The Internet Crime Complaint Center (IC3) has issued an alert on employment scams targeting college students. Phony job opportunities are advertised via college employment websites or sent to students’ university email addresses. Unfortunately, students who have taken the bait have suffered financial losses. For more information and tips on avoiding these scams please review the IC3 Alert.
Tag: Enterprise Security
Adobe has released security updates to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
The Enterprise Security team's mission is to improve the security awareness and profile of the university. This includes making you aware of important cybersecurity new items. A Joint Analysis Report has been released by US-CERT providing details on malicious activities undertaken by Russian Civilian and Military Intelligence Services (RIS).
Enterprise Security has taken a number of steps to cultivate the cybersecurity professionals of tomorrow. Most recently, the team helped host Cooltechgirls’ “Think Like a Hacker” event in early December.
After a short program explaining the security aspects of geocaching, participants worked through a cybersecurity activity that challenged them to use their newly-gained knowledge to tackle a problem similar to one that a security professional might need to solve in real life.
This week we’ve seen a surge of phishing attacks against the university. Most recently we spotted a malicious website posing as a login page for BuckeyeMail and wanted to bring it to your attention. Please avoid clicking on links in emails when possible and always verify you’re at the site you meant to be at before entering user name and password. If you receive an email phish please report it to firstname.lastname@example.org. By informing us, we can more easily target and block other emails and sites from the same source.
Cybersecurity offers fun and challenging careers, and shows like Homeland, CSI Cyber and Mr. Robot have made it cool.
But to really captivate the security geniuses of tomorrow, observing isn’t enough. They want to get involved and be challenged. That’s idea behind CoolTechGirls’ Think Like a Hacker event on Dec. 3.
As of Monday, September 12, BuckeyePass is protecting your personal information in the Employee Self Service (ESS) system within Human Resources. BuckeyePass is a multi-factor authentication service that provides a second layer of protection for university. You may already be using multi-factor authentication to log in to your bank account, email or social media accounts.
Beginning September 12, all HR professionals and university employees will be required to use BuckeyePass along with their Ohio State username and password to access the HR Information System and Employee Self Service (ESS).
The following resources can be used to communicate information about BuckeyePass. For more information, visit buckeyepass.osu.edu.
An ongoing challenge to managing information security at Ohio State is making sure university organizations comply with federal and state regulations regarding privacy and security. That’s why Enterprise Security has released updated versions of Ohio State’s Information Security Standard (ISS) and Information Security Control Requirements (ISCR).
It’s easier to be comply with legal and regulatory requirements if you’re aware they exist. In the Information Security Standard, LEG1.1 legal and regulatory review requires that organizations periodically perform a cyber-legal review, to ensure they keep up-to-date with applicable laws and regulations. To assist Ohio State organizations with that task, Enterprise Security is pleased to offer this course presented by cyber-legal expert Chris Ingram who explains the current regulatory environment and changes that everyone need to be aware of.