Posts by Ian Burke

 
 
 

Cyber Security Awareness Month Event Today

Categories: Midd Blogosphere

Just a reminder that LIS and the LIS Security Team are hosting a day of speakers starting at 9:00 in McCullough Social Space. Come enjoy the event and learn how to protect yourself against cyber threats. more information at http://go.middlebury.edu/CSAM.

Cyber Security Awareness Month

Categories: Midd Blogosphere

Come listen to experts from across the State speak on new technologies and security topics that impact all of us in our daily lives. Learn how you can fall victim to identity theft. Hear how Google Glass could be the next great technology wave and the next great technology threat. This full day event in Middlebury’s McCullough Social Space will run from 9:00 AM to 4:00 PM on October 9th. For more information please visit http://go.middlebury.edu/CSAM.

Open RoadShow on Information Security

Categories: Midd Blogosphere

LIS Information Security and the LIS Security Team will be hosting a lunch time RoadShow on information security and basic ways to protect yourself while working on Internet connected computers. This discussion is open to the full College community. Please join us Aug. 28th at noon in Davis Family Library room 145. For more information please visit: http://www.middlebury.edu/offices/technology/infosec/education/CBT/RoadShow

Sunday Morning Maintinance

Categories: Midd Blogosphere
This Sunday morning we will be making some modifications to our network security equipment. This will result in a couple of brief interruptions of a few minutes or less to our internet connection. This work will be completed approximately 6:30 to 7:00 in the morning EDT.

FakeAV a leading threat in 2013

Categories: Midd Blogosphere

What is FakeAV: FakeAV is a virus designed to look like real anti-virus software in the hopes that the victim will click a link and download a malicious package. The malware often does not stop there. Many FakeAV packages continue the con by disabling true anti-virus packages claiming that they are harming the system they are intended to protect. These viruses come in many forms but are well crafted to present like a trusted virus prevention source.

Read more about FakeAV at: http://www.middlebury.edu/offices/technology/security/InfosecArticle. 

Learn more about security threats and awareness at http://go.middlebury.edu/infosec

 

FakeAV a leading threat in 2013

Categories: Midd Blogosphere

What is FakeAV: FakeAV is a virus designed to look like real anti-virus software in the hopes that the victim will click a link and download a malicious package. The malware often does not stop there. Many FakeAV packages continue the con by disabling true anti-virus packages claiming that they are harming the system they are intended to protect. These viruses come in many forms but are well crafted to present like a trusted virus prevention source.

Read more about FakeAV at: http://www.middlebury.edu/offices/technology/security/InfosecArticle. 

Learn more about security threats and awareness at http://go.middlebury.edu/infosec

 

Phishing on campus!

Categories: Midd Blogosphere

Over the last week Middlebury experienced a dramatic increase in the number of successful phishing attacks that resulted in Middlebury user accounts being compromised. A phishing attack is the effort of maliciously using email or a web site to try to unwittingly gain information about another individual. These recent attacks resulted in two distinct outcomes. The first was that many of these accounts were leveraged to generate large amounts of spam. The second result from these compromised accounts is that the attackers attempted to connect to the Middlebury network with the exposed user’s credentials.

This past week many individuals across our campus received an email that looked similar to the one below:

————————————–

Message with “Middlebury” as the display name

 

Dear Member,

You Have 1 New Message

Click here to read

Sincerely,
Middlebury Webmail Service

————————————

The link in this message redirected people to copy of the Middlebury CAS Logon page. Two important things to know about email from Middlebury IT Services. First, Library and Information Services will never ask for your user credentials in an email. Second, if you find yourself on any web page that is asking for credentials, always verify the address in your web browser’s address bar, to ensure that the web page is where you really want to be. Just because a web page has the Middlebury logo does not mean it is always a Middlebury web site.

To protect against phishing remember the following rules:

  1. Never click on any links in a suspicious email.
  2. If you ever receive an unsolicited email  and you do not recognize the sender delete the message.
  3. If you receive an email that requests your credentials or asks you to click a link which takes you to a web site that requests your credentials, do not click the link but rather go to the web site through the institution home page, Middlebury.edu for example.
  4. If you suspect an email is fraudulent delete the message.
  5. If you ever have questions regarding phishing or the content of an email call the Helpdesk.

The Helpdesk will help you determine if the email is legitimate. Please do NOT click on any links in a suspect email message.

If you suspect that you may have recently provided your Middlebury credentials to a fraudulent web site or email address, you should immediately reset your password at go/activate and then contact the Helpdesk.

If you become aware that your Middlebury account has been disabled, you must contact the Helpdesk to resolve.

More information is available at the Middlebury College Information Security web site at go/infoSec or contact the InfoSec office at infosec@middlebury.edu.

 

Ian Burke

Network Security Administrator

Middlebury College

infosec@middlebury.edu