Tags » Helpdesk Alerts

 
 
 

Alert Regarding New Phishing Emails

Categories: Midd Blogosphere

We have been alerted to some new phishing emails which have been received here at Middlebury. One example is:

Subject: (IRS) Identity Protection
To:
Internal Revenue Service.
Your 2014 1098-T tax Form is now available electronically on Banner Self-Service.

Update your IRS E-file immediately, click here to –
For your protection, this link would expire in six hours.

These messages are NOT legitimate. Please do NOT click on the provided link or disclose any information to the Google form linked to from the message. These messages can be very cleverly disguised, but we will NEVER ask for any identification information via email, so always remain wary of any such email. More information is available at http://go.middlebury.edu/phish

Sunday morning maintenance May 18, 2014

Categories: Midd Blogosphere

This Sunday morning between 8 and 10 am we will be upgrading three of our sites from Drupal 6 to Drupal 7. The three sites are:

  • Davis Projects for Peace: http://www.davisprojectsforpeace.org
  • Davis United World Scholars: http://www.davisuwcscholars.org
  • Middlebury College Museum of Art: http://museum.middlebury.edu

Each of these sites will experience a period of 10-20 minutes during which it will not be usable.

There will also be a short period of under one minute during each upgrade when file assets on the other Drupal 7 sites may not be available. These sites include:

  • Davis Fellows for Peace: http://www.davisfellowsforpeace.org
  • Secure Forms for Middlebury: https://forms.middlebury.edu
  • Secure Forms for MIIS: https://forms.miis.edu

We do not anticipate any impact on other services.

Security Note – Internet Explorer Zero-Day Bug

Categories: Midd Blogosphere

As you may have read in mainstream news media outlets, a security vulnerability was recently discovered in Internet Explorer which could allow a remote attacker to execute code on a compromised system. This vulnerability is being actively exploited through Flash-enabled web sites. The vulnerability allows an attacker to execute code on the compromised system and gain access with the same level of permissions as the system user.

Microsoft is releasing patches to address this vulnerability. Middlebury’s network has enhanced security protections already in place.

Here are some protective steps that you can take on your own:

More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/476056/original/middlebury_ie_zeroday.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

Security Note – Internet Explorer Zero-Day Bug

Categories: Midd Blogosphere

As you may have read in mainstream news media outlets, a security vulnerability was recently discovered in Internet Explorer which could allow a remote attacker to execute code on a compromised system. This vulnerability is being actively exploited through Flash-enabled web sites. The vulnerability allows an attacker to execute code on the compromised system and gain access with the same level of permissions as the system user.

Microsoft is releasing patches to address this vulnerability. Middlebury’s network has enhanced security protections already in place.

Here are some protective steps that you can take on your own:

  • Patch your vulnerable Windows systems.
  • Use a different web browser like Firefox, Safari, or Chrome.
  • Disable  the  Flash  plug-in  in  Internet  Explorer.

More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/476056/original/middlebury_ie_zeroday.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

Security Note – OpenSSL ‘Heartbleed’ Vulnerability

Categories: Midd Blogosphere

As you may have read in mainstream news media outlets, a vulnerability was recently discovered in certain versions of OpenSSL which could allow a remote attacker access to sensitive data on certain types of servers.

LIS has already patched relevant local systems and is working with vendors to ensure that any relevant externally-hosted systems are similarly patched. There is no evidence to suggest that Middlebury account credentials have been compromised.

More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/475111/original/middlebury_threat_bulletin_openssl_heartbleed.pdf

If you have specific questions, please feel free to email infosec@middlebury.edu.

Sunday morning maintenance

Categories: Midd Blogosphere

This Sunday morning between 7 and 10 am we will be performing some fine-tuning of our Internet gateway routers and firewalls that will include some Internet routing prioritization and optimization as well as some firewall configuration changes.  We do not expect any noticeable interruptions of services but are performing this during our maintenance window as a precaution.

Sunday morning maintenance

Categories: Midd Blogosphere

Between 7 and 9 am we will be upgrading our Internet firewalls.  While the Internet firewalls are a pair with failover, there can be an up to 30 second interruption of service as each failover takes place.  We are expecting 3 less than 30 second Internet service interruptions during this period.

Between 8 and 10 am we will be re-routing connectivity to a specialized video conferencing network segment, the video conferencing service will be off-line during much of this window.

Between 8 and 9:30 am we will be upgrading Web Help Desk, there will be a less than 10 minute service interruption during this period.