Chris Norris

Posts by Chris Norris

 
 
 

GO/phish

Categories: Midd Blogosphere

Early this morning, Middlebury experienced another email phishing attempt. The email message read like this:

— Message Start —

Warning !!!

Web administration has noticed your email was logged in in another location we advised that you change your PASSWORD to submit your new information CLICK HERE

Thank you for using our email.

Copyright ©2013 Email Helpdesk Centre.

— Message End —

Had you followed the CLICK HERE link in the phishing email, you might have seen another fraudulent Google form asking for your account credentials and other personal information.

Be advised that Google recently implemented security improvements to the Google Drive/Docs service that blocked the fraudulent form almost immediately. In addition, controls were enabled on our systems to block any additional matching messages from being delivered.

Still, if you suspect that you may have recently provided your Middlebury credentials to a fraudulent Google web form, you should immediately reset your password at go/activate and then contact the Helpdesk. If you become aware that your Middlebury account has been disabled, you must contact the Helpdesk to resolve.

It is important that community members keep themselves informed about these types of information security threats and be vigilant about protecting their credentials and personal information.

More information about safe computing practices is available at go/infosec and remember that you can report phishing attempts to phishing@middlebury.edu.

Re: EDUCAUSE Security Breach

Categories: Midd Blogosphere

Earlier today, we received notification from EDUCAUSE that they experienced a security breach in early February. We immediately changed our domain administration passwords for miis.edu and middlebury.edu, as recommended by EDUCAUSE. In addition, we have verified that our domain details for miis.edu and middlebury.edu are okay.

Any Middlebury and Monterey users who have an EDUCAUSE account and/or profile should immediately reset their EDUCAUSE passwords  and verify their account information at http://www.educause.edu.

–Chris
PS. If you cannot reach the EDUCAUSE website right now, you might try again in a little while after the initial rush to action has subsided.

Please review the statement from EDUCAUSE below;

February 19, 2013 – Garth Jordan, Vice President, Operations, of EDUCAUSE, issued the following statement with regard to a recent breach of EDUCAUSE servers by an unauthorized third party.

“On February 5th, EDUCAUSE discovered that the server that maintains the .edu domain information and our member profile information was breached. The breach may have compromised .edu domain passwords and information contained in individual EDUCAUSE website profiles, including names, titles, e-mail addresses, usernames, and passwords. Based on our investigation to date, we do not believe the breach included access to credit card data, financial accounts, or other sensitive information.

“EDUCAUSE took immediate steps to contain this breach and we are working with Federal law enforcement, investigators, and security experts to make sure this incident is properly addressed. Additional security measures have been implemented to help prevent any future occurrences.

“As a precaution, we are proceeding as though all individual EDUCAUSE website profiles and all .edu domain holders might have been impacted. We have notified via email all .edu domain holders and all individuals with website profiles about the breach and requested that they change their passwords. All that is required from those impacted by this breach is a password re-set.

“The threat of a breach is a constant business concern; no organization is immune from these illegal and harmful activities. Therefore, our priority remains ensuring the security and privacy of our members, domain holders, and everyone who relies on our services.”

For help with EDUCAUSE website profile password changes, please contact EDUCAUSE Member Services at info@educause.edu or +1-303-449-4430.

Re: EDUCAUSE Security Breach

Categories: Midd Blogosphere

Earlier today, we received notification from EDUCAUSE that they experienced a security breach in early February. We immediately changed our domain administration passwords for miis.edu and middlebury.edu, as recommended by EDUCAUSE. In addition, we have verified that our domain details for miis.edu and middlebury.edu are okay.

Any Middlebury and Monterey users who have an EDUCAUSE account and/or profile should immediately reset their EDUCAUSE passwords  and verify their account information at http://www.educause.edu.

–Chris
PS. If you cannot reach the EDUCAUSE website right now, you might try again in a little while after the initial rush to action has subsided.

Please review the statement from EDUCAUSE below;

February 19, 2013 – Garth Jordan, Vice President, Operations, of EDUCAUSE, issued the following statement with regard to a recent breach of EDUCAUSE servers by an unauthorized third party.

“On February 5th, EDUCAUSE discovered that the server that maintains the .edu domain information and our member profile information was breached. The breach may have compromised .edu domain passwords and information contained in individual EDUCAUSE website profiles, including names, titles, e-mail addresses, usernames, and passwords. Based on our investigation to date, we do not believe the breach included access to credit card data, financial accounts, or other sensitive information.

“EDUCAUSE took immediate steps to contain this breach and we are working with Federal law enforcement, investigators, and security experts to make sure this incident is properly addressed. Additional security measures have been implemented to help prevent any future occurrences.

“As a precaution, we are proceeding as though all individual EDUCAUSE website profiles and all .edu domain holders might have been impacted. We have notified via email all .edu domain holders and all individuals with website profiles about the breach and requested that they change their passwords. All that is required from those impacted by this breach is a password re-set.

