IT Security News

White House: Your logins must be better than this
Sep 30, 2016: The Obama administration joins tech companies and internet security advocates in urging Americans to think beyond the password.
Lock Down Your Login
Sep 29, 2016: Your usernames and passwords are not enough to keep your accounts secure.
Apple macOS Sierra Fixes 68 Vulnerabilities
Sep 23, 2016: Apple is patching dozens of security issues with the macOS Sierra (10.12), the company's rebranded desktop operating system.
Yahoo Reveals Nation State-Borne Data Breach Affecting A Half-Billion Users
Sep 23, 2016: Nearly two months after signs of a Yahoo data breach surfaced with leaked user credentials in the cybercrime underground, Yahoo today confirmed that it had suffered a cyberattack in late 2014 by what the company says was likely a nation-state actor.
Microsoft releases one of its biggest security updates this year
Sep 16, 2016: Microsoft released one of its biggest security updates this year, fixing 50 vulnerabilities in its products and 26 more in Flash Player, which is bundled with its Edge browser.
Adobe, Microsoft Push Critical Updates
Sep 16, 2016: Adobe and Microsoft on Tuesday each issued updates to fix multiple critical security vulnerabilities in their software.
Two-speed Android update risk: Mobes face months-long wait
Aug 24, 2016: Mobile app metrics firm Apteligent examined device data for Samsung, LG, Sony, HTC, Motorola, and ZTE to determine which manufacturer pushes out OS updates the soonest.
Eddie Bauer is latest retailer to be hit by point-of-sale malware
Aug 24, 2016: Sportswear retailer Eddie Bauer has informed customers that point-of-sale systems at its stores were hit by malware, enabling the theft of payment card information.
Apple Updates iOS to Version 9.3.4
Aug 12, 2016: Apple has released an update for its mobile operating system, iOS 9.3.4, which fixes a memory corruption issue that could be exploited "to execute arbitrary code with kernel privileges." The update blocks a jailbreak bug known as IOMobileFrameBuffer.
Microsoft Security Bulletin Summary for August 2016
Aug 12, 2016: Microsoft has released nine bulletins addressing more than 30 vulnerabilities in Windows, Edge, Internet Explorer, Office, and other products. Five of the nine bulletins address issues rated critical.

IT Security Latest Alerts

Yahoo ‘expected to confirm massive data breach’, says Recode
Sep 22, 2016:

Yahoo is poised to confirm a massive data breach of its service, according to several sources close to the situation, hacking that has exposed several hundred million user accounts.

When virtual meets reality: Pokémon GO is a real world adventure with real-life risks
Jul 21, 2016:

The game itself is free of charge, but some of the associated risks can be very costly. Follow our tips to stay Poké-Safe!

300 Wendy’s Restaurants Fall Victim to Malware
May 19, 2016:

Starting in the fall of 2015, Wendy's believes around 300 North American restaurants experienced a malware installation through the use of compromised third-party vendor credentials, which affected parts of the sales system. The malware caused unusual payment card activity. Reports indicated that fraudulent charges may have occurred at other retailers after payment card were legitimately used at Wendy's.  To learn more about what Wendy's is doing and for FAQ's, visit: 

Google has released a new update for Chrome
Apr 29, 2016:

Google has released a new update for Chrome to address several vulnerabilities for Mac, Windows, and Linux users.

FBI Successfully Hacks the iPhone
Apr 05, 2016:

One hour. That’s all it takes from beginning to end to hack into the iPhone using the UFED Touch device. Time is not the only thing that makes the device easy to use.

What's New

MakeITSafe Security Awareness Training

University employees are required to complete annual information security awareness training. Click on this link: MakeITSafe Training to access the training modules. Please contact the UM Chief Information Security Officer with questions at