Kansas State University


IT News

Tag: IT security

Change to K-State’s LISTSERV whitelisting policy

by Information Technology Services

To help ensure proper delivery of emails to your K-State Inbox, Information Technology Services (ITS) maintains an Approved or Safe Sender whitelist. A whitelist is a list of email addresses, domains, and IP addresses which will not be blocked by K-State’s spam filters.

Whitelisting introduces additional cybersecurity risks. Spammers take advantage of whitelisting which makes our K-State inboxes more susceptible to spam, phishing scams, and viruses. Spammers create spoofed emails from whitelisted email addresses, domains, and IP addresses, which will make their way to your Inbox. When you click on the spoofed emails and links, you will unknowingly expose the K-State network to viruses and harm.

Previously, email from K-State LISTSERV lists were whitelisted. Now, LISTSERV emails will go through the Spam check in Office 365, and will not be whitelisted. ITS will only whitelist emails that have a business need. The goal is to reduce K-State’s exposure to spam and allow the spam protections in Office 365 to do their job.

The whitelisting change will go into effect Oct. 2. After this date, periodically check your Junk Email folder to make sure you are not losing important, safe emails. If you are losing important emails, fill out this form to request a global settings change that will move those emails into your Inbox instead. Requests will be considered on a case-by-case basis for approval.

If you have questions, contact Greg Dressman, director of Enterprise Server Technologies, dressman@ksu.edu.

K-State stops critical attack on software

by Information Technology Services

On Thursday, March 9, a critical exploit was executed around the world that enabled hackers to take control of web servers. At K-State, the software used to manage the Undergraduate Admissions and Scholarship Application and the Axio LMS (which is in limited use) was attacked. Within an hour of the exploit being known to the world, Information Technology Services (ITS) had an initial block of the attacks in place. Continue reading “K-State stops critical attack on software”

XcodeGhost iOS virus and what you need to know

A couple of weeks ago, it was discovered that some apps in the iOS app store had been infected by a virus called XcodeGhost. Information Technology Services has discovered some infected iOS devices (iPhone, iPad) on the K-State network. As these devices are identified, their access to the K-State wireless network is being blocked. If your IOS device has been blocked, go to the IT Help Desk in 214 Hale Library so that they can assist you in cleaning your device and requesting the network block be removed.

Apple has removed the infected apps from the App Store, but some of these apps may still be installed on iOS devices. For more information, see Apple’s XcodeGhost Q&A (Chinese version).

Dangerous phishing-scam emails steal more than passwords

by Information Technology ServicesK-State will never ask for your password in an email

K-State employees have recently been targeted by a “TIAA-CREF re-authenticate your account” email phishing scam that has been involved in at least three rounds of attacks.

On July 6, Human Capital Services emailed K-State employees with a TIAA-CREF account that K-State is blocking the URL in the scam, so computers on the university network cannot access the intended web address.

If you have replied to the TIAA-CREF email scam or any other email that asked for account information, contact the IT Help Desk as soon as possible (214 Hale Library, helpdesk@k-state.edu, 785-532-7722, toll-free 800-865-6143).

Simple rules will protect you from all kinds of scams: Never provide a password or personal identity information in response to email.  Never use your K-State eID password on any other account.  Continue reading “Dangerous phishing-scam emails steal more than passwords”

Update Java software now; computer attacks occurring

A vulnerability in Java, a programming language used in many applications and installed on most computers on the K-State campus, is being actively exploited on the Internet to take over control of computers. K-State’s network is being attacked many times a day, looking for computers to compromise via this vulnerability in Java, and at least three K-State computers have been compromised recently by this exploitThis vulnerability affects version 6 Update 23 or older of the Java Runtime Environment (JRE).

K-Staters need to:

  1. Update JRE in Windows to the latest version, which at the time of this writing is 6 Update 25 (Update 24 actually fixed the bug, so that version is safe too). You can get the latest version from Oracle’s Java website, or update it from the Java Control Panel in Windows.
  2. Configure Java to automatically check for and download updates in that same control panel. If configured for automatic updates, the Java icon (above) will appear in your system tray (usually in the lower right corner of the screen) to alert you that an update needs to be installed.

Continue reading “Update Java software now; computer attacks occurring”