Tags » LIS Staff Interest

 
 
 

Weekly Web Updates – July 6, 2015

Categories: Midd Blogosphere

Updates

Tweaks & Fixes

  • We have removed some extra markup from the Drupal RSS Page content type. There is no visual difference, but there had been some hidden content that included a link that directed people back to the same page they were already on. Google crawled this link and it had a minor impact on our site search engine optimization due to duplicate content being displayed.
  • We have updated the ROBOTS.txt file on public WordPress sites for both Middlebury and MIIS so that global media files (images, CSS, JavaScript) referenced by themes and plugins are allowed to be included in the index. Google changed their indexer to penalize pages that included references to resources that were being blocked by ROBOTS.txt.
  • Accessibility: we’ve added a hidden label to the Google Custom Search Engine fields that are embedded in Drupal site content, such as on the Helpdesk website. This is similar to the accessibility improvement that we made for the global search field in the top right.
  • Accessibility: the title of the section pages (e.g. ‘About Middlebury’, ‘Student Life’, ‘Sustainability’) is now included in the markup as text, in addition to the image used for the parallax effect as you scroll left-to-right in the waveform.

Systems Maintenance this Sunday, July 5th

Categories: Midd Blogosphere

During our regular maintenance window this Sunday, July 5th  we have the following activities scheduled:

 

  • The WAN circuit dedicated to the Video Conference network at the VT campus will be down for up to 10 minutes for maintenance between 6:00am and 6:30am EST. During maintenance active video conference sessions in VT, DC, and CA will be terminated and no new sessions will be able to be initiated. After maintenance the service will be back to normal operation.

 

We appreciate your patience as we continuously strive to keep our systems functioning optimally.

 

Regards,

Billy

 

 

Billy Sneed

ITS – Central Systems & Network Services

Middlebury College

Security Notice: Middleburry.org Typosquatting

Categories: Midd Blogosphere

Middlebury Information Security received information that fraudulent emails are being sent from a malicious domain, “middleburry.org”, to businesses that might provide equipment and supplies to Middlebury College.

The suspicious emails are crafted such that they appear to come from actual Middlebury College employees, though the contact information provided includes incorrect telephone numbers and email addresses.

Note that suspected bad actors are using a typosquatting technique – there are two R’s in “middleburry.org”, and Middlebury’s domain name ends in .edu, rather than .org.   Those details, however, are perhaps an easy thing to miss, especially at a quick glance.     ​

Efforts are underway to takedown the middleburry.org domain, and to suspend the domain holder’s email service.

Please contact InfoSec@middlebury.edu with questions.

Security Notification: Ransomware Delivered Through Phishing Attacks

Categories: Midd Blogosphere

A year ago the Internet saw a rash of malware known as ransomware. This malicious form of cyber attack is known for infecting a computer and encrypting a drive. The victim is then unable to recover their data until paying a ransom to the attacker. Middlebury, like many other institutions was not immune to this form of attack.

A week ago the FBI announced a new variant on a common form of these attacks known as CryptoWall. This form of ransomware is known to have four methods of infecting a computer.

  • Phishing: the attacker may lure a victim into downloading an infected attachment through a phishing campaign and thereby compromising the drive on their system.
  • Phishing: the attacker lures the victim into clicking on a link to a malicious web site where the victim unknowingly downloads the malicious software onto their system and compromises their drive.
  • Infected ad: the attacker posts and infected ad on a website which a user might click thereby causing the download of malicious software.
  • Compromised website: the attacker compromises a website so when a user visits the website they unknowingly download malicious software and compromise their system.

According to the FBI, by far the most common method of attack is phishing, particularly with attachments in the message.

What you can do to protect yourself:

  • Never open attachments or click links in emails that you do not recognize or trust.
  • Know what a phishing attack is and how to spot one. visit http://go.middlebury.edu/phish or http://phishing.org
  • If you think you have fallen for a phish change your password. then call x2200
  • If you believe you system is compromised, unplug it from the power and the network. Shut it down immediately. Do not worry about saving your work. then call x2200.
  • Backup your data routinely. If you save your data to Middfiles or your home directory it will be backed up automatically.
  • Never disable your antivirus software.
  • Send any suspect emails to phishing@middlebury.edu
  • Only download software from known vendor sites.
  • Don’t click on ads in web sites. Visit vendor websites directly.

Sources:

Weekly Web Updates – June 29, 2015

Categories: Midd Blogosphere

New Features

By default in WordPress you cannot add tags or categories to pages. These are only available for posts. We’ve added the Post Tags and Categories for Pages plugin. You can enable this to add tags and categories to your pages.

We had been using the ShareThis module for Drupal to provide share links for news stories on the Middlebury and MIIS websites. The ShareThis service provides reports on the number of shares to each platform, but we weren’t using the reports and the trackers that the service adds to do this were numerous. We’ve replaced ShareThis with the Drupal service_links module, which provides links to share content without third-party trackers. We’re still using ShareThis on the Museum of Art and 25th Reunion site, but will replace it with Service Links on those as well.

Updates

Tweaks and Fixes

  • An archive copy of the 2014-2015 Handbook site is now available as a PDF.
  • Fonts on the WRMC site have been normalized to use the Google Fonts EB Garamond, Arvo, and Paytone One, ensuring that the correct fonts are loaded on all platforms. The site had previously been using some fonts that were only available on Macs.
  • Fixed a CSS issue with the tabs below the scrolling banner on the MCSE site.

Issue with Network Drives on Windows

Categories: Midd Blogosphere

A problem occurred on June 25th that caused Windows computers to temporarily lose their network drive mapping when logging in. We have researched what may have caused this issue, and believe we have fixed it. Please call or email the Helpdesk (helpdesk@middlebury.edu) if you see any problem with your network drives the next time you login to your computer.

Systems Maintenance this Sunday, June 28th

Categories: Midd Blogosphere

During our regular maintenance window this Sunday, June 28th from 6 am – 10 am we have the following activities scheduled:

 

  • We will be moving telephone equipment starting at 6am. There will be an outage of telephone services lasting up to one hour while the equipment is being moved. The outage has the potential to include access to voicemail as well as incoming and outgoing calls across the Middlebury VT campus, Bread Loaf, and Snowbowl locations.

 

We appreciate your patience as we continuously strive to keep our systems functioning optimally.

 

Regards,

Billy

 

 

Billy Sneed

ITS – Central Systems & Network Services

Middlebury College