New Vulnerability in ALL Versions of Internet Explorer

MSFT_logo_Page

Overview

Microsoft and US-Cert have released an alert about a vulnerability in all versions of Internet Explorer (IE 6 – IE 11) that could allow an attacker to install and run code on a computer. The most likely way a computer would be affected is through a website drive-by-download. A drive-by-download is where a user visits a malware infected website and malicious code on the website exploits the vulnerability in the users web browser to infect the computer with malware.

As of now researchers have only seen active campaigns on the Internet targeting IE 9 through IE 11 though earlier versions of IE may become targets in the future.

When Microsoft releases a patch to close this vulnerability only users running Windows 7 and above will be fixed. Windows XP users will never have this vulnerability fixed, forever leaving Windows XP users insecure from a known serious vulnerability in Internet Explorer.

For the user

Windows 7 and above users should use Internet Explorer only if it is necessary for business activities, e.g. NU SharePoint, or Banner. For all other websites it is recommended to use a browser other than Internet Explorer until a patch is released.

Windows XP users, Microsoft no longer releases updates or patches for Windows XP; there will never be a patch for this vulnerability. It is strongly recommended to upgrade to Windows 7 or 8.1.

Contact the Service Desk at 617-373-4357 or help@neu.edu for assistance with alternate browsers or upgrading to Windows 7.

More Information

ThreatPost: NEW INTERNET EXPLORER CVE-2014-1776 ZERO DAY USED IN TARGETED ATTACKS

KrebsonSecurity: Microsoft Warns of Attacks on IE Zero-Day

Sophos: Microsoft acknowledges “in the wild” Internet Explorer zero-day

The Verge: Security flaw puts all Internet Explorer users at risk, exposes Windows XP

Posted in Malware, Anti-Virus, Phishing, Scams, Safe Computing | Comments closed

What is Heartbleed and how to stay secure? – New Lynda.Com Video

lynda.com

Lynda has released two new videos explaining Heartbleed and how you can protect yourself.

The first video, Protecting Yourself from the Heartbleed Bug tells users how they can stay secure and change passwords.

View Here: Protecting Yourself from the Heartbleed Bug

This second video Heartbleed Tactics for Small IT Shops provides an in depth explanation of the Heartbleed Bug.

View Here: Heartbleed Tactics for Small IT Shops

Note: You do not have to be logged into Lynda to view thse videos

Posted in Safe Computing, Video | Comments closed

Heartbleed Bug – What You Need To Know

Heartbleed

As you may be aware from an ITS email and technology news coverage, there has been an extensive security bug found in the OpenSSL cryptographic software library; this news was made public on Tuesday, April 8, 2014. The flaw allows private information, which is normally protected by encryption, to be exposed to attackers. This includes login and password information for affected systems amongst other things.

What does it mean for you?
Information Technology departments here at Northeastern University and across the world have been working to repair vulnerable systems since the flaw was announced. There is a general recommendation that passwords on systems which were affected should be changed. Mashable has compiled a good overview of systems that were vulnerable to this flaw.

It is important to note that you should not instantly change every password to every online resource you use. Take a measured approach and use the following criteria to determine if you need to change your passwords:

  • You have high value accounts that have been identified as vulnerable. This includes financial websites and others which contain Personally Identifiable Information (PII). Examples would be online tax sites, banking sites etc.
  • You have a habit of using the same Login and Password pair across multiple websites. Reuse of credential/password pairs is never a recommended practice as it increases the possibility that one compromised system could ultimately have wider reaching effects.
  • You have accounts on web resources that have been confirmed to be vulnerable. The list from the Mashable link above only contains the top 1,000 sites. You should visit each resource and look for system announcements indicating their status.
  • Any other account where you may have concern.

Other Issues to Address
In the coming weeks, it is vitally important that you have a heightened awareness regarding your different online accounts. Hackers and Internet criminals never pass up a good crisis. Expect to see spam and phishing emails in the future which claim your accounts have possibly been compromised due to Heartbleed and you need to reset your passwords immediately. Always reset your password by visiting the website directly, rather than clicking through in an email. If you have any doubts about the validity of emails, contact the service provider through a known phone number.

