Tags » Middlebury Community Interest

 
 
 

Security Notice: Middleburry.org Typosquatting

Categories: Midd Blogosphere

Middlebury Information Security received information that fraudulent emails are being sent from a malicious domain, “middleburry.org”, to businesses that might provide equipment and supplies to Middlebury College.

The suspicious emails are crafted such that they appear to come from actual Middlebury College employees, though the contact information provided includes incorrect telephone numbers and email addresses.

Note that suspected bad actors are using a typosquatting technique – there are two R’s in “middleburry.org”, and Middlebury’s domain name ends in .edu, rather than .org.   Those details, however, are perhaps an easy thing to miss, especially at a quick glance.     ​

Efforts are underway to takedown the middleburry.org domain, and to suspend the domain holder’s email service.

Please contact InfoSec@middlebury.edu with questions.

Security Notification: Ransomware Delivered Through Phishing Attacks

Categories: Midd Blogosphere

A year ago the Internet saw a rash of malware known as ransomware. This malicious form of cyber attack is known for infecting a computer and encrypting a drive. The victim is then unable to recover their data until paying a ransom to the attacker. Middlebury, like many other institutions was not immune to this form of attack.

A week ago the FBI announced a new variant on a common form of these attacks known as CryptoWall. This form of ransomware is known to have four methods of infecting a computer.

  • Phishing: the attacker may lure a victim into downloading an infected attachment through a phishing campaign and thereby compromising the drive on their system.
  • Phishing: the attacker lures the victim into clicking on a link to a malicious web site where the victim unknowingly downloads the malicious software onto their system and compromises their drive.
  • Infected ad: the attacker posts and infected ad on a website which a user might click thereby causing the download of malicious software.
  • Compromised website: the attacker compromises a website so when a user visits the website they unknowingly download malicious software and compromise their system.

According to the FBI, by far the most common method of attack is phishing, particularly with attachments in the message.

What you can do to protect yourself:

  • Never open attachments or click links in emails that you do not recognize or trust.
  • Know what a phishing attack is and how to spot one. visit http://go.middlebury.edu/phish or http://phishing.org
  • If you think you have fallen for a phish change your password. then call x2200
  • If you believe you system is compromised, unplug it from the power and the network. Shut it down immediately. Do not worry about saving your work. then call x2200.
  • Backup your data routinely. If you save your data to Middfiles or your home directory it will be backed up automatically.
  • Never disable your antivirus software.
  • Send any suspect emails to phishing@middlebury.edu
  • Only download software from known vendor sites.
  • Don’t click on ads in web sites. Visit vendor websites directly.

Sources:

Friday Links – June 26, 2015

Categories: Midd Blogosphere

Why Elon Musk’s SpaceX is even cooler than Tesla – Environmentally friendly cars are important, but Elon Musk’s SpaceX may have an even bigger impact on our lives.

SpaceX

A photo SpaceX released of one of the launches of Falcon 9, which left Earth just before sunset in early 2015.

Moodle Maintenance on Friday, June 5th

Categories: Midd Blogosphere

From Remote-Learner, our Moodle Host:

http://moodle.middlebury.edu has been scheduled for Production Upgrade at 01:00 EDT on 5-JUN-2015.

Your site may be unavailable for up to 120 minutes while this action occurs.

Thank you,
RemoteLearner

Friday Links – May 28, 2015

Categories: Midd Blogosphere

An exciting example of where a liberal arts education can take you: the Icahn School of Medicine at Mount Sinai has a program to enroll liberal arts students who “show promise for developing into compassionate and humanistic physicians” (Mt. Sinai, 2015). In an NPR article, Dr. David Muller, the dean of the school, asserts that “[s]cience is the foundation of an excellent medical education, but a well-rounded humanist is best suited to make the most of that education.” Read the NPR article here
http://www.npr.org/sections/health-shots/2015/05/27/407967899/a-top-medical-school-revamps-requirements-to-lure-english-majors or jump straight to the program page at Mt. Sinai here https://icahn.mssm.edu/departments-and-institutes/psychiatry/newsletter/humanities-and-medicine-early-assurance-program-at-mount-sinai-accepts-liberal-arts-students-into-medical-school

Einstein’s papers now digitized and online!

Key Survey Scheduled Maintenance – Sunday, May 31

Categories: Midd Blogosphere

KeySurvey Logo

The following information is relevant to anyone who uses Key Survey to create and distribute surveys, as well as survey respondents.

From: WorldAPP Customer Care
Sent: Thursday, May 28, 2015 1:02 PM
Subject: WorldAPP Maintenance Notification

Key Survey & Form.com will be undergoing maintenance between 1am and 3am EDT on Sunday, 31st May.

As part of our commitment to enhance our services and improve reliability, we need to schedule a short maintenance period this weekend to replace some elements of our production environment.

During the maintenance period both the Form.com and Key Survey applications will be unavailable, with respondents directed to a maintenance page.

