Feed on
Posts
Comments

This is our first posting and a welcome message to the UTPA community.  Keep in touch and we will keep you informed about emerging threats, offer you tips on how to keep your computer safe, and tell you about the different information security initiatives at the University.  We welcome suggestions and opinions; please feel free to post comments.

Below is a summary of the combined security bulletins for the month of December 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, December 18th, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

Below is a summary of the combined security bulletins for the month of November 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, November 20th, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

Below is a summary of the combined security bulletins for the month of October 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, October 23th, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

There is a critical vulnerability that was recently discovered that is affecting devices running Linux, Unix, or Apple OS X.  The vulnerability is known as Bash Shellshock.  Please read the FAQs below for more information on how to protect yourself.

 

What can I do to protect myself while the vendor releases a patch?

Disable network services like SSH or web servers.  Keep checking with your operating system vendor (like Apple) to obtain the update as soon as it is available.

 

What can I do as a Mac user?

Go to System Preferences > Sharing > Remote Login.  Make sure this service is turned off.

 

What can I do as a Linux user?

Upgrade bash on your computer to a version that does not have this vulnerability.

 

What is the University doing to protect its resources against this threat?

Our perimeter firewall is already configured to block traffic that matches the signature for this threat. We still recommend that you exercise caution while your device is unpatched for this vulnerability.

 

How can I check if my computer is vulnerable or not?

Read the second article below. It will give you detailed information about the procedure. Please note, it will require some level of advanced computer skill.

 

Where can I get more information?

  1. Article from Symantec Security Response: http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability
  2. Article from WonderHowTo Mac Tips: http://mac-how-to.wonderhowto.com/how-to/every-mac-is-vulnerable-shellshock-bash-exploit-heres-patch-os-x-0157606/

 

This message is to warn you about an ongoing social engineering campaign targeting UTPA telephone numbers.  The individuals could for ask employment verification questions or information about other employees (e.g.  telephone numbers).  Please refrain from responding to their questions and end the conversation.  The University is going through a transition process and we might be more vulnerable to fall for these types of reconnaissance campaigns.  Please report any suspicious activities through our incident reporting page or contact us at 956-665-7124.

UTPA OCISO Incident Reporting Form: http://portal.utpa.edu/utpa_main/dba_home/iso_home/incident_form

Below is a summary of the combined security bulletins for the month of September 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, September 18th, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

      • Microsoft Security Updates
        • MS14-052 : Cumulative Security Update for Internet Explorer (2977629)
          More info: https://technet.microsoft.com/library/security/MS14-052
          Severity : Critical
        • MS14-053 : Vulnerability in .NET Framework Could Allow Denial of Service (2990931)
          More info: https://technet.microsoft.com/library/security/MS14-053
          Severity : Important
        • MS14-054 : Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (2988948)
          More info: https://technet.microsoft.com/library/security/MS14-054
          Severity : Important
      • Microsoft Security Advisory
        • KB2987114 : Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
          More info : http://support.microsoft.com/kb/2987114
        • KB2905247 : Insecure ASP.NET Site Configuration Could Allow Elevation of Privilege
          More info : http://support.microsoft.com/kb/2905247
      • Microsoft Non-Security Updates
        • KB2975331 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2975331
        • KB2975719 : Update for Windows 8.1
          More info : http://support.microsoft.com/kb/2975719
        • KB2976978 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2976978
        • KB2979501 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2979501
        • KB2981685 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2981685
        • KB2984005 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2984005
        • KB2984006 : Update for Windows 8.1
          More info : http://support.microsoft.com/kb/2984006
        • KB2989647 : Update for Windows 8.1
          More info : http://support.microsoft.com/kb/2989647
        • KB2996851 : Update for Windows 8
          More info : http://support.microsoft.com/kb/2996851
        • September 2014 Office Update Release
          More info : http://blogs.technet.com/b/office_sustained_engineering/archive/2014/09/10/september-2014-office-update-release.aspx
      • Adobe
        • Update Adobe Flash Player ActiveX to version 15.0.0.152
          More info: http://helpx.adobe.com/security/products/flash-player/apsb14-21.html
          Severity: Critical
        • Update Adobe Flash Player Plugin to version 15.0.0.152
          More info: http://helpx.adobe.com/security/products/flash-player/apsb14-21.html
          Severity: Critical
        • Update Adobe Air to version 15.0.0.152
          More info: http://helpx.adobe.com/security/products/flash-player/apsb14-21.html
          Severity: Critical
        • Update Adobe Reader/Acrobat 11 – Pending – Adobe re-scheduled update release to the week of September 15th, 2014
          More info: http://helpx.adobe.com/security/products/reader/apsb14-20.html
          Severity: Critical
        • Update Adobe Reader/Acrobat 10 Pending – Adobe re-scheduled update release to the week of September 15th, 2014
          More info: http://helpx.adobe.com/security/products/reader/apsb14-20.html
          Severity: Critical

Below is a summary of the combined security bulletins for the month of August 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, August 21st, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

Below is a summary of the combined security bulletins for the month of July 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, July 17th, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

Below is a summary of the combined security bulletins for the month of June 2014. Computers that are joined to the UTPA domain will receive the applicable updates automatically on Thursday, June 19th, at 11:00pm. If your computer is not a part of the UTPA domain or is not running Microsoft Windows, please make sure that it is configured to update automatically.

How to update your PC

How to update your Mac

Important notice to computers joined to the UTPA domain: The update distribution process has recently changed. On the day that the updates are distributed, your computer will present you with a notification (see screenshot below) giving you the choice to update your computer before the deadline of 11:00pm. This will allow people to be familiar with the updates that are being installed and it will also give the opportunity for installing the updates at your convenience (this way your machine is not forcefully restarted during the evening).

Software Update Installation Notification

 

We want to inform you of a growing threat from Cryptolocker. Please read the FAQ below to better inform and protect yourself.

What is Cryptolocker?

Cryptolocker is malware categorized as ransomware that targets computers running Microsoft Windows. When the device is infected, it will begin encrypting your files in the background. When it finishes, it will display a window that will inform you that your files are encrypted and that you have 72 hours to pay in order to get them decrypted.

How could I become infected with Cryptolocker?

The method of delivery is usually through email messages pretending to be from a reputable organization. The message will have a zip file attachment that will contain the malware disguised as a PDF file. This is not the only avenue for infection, so also avoid opening files from untrusted sources or files that have the EXE extension.

What should I do if my computer is infected with Cryptolocker?

For devices owned by the University or that contain University data, please contact the OCISO at 956-665-7124 to understand the impact of the incident. If there is no University data involved, the owner must make the choice to either pay the ransom or lose the data.

What can I do to protect myself?

The best protection against this threat is to use good judgment when opening email attachments and avoid opening files from untrusted sources. The other thing you can do to protect your data is to have a backup. Please beware, if you have your backup service as a mounted drive, there is a great chance that it will also be encrypted. To protect your backup from this threat, don’t mount it as a drive or use a service that allows you to restore from older backups.

Related articles

US-Cert: CryptoLocker Ransomware Infections

https://www.us-cert.gov/ncas/alerts/TA13-309A

Sans OUCH!: What is Malware

http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201402_en.pdf

Sophos Naked Security: CryptoLocker ransomware – see how it works, learn about prevention, cleanup and recovery

http://nakedsecurity.sophos.com/2013/10/18/CryptoLocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/

Older Posts »