to be back up.

Google’s official Apps status updates can always be found here: http://www.google.com/appsstatus#hl=en&v=status

This post has been updated because the issues have been resolved. Thanks for your patience!

Incoming Email Services Disruption (Resolved)

Please note that there was an unexpected disruption to Middlebury’s incoming email services this morning. The issue has since been resolved. Please see below for more details.

Between 8:30 AM and 10:00 AM (ET), Middlebury’s email system was unable to receive incoming email sent from external addresses. Email messages sent to @middlebury.edu and @miis.edu email addresses from external addresses were rejected by Middlebury’s email servers. External senders would have received a “Non-Deliverable Notice” notifying them of the problem. Internal email messages, i.e. messages sent from @middlebury.edu or @miis.edu addresses, were not impacted.

The problem was corrected at approximately 10:00 AM (ET). External senders should be advised to resend messages that were rejected before the problem was resolved.

Middlebury Security Alert for iOS Users

Middlebury ITS Information Security is currently investigating indications that members of the Middlebury community are using iOS apps infected with the recently discovered XCodeGhost malware.

XCodeGhost-infected apps can potentially steal private information and even launch phony authentication dialogues that can be used to attempt to steal usernames and passwords. Despite this capability, no information has yet come to light indicating that the infected apps were used for malicious purposes, such as harvesting personally identifiable information or stealing passwords

The majority of the XCodeGhost-infected apps were authored by Chinese developers who were tricked into downloading fake Apple development libraries. Therefore, the greatest impact of the XCodeGhost appears to be in China.  Some apps have been identified, however, that have world-wide use, including WeChat, Baidu, and others.

If you have an iOS device, our recommendation is that you remove from the device any apps known to be compromised with XCodeGhost. Download and reinstall the app from the Apple App Store once a fixed version has been made available.

A list of known bad apps can be found here: http://www.apple.com/cn/xcodeghost/#english

Additional details on XCodeGhost can be found here: https://labs.opendns.com/2015/09/21/xcodeghost-materializes/

Questions regarding this security alert may be directed to infosec@middlebury.edu.

Improved Filtering of SPAM and Phishing Email

ITS has begun enabling new, proactive anti-spam and anti-phishing email filters intended to improve the filtering of unsolicited and unwanted messages, by leveraging external reputation-based lists of email servers that have been flagged for sending spam and/or malicious email.

We’ve had the new filters in “Tag” mode since October 2014, so we’re confident that they are accurate and we’ll be closely monitoring incoming mail queues during the days after the change. Still, there is a possibility that someone trying to sending you email will have their message blocked, if their email servers have been flagged for sending spam and/or malicious email. The sender, in such cases, will receive an email advising them that their message could not be delivered.

If you encounter such as scenario, (i.e. a legitimate sender is trying to email you, but the message is being blocked by Middlebury’s email servers), or you have noticed legitimate messages recently having been incorrectly tagged as [SPAM?], please contact the ITS Help Desk at helpdesk@middlebury.edu and we will help you identify and resolve the issue.

General questions about this change may be directed to infosec@middlebury.edu.

Sophos Anti-Virus Updates to 10.3.x – Restart Required

College-managed Windows computers which have Sophos EndPoint Security suite installed have automatically received a Sophos update to version 10.3.x. This update requires a reboot of the computer to complete.

Middlebury’s software management application, (KACE), may display a “desktop alert” message requesting that your computer be rebooted to complete the Sophos update. This is a legitimate and valid alert! If you see this KACE “desktop alert” message, please save your files and restart your computer as soon as possible, thank you.

Questions related to this update may be directed to infosec@middlebury.edu.