Kansas State University

search

IT News

Tag: cybersecurity

Annual Cybersecurity Awareness training begins April 1

The annual Cybersecurity Awareness Training will be delivered to your K-State email inbox on Monday, April 1. All faculty, staff and student employees must complete the online training by Tuesday, April 30.

The training will teach you to spot phishing scams, keep passwords safe, and practice cyber hygiene. This training is mandatory for all state agencies through the State of Kansas ITEC Policy 7230 – Information Technology Enterprise Security Policy. Continue reading “Annual Cybersecurity Awareness training begins April 1”

Be aware of phishing scams

""Phishing scams are used by cybercriminals to trick you into sharing personal information, such as passwords, credit cards, social security and bank account numbers, by sending you fraudulent emails or directing you to a fake website. K-State and legitimate businesses will never ask for your account, personal or financial information by email. Learn what a phishing scam looks like.

Sophisticated attackers will even attempt to get you to disclose passcodes from your Duo app to bypass the protections that two-factor authentication provides. K-State will never ask you to provide a Duo passcode immediately after completing the standard login confirmation. If you are ever asked to give that in combination with your password – you are being scammed. Continue reading “Be aware of phishing scams”

K-State is now using geolocation

""

Over the summer, K-State began using geolocation to assist in safeguarding accounts from being compromised by utilizing IP information on computers and mobile devices. With geolocation, users will be alerted of suspicious attempts to access K-State accounts. If suspicious activity is recognized, the user will receive an email notification of the activity with recommendations on the next steps, which could include updating account passwords.

Continue reading “K-State is now using geolocation”

North Korea using social engineering to hack universities

""In light of recent developments in the cybersecurity landscape, the Division of Information Technology (IT) feels it is imperative to communicate the evolving threats to our community. One such concern involves a North Korean group known as Kimsuky, a state-sponsored cyber threat actor notorious for their sophisticated spear-phishing attempts. Spear-phishing is a targeted form of phishing where the attacker impersonates a known or trusted entity to deceive individuals into revealing sensitive information. Continue reading “North Korea using social engineering to hack universities”

Increased SMS text phishing attempts

""In collaboration with the Office of Private Sector (OPS), the FBI San Francisco Field Office has recently issued a report highlighting a surge in “smishing” attempts. Smishing (or SMS text phishing) is a fraudulent practice where text messages trick individuals into divulging sensitive information. This can range from personal and financial information to company-specific data and employee credentials.

These threat actors often pose as fellow employees or company leaders to persuade recipients to share sensitive data. This information can then be used for various criminal activities, including financial gain, further breaches at a company, or even targeting other employees. Continue reading “Increased SMS text phishing attempts”

K-State will begin using geolocation for increased security on June 12

""

K-State will begin using geolocation to assist in safeguarding accounts from being compromised by utilizing IP information on computers and mobile devices on Monday, June 12. With geolocation, users will be alerted of suspicious attempts to access K-State accounts. If suspicious activity is recognized, the user will receive an email notification of the activity with recommendations on the next steps, which could include updating account passwords.

Continue reading “K-State will begin using geolocation for increased security on June 12”

Duo student spring enrollment was a success

During the spring semester, K-State began enrolling students in Duo two-factor authentication. Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames and passwords.

The Division of Information Technology would like to thank faculty and staff for educating students about the importance of two-factor authentication and reminding them to enroll in Duo. Continue reading “Duo student spring enrollment was a success”

Phishing scam targets remote workers

Scam Alert!As employees continue to work remotely, cyber-attacks are on the rise. The latest attack is the “Return to Office” phishing scam. This scam has already targeted 100,000 inboxes.

Scammers are sending email messages to individuals outlining the process for an employee to return to the workplace. The email can include safety protocols and usually includes a short deadline for when employees must acknowledge that they have received this message and complete a form. Continue reading “Phishing scam targets remote workers”

K-State stops critical attack on software

by Information Technology Services

On Thursday, March 9, a critical exploit was executed around the world that enabled hackers to take control of web servers. At K-State, the software used to manage the Undergraduate Admissions and Scholarship Application and the Axio LMS (which is in limited use) was attacked. Within an hour of the exploit being known to the world, Information Technology Services (ITS) had an initial block of the attacks in place. Continue reading “K-State stops critical attack on software”

Cybersecurity algorithms, techniques being developed through anthropology methods

Thursday, Nov. 7, 2013

MANHATTAN — Experts in anthropology and cybersecurity at Kansas State University are examining the unspoken knowledge shared by cybersecurity analysts as a way to develop new automated tools that help analysts strengthen their cyberdefenses.

Xinming “Simon” Ou, associate professor of computing and information sciences, and Mike Wesch, associate professor of anthropology, recently received nearly $700,000 from the National Science Foundation to fund a three-year project that takes an anthropological approach to cybersecurity. Data will be used to develop algorithms for improved cybersecurity.  Continue reading “Cybersecurity algorithms, techniques being developed through anthropology methods”