IT Security NewsApr 19, 2017: The most recent report from Nokia states that mobile device infection rates have gone up steadily throughout 2016—a rise of 400% smartphone malware. he report highlights vulnerabilities in a lot of different IoT devices, as well as iOS systems in iPhones Apr 19, 2017: Earlier this month, President Trump signed a law to repeal privacy rules that “can prevent broadband providers from selling customers’ internet-browsing histories and other data without their permission.” Apr 14, 2017: Adobe and Microsoft separately issued updates on Tuesday to fix a slew of security flaws in their products. Apr 14, 2017: This Patch Tuesday, Microsoft issues a fix for a zero-day vulnerability in the Office productivity suite that attackers were actively exploiting. Apr 14, 2017: 'Disappointing,' says patch expert after concluding the replacement means more work for admins Apr 14, 2017: There's a group of hackers who are hijacking unsecured home routers and using these devices to launch coordinated brute-force attacks on the administration panel of WordPress sites. Apr 11, 2017: Attackers have been exploiting a zero-day vulnerability in Microsoft Word since January to infect computers with malware Apr 11, 2017: Fraud stems largely from email, password credentials stolen from hacked accounts, sold on the ‘dark web’ Feb 28, 2017: Google's Project Zero team has disclosed a potential arbitrary code execution vulnerability in Internet Explorer because Microsoft has not acted within Google's 90-day disclosure deadline. Feb 28, 2017: Microsoft is testing a new feature that offers the option of preventing non-Windows 10 Store apps being installed.
IT Security Latest AlertsApr 19, 2017:
A security update was made available for a variety of iPhone, iPad and iPod Touch devices after seeing that attackers within range were able to execute code on a WiFi chip. This update improved input validation, and is available for consumers now. More Info: Apple Security Content of iOS 10.3.1Apr 19, 2017:
LastPass, a password manager tool, recently fixed a major security flaw that allowed hackers to steal your passwords and manipulate your account. Users should make sure to update to the most recent verison of the software in order to secure their passwords and other account information. More Info: FAQs about the attackApr 19, 2017:
Thousands of fake listings are added to Google Maps each month, and these listings direct users to fake websites that either sell fake or overpriced services. This was popular in larger metropolitan areas like NYC, Chicago or LA, because people would go on Google Maps to find a service and then get re-directed to the website of a fake business…or would call the phone number of a fake business. Google says it has reduced its amount of abusive listings by 70% since June 2015 (peak period).Apr 19, 2017:
A vulnerability was discovered in Microsoft Word that allowed for zero-day attacks to infect computers with malware through Word-document email attachments. When the attachments are opened, a fake word document is opened while malware is installed on the victim’s computer system. The attack only targeted a limited number of victims, but users should “be wary of documents received from untrusted sources and should enable the Office Protected View mode because it can block this attack.”Jan 23, 2017:
There is an elaborate employment opportunity scheme currently underway which is targeted towards college students. Learn more!
University employees are required to complete annual information security awareness training. Click on this link: MakeITSafe Training to access the training modules. Please contact the UM Chief Information Security Officer with questions at firstname.lastname@example.org.