Another reason you should use Google Chrome

Another layer of protection is being added to Chrome.  Auto blocking of things that will change your browser settings without your knowledge.


Apple Safari Patch

Apple has released a patch for a critical vulnerability in Safari that would allow “click to own.”  If you click on the wrong link, the bad guy has full access to your Mac.  All users should use Software Update to patch.


New USB reversible “C” connector

No more worries about upside down USB.


Adobe patches Flash, Reader, Acrobat

Adobe has released critical patches for Flash, Reader, and Acrobat.  All users should patch ASAP.


Black Hat Videos

If you like watching professional hackers, take a look.


Microsoft Patch Tuesday

It’s that time again, please make sure your Windows PCs and Microsoft Products are patched.


NPR All Tech Considered

What do you want in your IT professionals here on campus? Listen to this article and let us know your thoughts.

All Tech Considered

A Good IT Person Needs To Be Half Technologist, Half Psychologist

http://www.npr.org/blogs/alltechconsidered/2014/08/11/338984905/a-good-it-person-needs-to-be-half-technologist-half-psychologist


California to require “kill switches” on cell phones

Turn them off  in case they’re stolen.


ResNet computer help

Information Technology is preparing to welcome students back by providing computer and device help. If you need assistance with your device we look forward to helping you with your technology needs this academic year.

Please see the attached poster for times we are available to help as well as a list of items we will be assisting students with.

RESNET_poster3 (2)(1)


FBI Warns of Spear-Phishing Campaign

The FBI is is alerting the public about a large, ongoing spear-phishing campaign.  The phishing campaign  started on or about  July 21, 2014 and is primarily targeting the energy industry.  However, the FBI has high confidence that other industries like Education are being  targeted as well.  The phishing emails are exploiting a recent Internet Explorer (IE) zero-day vulnerabilities CVE-2014-1815, and CVE-2014-0310 and  the phishing messages come from various email addresses, and usually have a Subject:  “Outstanding Invoice.” 

NOTE:  Microsoft released an update for IE in May 2014 that addresses this vulnerability, and the update should be automatically installed on computers with automatic updates enabled. Computers that are running an unsupported version of Windows, or which have automatic updates disabled or on a delayed installation schedule may still be vulnerable and should be examined.

TECHNICAL DETAILS:  

  • The messages contain links to a compromised website that hosts the exploits and may also host the malicious payload, including: hxxp://web.hazarhaliyikama.com/doc/tem.aspx?n=UNIQUEVALUE
  • The string of characters and numbers at the end of the link (assigned to the “n” query name in the HTTP GET) are unique to each email and are single-use. Following this exploit, the web page redirects to the following page: hxxp://support.3dcart.com/Knowledgebase/Article/View/152/2/what-should-i-do-when-paypal-says-the-invoice-has-already-been-paid/ (as of the writing of this report, this web page appears to be legitimate)
  • This report includes preliminary information about an ongoing spear-phishing campaign against the energy sector that appears to exploit CVE-2014-1815. In Microsoft Security Bulletin MS14-029 (published 5/13/2014), Microsoft categorizes this vulnerability as “Critical” for IE versions 7-11 on desktop operating systems, and “Moderate” for IE versions 6-11 on server operating systems.