Chris Norris

Posts by Chris Norris

 
 
 

Security Note – ‘Shellshock’ Vulnerability

Categories: Midd Blogosphere

As you may have read in mainstream news media outlets, a vulnerability was recently discovered in the Bourne Again Shell component of the Linux operating system. This vulnerability could allow an attacker to execute shell commands through the shell environmental variables. It has also been leveraged for denial of service attacks and other malicious activity.

ITS has already patched relevant local systems and is expecting vendors to patch any relevant externally-hosted systems. There is no evidence to suggest that Middlebury assets have been compromised.

More information about the vulnerability is available on the ITS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/486102/original/middlebury_threat_bulletin_shellshock.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

Security Note – Internet Explorer Zero-Day Bug

Categories: Midd Blogosphere

As you may have read in mainstream news media outlets, a security vulnerability was recently discovered in Internet Explorer which could allow a remote attacker to execute code on a compromised system. This vulnerability is being actively exploited through Flash-enabled web sites. The vulnerability allows an attacker to execute code on the compromised system and gain access with the same level of permissions as the system user.

Microsoft is releasing patches to address this vulnerability. Middlebury’s network has enhanced security protections already in place.

Here are some protective steps that you can take on your own:

More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/476056/original/middlebury_ie_zeroday.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

Security Note – Internet Explorer Zero-Day Bug

Categories: Midd Blogosphere

As you may have read in mainstream news media outlets, a security vulnerability was recently discovered in Internet Explorer which could allow a remote attacker to execute code on a compromised system. This vulnerability is being actively exploited through Flash-enabled web sites. The vulnerability allows an attacker to execute code on the compromised system and gain access with the same level of permissions as the system user.

Microsoft is releasing patches to address this vulnerability. Middlebury’s network has enhanced security protections already in place.

Here are some protective steps that you can take on your own:

  • Patch your vulnerable Windows systems.
  • Use a different web browser like Firefox, Safari, or Chrome.
  • Disable  the  Flash  plug-in  in  Internet  Explorer.

More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/476056/original/middlebury_ie_zeroday.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

Security Note – OpenSSL ‘Heartbleed’ Vulnerability

Categories: Midd Blogosphere

As you may have read in mainstream news media outlets, a vulnerability was recently discovered in certain versions of OpenSSL which could allow a remote attacker access to sensitive data on certain types of servers.

LIS has already patched relevant local systems and is working with vendors to ensure that any relevant externally-hosted systems are similarly patched. There is no evidence to suggest that Middlebury account credentials have been compromised.

More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/475111/original/middlebury_threat_bulletin_openssl_heartbleed.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

New sign-in page for Middlebury Google Apps coming soon

Categories: Midd Blogosphere

Google has announced that all Google Apps services are getting a new sign-in page. This change will be rolled out to the Middlebury Google Apps instance by March 1st, 2014.

The new sign-in page requires users to sign in with their full email address, like this…

gapps_signin_new

The new sign-in page is intended to provide a streamlined and cohesive sign-in experience for all users, an account chooser that makes it easy to switch between Google accounts, and security enhancements, including advanced bot detection and improved account hijacking protection.

If you have any questions about this change, please comment below or email gadmin@middlebury.edu.

Regards,
The Middlebury Google Admin Team
(Chris)

Gartner Technology Research Access for Middlebury

Categories: Midd Blogosphere

The Middlebury campus community can find out what’s happening with global IT trends with access to research, news analysis and trends from Gartner Inc.

Gartner, Inc. (NYSE: IT) is the world’s leading information technology research and advisory company. Middlebury has a campus subscription to Gartner’s online research database. To access Gartner, simply visit http://go.middlebury.edu/gartner-login and authenticate using your Middlebury username and password.

Students can benefit by using Gartner to find research for assignments, learn where IT is headed and how it will shape our world, discover an area of interest, or even get ideas on careers. Gartner research enriches the educational experience by providing timely, objective real-world examples and content.

Faculty & Staff can benefit by using Gartner to stay current on IT industry trends. Gartner provides insight to the application of technology to real-world problems and enables understanding of the long-term trends and issues that current and future IT decision makers will face.

Should you have any problems accessing this resource or have any questions pertaining to Gartner research, please contact Chris Norris.

Interested in the most current and cutting edge information about technology?

Categories: Midd Blogosphere

The Middlebury campus community can find out what’s happening with global IT trends with access to research, news analysis and trends from Gartner Inc.

Gartner, Inc. (NYSE: IT) is the world’s leading information technology research and advisory company. Gartner delivers technology-related insight that helps clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is a valuable partner to 60,000 clients in 11,000 distinct organizations. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has 4,400 associates, including 1,200 research analysts and consultants, and clients in 85 countries.

Students can benefit by using Gartner to find research for assignments, learn where IT is headed and how it will shape our world, discover an area of interest, or even get ideas on careers. Gartner research enriches the educational experience by providing timely, objective real-world examples and content.

Faculty & Staff can benefit by using Gartner to stay current on IT industry trends. Gartner provides insight to the application of technology to real-world problems and enables understanding of the long-term trends and issues that current and future IT decision makers will face.

The Gartner home page is the starting point to learn about which technologies are just hype, what innovations will change how people work and play, how current events will impact technology and business, and which issues keep IT leaders awake at night.

Gartner’s research is licensed for use and is accessible at no cost to our students, faculty and staff. To access Gartner, you’ll need to first authenticate using your Middlebury username and password at http://go.middlebury.edu/gartner-login.

(Middlebury username and password required)

Should you have any problems accessing this resource or have any questions pertaining to Gartner research, please contact Chris Norris in LIS Administration at cnorris@middlebury.edu.