“The threat of a breach is a constant business concern; no organization is immune from these illegal and harmful activities. Therefore, our priority remains ensuring the security and privacy of our members, domain holders, and everyone who relies on our services.”

For help with EDUCAUSE website profile password changes, please contact EDUCAUSE Member Services at info@educause.edu or +1-303-449-4430.

2013 NERCOMP Annual Conference – “Improvising the Future”

Categories: Midd Blogosphere

— From the EDUCAUSE web site —

This year’s annual NERCOMP conference, March 11-13, 2013 in Providence, Rhode Island, and online, will focus on “Improvising the Future.” In a time of perpetual change and when long range planning is difficult, we often cannot perform according to a set script or score; indeed, we find we must be agile and innovative enough to create new systems and processes to meet the expectations of our communities. We need to be able to improvise, collaborate with colleagues, and build on existing frameworks to arrive at creative solutions for the future.

Preconference seminars will be held in Providence Monday, March 11, with the full face-to-face and online conference programs March 12-13. Program sessions will focus on these key topic areas:

  • Corporate and Campus Solutions
  • IT Services: Support Models and Practices
  • Leadership and Organizational Development
  • Libraries and Scholarship in the 21st Century
  • Policy, Regulations, and Security
  • Systems and Solutions
  • Teaching and Learning

More information: http://www.educause.edu/nercomp-annual-conference

Middlebury Google Apps – Security Alert

Categories: Midd Blogosphere

Hello Middlebury Google Apps users,

While this is NOT a phishing message, it does relate to the general topic of phishing as it pertains to Middlebury’s Google Apps live pilot instance. Please read on for important information.

As you may be aware, LIS recently sent an email message to all students about an increase in the number of successful phishing attempts that are targeting middlebury.edu email addresses. In order to limit the number of compromised accounts from this most recent wave of phishing attempts, students were required to change their Middlebury password. This action has greatly reduced the number of compromised accounts, which is good!

However, we also discovered that a behavior of the Google Drive/Docs service may be causing our users to believe that certain fraudulent web forms, (such as the example screenshot below), are legitimate because the URL appears to be within our Middlebury Google Apps instance, to authenticated users.

These are NOT legitimate web forms! As standard practice, LIS does NOT request the type of information shown in the example below via Google web forms. Additionally, Google has advised that security improvements to the Google Drive/Docs service will soon be introduced to address this problem.

If you suspect that you may have recently provided your Middlebury credentials to a fraudulent Google web form, you should immediately reset your password at go/activate and then contact the Helpdesk.

If you become aware that your Middlebury account has been disabled, you must contact the Helpdesk to resolve.

It is also important that community members keep themselves informed about these types of information security threats and be vigilant about protecting their credentials and personal information. More information about safe computing practices is available at go/infosec.

EXAMPLE OF FRAUDULENT GOOGLE WEB FORM

MIDD-PHISH-WIN7-IE-400

Google Apps dropping support for IE8 on 11/15/2012

Categories: Midd Blogosphere

Internet Explorer 10 launches on 10/26/2012, and as a result, Google will discontinue support for Internet Explorer 8 shortly afterwards, on 11/15/2012. After this date users accessing Google Apps services using Internet Explorer 8 will see a message recommending that they upgrade their browser.

The latest versions of Google Chrome and Firefox are the recommended web browsers for Middlebury’s Google Apps instance.

Read more about this announcement from Google here.

Middlebury Google Apps: Drive = Documents

Categories: Midd Blogosphere

Over the next several weeks, Google is releasing Google Drive — the newest member of the Google Apps suite, where you can keep everything and share anything. Google Drive replaces and enhances what you know today as your Google documents list.

What is Google Drive? 

With Google Drive, you can securely upload any file or folder to the web and access the most up-to-date versions of those files from anywhere. You can access Google Drive in your web browser and can also download the Drive application to your Mac, PC, Android or iOS devices to seamlessly access files across any of these devices. You will have 5GB of included storage space for your Google Drive. For more information on Google Drive functionality, please see the product overview page or visit drive.google.com/start.

How will Google Drive be made available to Middlebury Google Apps?

Google Drive will become available on an opt-in basis over the next several weeks. Because Google is releasing Google Drive gradually, some users may not be able to get started immediately, but you can request to be notified when Google Drive is ready for you to opt in.

In the coming months, Google Drive will become the default and will replace the documents list as the way for users to access their files and documents. At this time, all users will have access to the desktop sync clients and mobile applications.

How is the Google Drive online interface different from my current Google documents list?

The Google Drive online interface looks similar to today’s Google documents list with a number of improvements, including new ways to organize your files and enhanced search functionality.

Learn more

To learn more about Google Drive functionality, please visit the Google Drive Help Center.

–Chris