Several members of our community have recently reported being prompted to install MacKeeper on their Apple computers running Mac OS X. MacKeeper is malicious software of the adware variety. While MacKeeper offers legitimate services for a fee, it also opens security holes in your system that can introduce other forms of malware and adware which cause problems for your web browser and OS X operating system, such as performance or integrity issues. Do Not install MacKeeper!
MacKeeper is offered by the company Kromtech (formerly ZeoBIT) and has been identified in issues such as fraudulent installs masquerading as other anti-virus applications such as ClamXav. MacKeeper is also known for predacious distribution practices employing other adware to market and distribute their product through pop-up ads. It has also been used to distribute other malware exploits such as OS X/Agent-ANTU as reported by researchers at BAE and Sophos.
If you suspect that you may have installed MacKeeper please contact the Help Desk at x2200 for help removing this software.
Mobile devices have become one of the primary ways that we communicate and interact with each other. Powerful computers now fit in our pockets and on our wrists, allowing us to bank, shop, view our medical history, work remotely, and communicate from virtually anywhere. With all this convenience comes added risk, so here are some tips to help secure your devices and protect your personal information.
Password-protect your devices. Protect the data on your mobile device and enable encryption by enabling passwords, PINs, fingerprint scans, or other forms of authentication. On most current mobile operating systems you have the option to encrypt your data when you have a password turned on. Turn it on!
Secure those devices and backup data. Make sure that you can remotely lock and/or wipe each mobile device. That also means you should back up your data on each device in case you need to use the remote wipe function. Services such as iCloud, OneDrive, and Google offer device location, wipe and backup services.
Verify app permissions. Don’t forget to review which privacy-related permissions each application is requesting, before installing it. Be cautious of fake applications masquerading as legitimate programs by verifying that the application is from a reputable source, such as the Apple Apps Store, Microsoft’s Store, or Google’s Play Store. Occasionally, applications in the official stores can include malware. Read reviews and descriptions carefully. Only install applications that you need. Remove applications that you are no longer using.
Update operating systems. Security fixes or patches for mobile devices’ operating systems are often included in these updates. Just like patching a computer, iOS, Android, and Windows Mobile all need to be patched and kept current.
Be cautious of public Wi-Fi hotspots. When using your mobile device, watch for connections to public hotspots. Many mobile devices will automatically connect to hotspots and prioritize data transmission over Wi-Fi by default. Verify that your settings require manually selecting hotspots if possible. Working with sensitive data while connected to a public hotspot could lead to unintended data exposure. Always ensure that you are using a secure connection.
A new phishing attack is hitting the campus with a subject line of, “Your email id”. Delete this message if you see it. Do NOT click any links in this message. If you believe you have fallen for this fishing attack:
This malicious email would have looked similar to the message below.
Subject: Your email id
Your?mail Id has used 91% of its allowable storage space.?Once your account exceeds the allowable storage space you will be unable to receive any email.?Click?Resolve?to login to your account and resolve this issue.
You No Longer Need to Wait Five Minutes to See Your Drupal Changes (Most of the Time)
When you save content, save page settings, or create new content, that change will now immediately appear for everyone browsing the site, whether they are logged in or not. We use a caching service named Varnish that takes the rendered output from Drupal and keeps it in memory for five minutes. Everyone who is not logged in visiting the site (if you’re logged in you will always get an un-cached copy) will get the copy of the page from Varnish within that five minute window, meaning Drupal doesn’t need to use resources recreating the page for each visitor. After five minutes, the next person to request that page will get it from Drupal and Varnish will update its cache with the new copy.
Now, when you update or create new content on many of our Drupal sites, Varnish will be notified in the background that it should clear its cache and get the new copy of the page. So even if it’s only been a minute since the page was requested when you click the save button, the next visitor will get a fresh copy of the page from Drupal with your latest changes.
Unfortunately, this does not work for content displayed in page regions other than the main content area. If you update a sidebar item on a department homepage, the cache will only clear for that homepage, not all of the sub-pages on which the sidebar item might also appear. You’ll still need to wait the five minutes for that to happen.
We have only made this change to the Drupal sites where we run Monster Menus. Right now, that includes:
We will roll out a similar change to our other Drupal sites soon.
The Audio Player plugin for MediaWiki now works as intended.
Drupal webform radio and checkbox lists that are marked as required will now correctly show the red asterisk next to their field label when the field allows “Other…” as an option. It was missing, previously.
The Site Editor Log In link on the Middlebury Drupal site now appears in bright green on blue backgrounds, making it visible.