Tag Archives: Middlebury Community Interest

Issue RESOLVED – 503 errors when attempting to open links to websites sent via email

We are pleased to report that the Safe Links service issue is now resolved and we have re-enabled Safe Links. To recap, Safe Links provides extra protections for the Middlebury community from phishing attacks and other malicious email activity by providing time-of-click verification of web addresses (URLs) sent via email.

Thank you for your patience while we worked to resolve matters. Again, we apologize for the disruption.  Please contact the Help Desk if you have any outstanding issues or questions.

Kindly,

ITS Help Desk

Issue UPDATE – errors when attempting to open links to websites sent via email

Microsoft is making significant progress towards resolving the issue with the Safe Links service. In most all cases now, clicking on a link sent to you via email works on the first try. If it doesn’t work, you can typically try again, and the linked website will open.

We are sorry for this disruption in service and any inconvenience. Thank you once again for your patience. We will provide an update as soon as we have more information.

ISSUE – 503 errors when attempting to open links to websites sent via email

We are experiencing an issue with the Microsoft Safe Links service which means you may receive a “503” error if you attempt to click on a link someone outside the organization sent to you via email.

We are working closely with Microsoft to resolve this issue as swiftly as possible. Microsoft has confirmed that this is an issue with their service impacting customers globally. We do not currently have an estimated resolution time.

We have temporarily disabled Safe Links for new, incoming email messages. We will re-enable the Safe Links service after Microsoft has solved the problem.

We will provide an update as soon as we know more. We apologize for this disruption. Thank you for your patience.

Kindly,

ITS Help Desk

Attention VPN (Pulse Secure) Users!

On January 31, 2019, Information Technology Services (ITS) will enable a feature on the Virtual Private Network (VPN) system that will detect if your VPN software needs to be upgraded to the latest release. If an upgrade is indicated, you will see a popup window from the Pulse Secure VPN application informing you that “An upgrade is available for Pulse Secure.” Please click on “Upgrade” to complete the upgrade process. Keeping the client up to date will ensure that all security updates have been applied.

Users of the older Juniper VPN client should note that the system tray icon has changed. The Pulse Secure client icon now looks like a fancy letter “S.”

Linux Users: The automatic upgrade isn’t offered for Linux; the new client can be downloaded manually from https://middfiles.middlebury.edu/software/public/VPN/

If you have concerns or issues with this upgrade please contact the Help Desk at http://go.middlebury.edu/helpme/, helpdesk@middlebury.edu, or 802-443-2200.

Update on New York Times access

You may be aware that we’ve had an access problem with the New York Times web site over the past few months. The short version of the issue is that SGA was providing online access until NYT discontinued that program…which no one on campus realized until our access ceased (there’s more detail in this Campus article). The Times’ new program is extremely expensive, and the library’s funding for this fiscal year was set last year. Partial access is still available; would that full access were, and we wish an immediate solution were at hand. We haven’t given up, though, and are still working on the problem. Please feel free to contact Douglas Black, Head of Collections Management, for more information.

ILLiad scheduled upgrade and down-time

The ILLiad Web pages will be down at 9:00 am on Tuesday 1/8/19 while we upgrade the ILLiad software.  The ILL web site should be inaccessible for only a short time, assuming all goes well with the update.

If anyone has problems after 2:00 pm please contact Rachel Manning at x5498 or rmanning@middlebury.edu for assistance.

SCAM Alert – “Sextortion” Scam Emails

ITS is aware of an influx of sextortion scam emails received by members of the Middlebury community. These are indeed scams, identified as such by online security sources (see below) and making the rounds on the Internet once again. Recent samples have been personalized with older passwords stolen from breaches of third-party websites, such as Linkedin, Adobe, etc..

Please forward any sextortion scam emails to phishing@middlebury.edu so that the sender addresses can be blocked!

For more information on these sorts of scams, see:

https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/comment-page-13/
Excerpt: “The message purports to have been sent from a hacker who’s compromised your computer and used your webcam to record a video of you while you were watching porn. The missive threatens to release the video to all your contacts unless you pay a Bitcoin ransom. The new twist? The email now references a real password previously tied to the recipient’s email address.”

These are indeed scams. Recent samples have been personalized with older passwords stolen from breaches of third-party websites, such as Linkedin, Adobe, etc..

Here is a resource to help you find out where an old password to a 3rd party site may have been exposed: https://haveibeenpwned.com is run by Troy Hunt, a globally recognized security expert.

Check your email address here: https://haveibeenpwned.com (use your_username@middlebury.edu and then scroll down to see services where your username may have been part of a breach)

Check your password here: https://haveibeenpwned.com/Passwords

Change that password anywhere you use it and this time, pick a different STRONG password for each service.

Again, please forward any sextortion scam emails to phishing@middlebury.edu so that the sender addresses can be blocked from bothering our community members!