Other Resources
The following are resources to check if a website is still vulnerable to the Heartbleed bug. Note that this only determines the current status, not if it was previously vulnerable:
Heartbleed test
Symantec SSL Toolbox
Qualys SSL Labs Server test

Questions or concerns? Please contact the ITS Service Desk at 617.373.4357 (xHELP) or help@neu.edu.

Posted in Safe Computing, Secure Programming, Website Security | Comments closed

ALERT: Heartbleed – Internet Encryption Bug

Heartbleed

This week, security researchers announced the discovery of an extensive security flaw in OpenSSL, called the Heartbleed Bug. OpenSSL is used by a majority of online services to encrypt data over the internet. Sites like Facebook, Yahoo, and Gmail all leverage OpenSSL to encrypt your data.

What is the Heartbleed Bug?
In a nutshell, the Heartbleed Bug provides an opening for hackers to access your data that has traveled across the internet using OpenSSL. This includes things like user names and passwords, personal information, and credit card information that you would use on sites like Gmail, Yahoo, Facebook, or ecommerce and banking sites.

What can we do to protect ourselves?
Although it was recently discovered, this bug has been in place for a few years. Security experts are still determining the scope of the impact. ITS recommends that you immediately change your passwords for high value accounts like financial accounts or accounts that allow access to personal data like tax information. Sites like Gmail, Yahoo, ecommerce, and online banking sites are all working to correct any vulnerability to minimize the risk to users going forward. ITS also advises that you continue to monitor your accounts in the coming months, especially those that contain more sensitive data like banking or credit card information.

ITS has no indication that myNEU passwords would need to be changed at this time. If you have a non ITS-managed machine, particularly one running UNIX/Linux, ITS advises that you immediately check for operating system patches and apply any critical or recommended security patches.

What is ITS doing to protect Northeastern?
To reduce our risk internally, ITS has already been working through the week to patch all of Northeastern’s technology that relies on OpenSSL. This includes patching of applications, servers, and our networks. We are continuing to work with our partner providers and vendors to address this serious security concern.

How can I get more information on the Heartbleed Bug?
More information on the Heartbleed Bug can be found here:
CNET – Heartbleed Bug Undoes Web Encryption, Reveals Yahoo Passwords
ComputerWorld – Heartbleed Bug in OpenSSL Leaves Encrypted Communications at Risk
Heartbleed Main Information Page

Questions or concerns? Please contact the ITS Service Desk at 617.373.4357 (xHELP) or help@neu.edu.

Image credit:Codenomicon

Posted in Safe Computing, SecureNU Information, Website Security | Comments closed

Phishing Email 4/4/2014: [BULK] ALERT !

Today we have a phishing email that looks like it is from the Help Desk. This phishing email attempts to trick the user into supplying their myNEU username, password, and birth date.

The Service Desk will NEVER ask for your password in an email.

Please delete this email from your inbox.

Contact the Service Desk (x4357) if you have any questions.

—–Original Message—–
From: circledo@xxxxx.edu [mailto:circledo@xxxx.edu] On Behalf Of ITS Help Desk
Sent: Thursday, April 03, 2014 5:55 PM
Subject: [BULK] Alert !

This is a WebNews Email Account Update
See the below mailing information
———————————————————————–

Dear Faculty/Staffs,

We are currently carrying out an upgrade on our outlook system due to the fact that it had come to our notice that one or more of our subscriber are introducing a strong virus into our system and it is affecting our network.We are trying to find out the specific person.For this reason all subscribers are to provide their USER NAME AND PASSWORD for us to verify and have them cleared against this virus,and to upgrade to the latest outlook 2014 webmail interface.

Those that refuses, their Email Account will be terminated.

