IT Security News

Reducing your Information Footprint
May 14, 2018: While spring cleaning your home and, if you’re like me, the top of your desk, consider also cleaning up your information footprint.
It’s National Password Day
May 03, 2018: When is the last time you reviewed the passwords to your bank account, e-mail or credit card accounts? Today is a good day to do it. Why? It’s National Password Day.
More Than Half of Android Apps for Kids Are Violating US Privacy Laws
Apr 17, 2018: Privacy experts have analyzed 5,855 child-directed Android apps and have found that more than half —57%— are potentially violating the Children's Online Privacy Protection Act (COPPA), a US law protecting children's private data online.
Securing Devices by Making Simple Changes
Apr 05, 2018: Many people may not consider their connected devices to be a security threat, but they absolutely can be. One of the issues with such devices is that many of them do not come configured with security in mind and connecting an unsecure device to your network is like leaving the back door to your hous
Staying Safe from Tax Scams
Mar 20, 2018: Unfortunately, much of your personal information can be gathered from multiple locations online with almost no verification that the right person is receiving the information. Criminals know this, so they use this trick to get your personal information from a variety of websites and use the informat
Nearly Half of the Norway Population Exposed in HealthCare Data Breach
Jan 23, 2018: A hacking group broke into the systems of Health South-East Regional Health Authority (RHF) and stolen 2.9 million Norwegians health information.
Post-it with password spotted in online photo of Hawaii Emergency Management Agency HQ
Jan 19, 2018: The Hawaii Emergency Management Agency has had a lot of explaining to do after an employee pushed the wrong button during a test and pushed out an alert warning residents that a ballistic missile was headed their way, but now, the agency is now catching heat after eagle-eyed internet users noticed a
Cyber Security Competitions for Girls in US and UK
Jan 19, 2018: Signups are now open in the US for the high school girls GirlsGoCyberStart competition in 16 US states (www.girlsgocyberstart.com). The US competition is open to all high school girls (public/private/home-schooled) in the following states (HI, NV, CO, WY, TX, IA, IN, MS, NC, MD, WV, DE, NJ, NY, CT,
A Hacking Group Is Already Exploiting the Office Equation Editor Bug
Nov 28, 2017: A week after details about a severe Microsoft Office vulnerability came to light, at least one criminal group is now using it to infect users.
Uber Paid Hackers to Delete Stolen Data on 57 Million People
Nov 28, 2017: Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year.

IT Security Latest Alerts

Major Equifax Cyber Attack Impacting 143 Million Americans
Sep 11, 2017:

Equifax (one of the major consumer credit reporting agencies) reported on Thursday, 9/7/2017, that hackers gained access to company data which potentially compromised sensitive information for 143 million American consumers. The compromised consumer data includes name, address, birthdate, Social Security numbers, and driver's license numbers. Learn how to protect yourself

Printer Model/Toner Social Engineering Scam
Jul 24, 2017:

University staff members are reporting they have received phone calls from outside entities requesting printer model numbers.  The “vendor” will ship toner and printer supplies to any departments that disclose this information.  This will result in a large outstanding invoice and the vendor demanding payment because they were given verbal consent for the products shipped.  Please make departmental staff aware of this situation.  Follow our best practices to prevent being a victim of these scams.

Watch out for Malicious Apps Posing as Virus Scanners!
Jun 16, 2017:

A cybersecurity firm discovered several apps related to WannaCry ransomware in the Google Play Store for Androids and in Apple’s App Store. Another hundred fraudulent antivirus apps were also discovered on digital markets. In order to keep your device safe, be sure to only download software from reputable developers and check the app description for grammatical errors, things out of place and user reviews.

Chipotle Mexican Grill Reports Payment Card Security Incident
May 31, 2017:

Chipotle Mexican Grill worked in conjuction with law enforcement, payment card networks and cyber security firms to investigate a payment card security incident reported on April 25, 2017. The investigation uncovered malware designed to access payment card data from cards used on point-of-sale (POS) devices at certain Chipotle restaurants between March 24, 2017 and April 18, 2017. The malware searched for track data (which sometimes has cardholder name in addition to card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the POS device. Both Columbia, MO restaurants have been identified as locations infected between March 24, 2017 and April 18, 2017. If you believe you have used a payment card at either location during this timeframe, please be vigiliant when reviewing your charge statements and report any unauthorized charges immediately. For more information, visit https://www.chipotle.com/security

Google Docs Phishing Scam: What We Know
May 04, 2017:

On May 3rd, 2017, news outlets and social media sites were reporting a phishing scam surrounding fake “Google Doc” emails. Learn more!

What's New

Annual Password Change

If you have not changed your University password since July 1, 2017, you are required to change it by April 11, 2018.  University passwords continue to be a target of regular phishing attempts, which have led to increasing numbers of compromised accounts.  Regular password changes are one line of defense against unauthorized access.

To change your password now, visit:  https://www.umsystem.edu/ums/is/infosec/secure_authentication_toolkit

For password requirements as well as suggestions for creating a strong password or passphrase, visit:  https://umsystem.edu/makeitsafe/passwords.

Once you have changed your password, make sure to quickly configure the new password for account access on your mobile devices to ensure that you don’t get locked out.