Further information and updates will be posted to our community pages.
Sincerely,
WorldAPP Customer Care Team

Key Survey / WorldApp Update: Message from the CEO

Categories: Midd Blogosphere

Here is the message sent by the CEO of WorldApp, Inc. concerning last Friday’s Key Survey down time.  (Key Survey is a software program used to create and distribute surveys, as well as collect & analyze responses.)

KeySurvey Logo

From: Oleg Matsko
Sent: Monday, May 18, 2015 9:36 AM
Subject: An update on Friday’s disruption – a message from our CEO

Last Friday’s issues have been some of the most severe issues to affect WorldAPP since we launched Key Survey in 2002. As CEO, I take immense pride in serving organizations across the world in fulfilling their requirements and I feel immensely sorry and hurt that we let those customers down. As such, I feel it is only right that we be completely open, honest and transparent about what happened, and what we are doing to make sure it doesn’t happen again.

A few weeks ago we noticed that one of the storage components of our production environment had started to fail. This in itself doesn’t cause an immediate issue, our production environment is built with multiple layers of redundancy, and despite one of the critical elements of this environment not functioning, our applications continued to work in the manner they should, without any impact on availability. It is important though that when these issues occur, we rectify them as quickly as we can, so that should other components of our environment fail, there isn’t any impact on service.

So for the past few weeks we have been preparing our secondary storage components to take over, allowing us to complete the necessary works on the primary components. Our applications collect a lot of data, in fact the equivalent of 11,000 pages of paper an hour, and this amount of data takes a lot of time to transfer. In an absolutely emergency we can complete this transfer in about 12 hours, but as our primary setup was still stable, and the risks of transferring such a huge amount of data in a relatively short amount of time being quite high, we took our time and completed this transfer over a period of a few weeks.

This transfer was completed on Thursday evening, our secondary storage components went live without issue, and our primary storage components were taken offline to allow the required maintenance to be completed. For a few hours, everything worked fine, and then at around 08:00 EDT on Friday morning, without notice our secondary storage components failed. At the moment, the reason why they failed is still unclear, there doesn’t appear to be an obvious cause. We will work hard with our infrastructure partners, to find out why this happened – but the most important thing for us to do on Friday was to get our applications back online.

Key Survey and Form.com are incredibly large and complex applications, and restarting them isn’t a simple operation. The applications are made up of many separate modules, each relating to an area of their functionality, such as reporting, voting or our API. The effort required to restart them is large, so much so that they cannot all be restarted at once. As such, modules were restarted individually, in order of priority. Our main Key Survey and Form.com environments were operational by 15:00 EDT, with all of our reporting modules online by 21:30 EDT and specific instances of our applications for individual customers back online by 00:30 EDT on Saturday morning.

As a result of Friday’s disruption, I have instructed our teams to rebuild our storage infrastructure to include additional layers of redundancy with built in instant failover capabilities. This is no easy challenge, implementing this infrastructure and migrating all our applications will take about a week, but we should be able to complete this without additional disruption. Once these changes are implemented, we will be able to recover our systems in a matter of minutes. This is in addition to the construction of the remote disaster recovery infrastructure which is already underway and estimated to be completed early next year.

Unfortunately, until these changes have been completed, our secondary storage components could fail again, and this leaves us in a precarious position. Whilst the probability of such a failure is low, and we have taken all possible precautions to ensure it doesn’t reoccur, our teams are prepared to restore services as quickly as possible in the event of a second failure. As the amount of data that is migrated to the new infrastructure increases throughout the week, the amount of time to restore services in the event of an issue reduces. This does mean though that should a similar issue occur early this week, we could experience a similar outage as to what happened on Friday.

As mentioned, I want to be transparent about the challenges we face, and honest about what could happen while we take steps to improve our services. We will let you know as soon as this new environment is fully functional and we can be sure that such issues do not cause as much disruption as they have. In the meantime our team are working diligently to monitor and manage our applications to avoid such issues, and are prepared to restore services as quickly as possible in the event of a reoccurrence of Friday’s troubles. I can also assure you that we will investigate thoroughly what caused these components to fail, but for the time being I want to concentrate all our resources on implementing these changes and improving our service to you.

We will support you as much as we can as a result of this disruption – if there is anything WorldAPP can do to assist you from work you weren’t able to complete last week, such as building surveys, forms or reports, please let your account manager know. We’ll endeavour to accommodate as many requests as we can.

Once again I would like to reiterate my thanks for your patience and understanding, and my genuine sorrow that we have let you down. WorldAPP have been a trusted provider of survey, forms and inspection solutions for over 12 years now, and I hope my explanation of what happened, and assurances of the actions we’re taking to ensure it doesn’t happen again, go some way to rebuilding that trust.

Sincerely,
Oleg Matsko
CEO
WorldAPP, Inc.
161 Forbes Rd Ste 300, Braintree, MA, 02184, US