Information to send are;

myNEU username:

myNEU password:

Confirm Password:

Date of birth :

Thank you for using NEU webmail

Hoping to serve you better
Outlook Upgrade Centre
Technical Department.
Copyright © 2014. Northeastern University,All Rights Reserved.

Posted in Malware, Anti-Virus, Phishing, Scams | Comments closed

Phishing Email Hits Campus – 3/25/2014 – Last Warning!!!

The following phishing email has been received by members of the Northeastern community.

If you receive this email please delete it immediately. Do NOT click on the link in the email.

Contact the Service Desk, 617-373-4357 if you have any questions.

From: ITS Help Desk [mailto:xxxxx]
Sent: Tuesday, March 25, 2014 2:49 PM
Subject: Last Warning!!!

WARNING: You’ve Exceeded Your web Bandwidth Limit

You’re currently over your bandwidth limit. Your current bandwidth is
limited,Your Incoming messages Are pending,contact us as soon as
possible Please review that you received this messages today by
contacting us to Automatically renewal your bandwidth Click now

Webmail Communications Inc. All Rights Reserved
Copyright © Helpdesk Information Department

— 本郵件來自HiNet WebMail —

Posted in Malware, Anti-Virus, Phishing, Scams | Comments closed

Changes to Guest Wireless – NUwave-guest

In an ongoing effort to enhance the security of our campus wireless networks, Information Technology Services will be implementing changes to the unsecured wireless network NUwave-guest.

This May ITS will enable registration requirements and a time limit for NUwave-guest access on the Boston campus. Individuals wishing to use the guest wireless network will need to register through a new guest wireless portal page, similar to those used by coffee shops and airports. These changes provide a greater level of security for our campus networks by limiting Internet access to identified guests visiting Northeastern for a certain period of time.

As a reminder, NUwave-guest access is intended for limited guest wireless access only. Northeastern students, faculty, staff and sponsored accounts must use the secure wireless network NUwave.

We will continue to reach out to the the campus community and encourage you to provide feedback on this initiative through myHelp, after logging in with your myNEU credentials. As the launch date approaches, ITS will provide reminders and additional details about these changes.

Want to learn more? Visit the NUwave-guest Wireless Network FAQ page on the ITS website.
Questions or concerns? Please contact the ITS Service Desk at 617.373.4357 (xHELP) or help@neu.edu.

Posted in NU Policy | Comments closed

Windows XP Death Watch – 1 Month Left

Are you still using Windows XP or know someone who is?

xp-rip-170

On April 8, 2014 Microsoft support will end for Windows XP. As a result ITS will no longer support the operating system. Any faculty, staff and labs that are still using computers running Windows XP need to upgrade to Windows 7.

There are serious implications related to using Windows XP after April 8, 2014. In addition to the lack of support, there are significant security risks. If your machine represents a security threat to Northeastern’s networks, your network access will be revoked.

How to upgrade from Windows XP to Windows 7

If you are still using Windows XP and have not yet taken steps to upgrade to Windows 7, please contact the ITS Service Desk at 617.373.4357 (xHELP) or at help@neu.edu to begin the transition to Windows 7. We are asking faculty and staff members to upgrade as soon as possible to ensure that we can accommodate requests in a timely manner.

NOTE: All computers must be backed up before the new operating system is installed. The ITS Service Desk can assist you with this process. Additionally, some older machines may be advised to upgrade to a newer model.

Want to learn more? Visit the Windows XP retirement FAQ page on the ITS website

Questions or concerns? Please contact the ITS Service Desk at 617.373.4357 (xHELP) or help@neu.edu.

——————-
Related links:
Windows XP Retirement FAQ page
Microsoft – Windows XP retirement page
CNET – Windows XP starts countdown to end-of-support on April 8
Lynda.com – Migrating from Windows XP to Windows 7 tutorial
PC World – Making the transition from XP to the Windows interface
Computerworld – XP’s retirement will be hacker heaven

——————-

Image Credit: Sophos.Com

Posted in Safe Computing | Comments closed