As you know, on Friday there was a worldwide ransomware attack. Though that attack is currently partially halted, there are additional versions currently released that are live and active. Technical staff should be aware that this family of ransomware works by exploiting the Server Message Block vulnerability. Microsoft released patches on March 14 to address this.
By now you should have seen the news of widespread ransomware attacks. It is projected to have affected users in more than 150 countries.
In this attack ransomware called WannaCry was emailed to users. When opened, the malware locked files on their computers. Older versions of Microsoft Windows systems that have not applied security patches were affected.
According to a Symantec Security Threat Report, in 2016 there were 20 data breaches in higher education, exposing the personal information of approximately 5 million people. Those figures illuminate a grim reality -- it only takes the loss of one person’s user name and password to expose the private information of thousands, or even millions, of other system users.
Universities have a responsibility to numerous agencies of oversight; federal standards for universities may come from commerce or health agencies and from research, education and industry groups. Chief Information Security Officers (CISO) have the unenviable role of meeting all these requirements, while simultaneously keeping systems and information safe.
The gender gap is a continuing area of focus for higher education, and with good reason considering industry trends. According to Fortune Magazine, the number of women majoring in computer science has decreased over time from 35% in 1990 to only 26% in 2013.
Last week was Valentine’s Day, a holiday that celebrates romance and love. No doubt the Pew Research Center had this in mind when it released their February 11 study indicating that 15% of Americans adults have used online or mobile apps to find love (http://www.pewinternet.org/2016/02/11/15-percent-of-american-adults-have-used-online-dating-sites-or-mobile-dating-apps/.
On March 31, our Chief Information Security Officer Helen Patton will be a featured speaker at Attorney General Mike DeWine’s CyberOhio Business Summit. Helen’s session is entitled, “Security Frameworks: How to Use Them to Improve Business Outcomes.” It will cover common cybersecurity frameworks, with practical details including:
Do you know that feeling you get when you’re driving your car and the “check engine” light comes on? Perhaps it’s just time for an oil change, which maybe can be delayed. Perhaps it is something more serious that requires immediate attention. Often there is no way to be sure without consulting a professional. What a pain.
On Monday, January 23, Apple released the iOS 10.2.1 update which fixes flaws that previously allowed iOS devices to be compromised. If you have any iOS devices (iPad, iPhone, iPod, etc.) it is highly recommended to run the update as soon as possible. More detailed information from Apple can be found here: support.apple.com/en-us/HT207482.
A new type of phishing scam is targeting online shoppers, reminding us to be aware of how we interact with websites and that phishing attacks can come from many sources, not just email!
The Enterprise Security team's mission is to improve the security awareness and profile of the university. We wanted to make you aware of this scam that could cause you loss as a consumer.