During our regular maintenance window this Sunday, July 5th we have the following activities scheduled:
- The WAN circuit dedicated to the Video Conference network at the VT campus will be down for up to 10 minutes for maintenance between 6:00am and 6:30am EST. During maintenance active video conference sessions in VT, DC, and CA will be terminated and no new sessions will be able to be initiated. After maintenance the service will be back to normal operation.
We appreciate your patience as we continuously strive to keep our systems functioning optimally.
ITS – Central Systems & Network Services
Middlebury Information Security received information that fraudulent emails are being sent from a malicious domain, “middleburry.org”, to businesses that might provide equipment and supplies to Middlebury College.
The suspicious emails are crafted such that they appear to come from actual Middlebury College employees, though the contact information provided includes incorrect telephone numbers and email addresses.
Note that suspected bad actors are using a typosquatting technique – there are two R’s in “middleburry.org”, and Middlebury’s domain name ends in .edu, rather than .org. Those details, however, are perhaps an easy thing to miss, especially at a quick glance.
Efforts are underway to takedown the middleburry.org domain, and to suspend the domain holder’s email service.
Please contact InfoSec@middlebury.edu with questions.
A year ago the Internet saw a rash of malware known as ransomware. This malicious form of cyber attack is known for infecting a computer and encrypting a drive. The victim is then unable to recover their data until paying a ransom to the attacker. Middlebury, like many other institutions was not immune to this form of attack.
A week ago the FBI announced a new variant on a common form of these attacks known as CryptoWall. This form of ransomware is known to have four methods of infecting a computer.
- Phishing: the attacker may lure a victim into downloading an infected attachment through a phishing campaign and thereby compromising the drive on their system.
- Phishing: the attacker lures the victim into clicking on a link to a malicious web site where the victim unknowingly downloads the malicious software onto their system and compromises their drive.
- Infected ad: the attacker posts and infected ad on a website which a user might click thereby causing the download of malicious software.
- Compromised website: the attacker compromises a website so when a user visits the website they unknowingly download malicious software and compromise their system.
According to the FBI, by far the most common method of attack is phishing, particularly with attachments in the message.
What you can do to protect yourself:
- Never open attachments or click links in emails that you do not recognize or trust.
- Know what a phishing attack is and how to spot one. visit http://go.middlebury.edu/phish or http://phishing.org
- If you think you have fallen for a phish change your password. then call x2200
- If you believe you system is compromised, unplug it from the power and the network. Shut it down immediately. Do not worry about saving your work. then call x2200.
- Backup your data routinely. If you save your data to Middfiles or your home directory it will be backed up automatically.
- Never disable your antivirus software.
- Send any suspect emails to email@example.com
- Only download software from known vendor sites.
- Don’t click on ads in web sites. Visit vendor websites directly.
We’re pleased to announce that Middlebury College users now have access to extensive manuscripts, newspapers, periodicals, documents, photographs, and some short films covering the history of indigenous peoples in North America –
We have also extended our access to the archive of the Times of London, which now includes through 2009.
Both of these and other primary source databases can be cross-searched simultaneously on Gale’s Artemis platform –
By default in WordPress you cannot add tags or categories to pages. These are only available for posts. We’ve added the Post Tags and Categories for Pages plugin. You can enable this to add tags and categories to your pages.
We had been using the ShareThis module for Drupal to provide share links for news stories on the Middlebury and MIIS websites. The ShareThis service provides reports on the number of shares to each platform, but we weren’t using the reports and the trackers that the service adds to do this were numerous. We’ve replaced ShareThis with the Drupal service_links module, which provides links to share content without third-party trackers. We’re still using ShareThis on the Museum of Art and 25th Reunion site, but will replace it with Service Links on those as well.
Tweaks and Fixes
- An archive copy of the 2014-2015 Handbook site is now available as a PDF.
- Fonts on the WRMC site have been normalized to use the Google Fonts EB Garamond, Arvo, and Paytone One, ensuring that the correct fonts are loaded on all platforms. The site had previously been using some fonts that were only available on Macs.
- Fixed a CSS issue with the tabs below the scrolling banner on the MCSE site.
A problem occurred on June 25th that caused Windows computers to temporarily lose their network drive mapping when logging in. We have researched what may have caused this issue, and believe we have fixed it. Please call or email the Helpdesk (firstname.lastname@example.org) if you see any problem with your network drives the next time you login to your computer.
Why Elon Musk’s SpaceX is even cooler than Tesla – Environmentally friendly cars are important, but Elon Musk’s SpaceX may have an even bigger impact on our lives.
A photo SpaceX released of one of the launches of Falcon 9, which left Earth just before sunset in early 2015.