Kansas State University

search

IT News

Author: Harvard Townsend (harv@ksu.edu)

Chief Information Security Officer

Reminder: IT security roundtable this Friday on recognizing e-mail scams

The roundtable will be 9-10:30 a.m. Friday, Dec. 4, in Union 213. This session is designed for the general user, so you do not have to be a technical wizard to benefit. If you use e-mail, this event is for you.

Malicious e-mail attachments wreaked havoc on K-State computers a few weeks ago, while spear phishing scams that steal eID passwords have been a persistent plague. As hackers continue to find new, more clever ways to trick people, it is important for all users to educate themselves about e-mail scams and be constantly on the alert for new scams that arrive daily in people’s K-State e-mail. Consequently, December’s monthly IT security roundtable discussion will provide tips to help people recognize e-mail scams and thus protect themselves from identity theft, financial fraud, compromised computers, and more.

Topics covered include: Continue reading “Reminder: IT security roundtable this Friday on recognizing e-mail scams”

IT Security roundtable Dec. 4: How to recognize an e-mail scam

Malicious e-mail attachments wreaked havoc on K-State computers a few weeks ago, while spear phishing scams that steal eID passwords have been a persistent plague. As hackers continue to find new, more clever ways to trick people, it is important for all users to educate themselves about e-mail scams and be constantly on the alert for new scams that arrive in people’s K-State e-mail daily. Consequently, December’s monthly IT security roundtable discussion will provide tips to help people recognize e-mail scams and thus protect themselves from identity theft, financial fraud, compromised computers, and more.

The roundtable will be 9-10:30 a.m. Friday, Dec. 4, in Union 213.

Topics covered include:

Malicious e-mails strike again; 130+ computers compromised

One thing I’ll say about hackers is they are persistent, and I guess that fact shouldn’t surprise me since the same ol’ tricks reap dividends. Last Thursday, Nov. 5, K-State was hit with a cyberattack nearly identical to one that wreaked havoc on campus last July and, like last summer, it succeeded in compromising more than 130 campus computers.

The attack consisted of four different e-mails that tried to trick people into opening a malicious .zip attachment. Users who opened the attachment instantly infected their computer with a new variant of malware that antivirus software did not detect. The compromised computers were then used to try to infect other computers by sending the same malicious e-mails to addresses harvested from local addressbooks on the infected computers.

Once again, the best solution for preventing these types of attacks is for you, the user, to be suspicious of any unexpected e-mail from unknown sources and do not open an attachment until you confirm its legitimacy. One troubling thing is the four e-mails were virtually identical to the ones from last summer, with the following four subject lines:

Continue reading “Malicious e-mails strike again; 130+ computers compromised”

Trend Micro antivirus updates coming Wednesday, Nov. 11

As reported last week, updates to K-State’s antivirus software for Windows and Mac computers will be available this week, but the date has been pushed back to Wednesday, Nov. 11.

For computers running Microsoft Windows, the upgrade from Trend Micro OfficeScan 8 to OfficeScan 10 will be pushed out from the server and installed automatically.  This process will begin Wednesday, Nov. 11, for all computers that use the central IT Trend Micro service, which includes student computers in the residence halls. Colleges and departments running their own Trend Micro server will not necessarily follow the same schedule, so check with your IT support staff.

When the installation is complete, users will be prompted to reboot their computer, with a message similar to this in the lower right corner of their screen:

TMOS reboot pop-up-small

Users should reboot their computer as soon as possible, since their computer will not have antivirus protection until after the reboot.

Continue reading “Trend Micro antivirus updates coming Wednesday, Nov. 11”

Trend Micro antivirus updates to be released Nov. 10

Two important updates for Trend Micro security software are scheduled for deployment at K-State starting Tuesday, Nov. 10.

  1. For Windows platforms, OfficeScan 10 (TMOS 10) will be pushed to all computers that use the central Trend Micro servers.
  2. For Macs, Trend Micro Security for Macs 1.5 (TMSM 1.5) will be available from K-State’s antivirus website for manual installation.

Users of the central Trend Micro services, which includes all students in the residence halls, will be upgraded to TMOS 10 automatically. Once the software is installed, users will be prompted to reboot their computer. After that, about the only difference people may notice is a slightly different icon in the task bar system tray.TM-icon-SS

Installation of TMSM 1.5 is not automatic. Users must remove Symantec Antivirus (SAV) or any other antivirus software on the Mac, such as ClamXav, before installing TMSM 1.5. The TMSM 1.5 installation file along with instructions for removing SAV will be available from K-State’s antivirus website starting Nov. 10.

Continue reading “Trend Micro antivirus updates to be released Nov. 10”

Anthony Phillips joins K-State’s IT security team

Effective Monday, Nov. 2, Anthony Phillips joined K-State’s IT security team as a computer security analyst. Anthony will use his vast knowledge and experience gained during his tenure as manager of iTAC’s Technology Service Center to provide leadership in the security of K-State’s servers, workstations, and laptops. His responsibilities include:

  • Managing and providing guidance to the campus on the security of K-State’s computer systems
  • Performing computer forensic analysis for security incidents
  • Monitoring, investigating, and responding to abuse reports involving K-State systems
  • Working with other K-State IT personnel to assess and mitigate security vulnerabilities
  • Managing K-State’s PGP Whole Disk Encryption program
  • Assisting with campuswide awareness and training efforts
  • Participating in SIRT

Continue reading “Anthony Phillips joins K-State’s IT security team”

IT Security Roundtable Nov. 6: Trend Micro updates for Windows and Mac OS X computers

This month’s IT security roundtable discussion will cover the new versions of Trend Micro security software that will be deployed next week for both Microsoft Windows and Apple Mac OS X. The roundtable will be 9-10:30 a.m. Friday, Nov. 6, in Union 213.

The following topics will be covered for both Trend Micro OfficeScan 10 for Windows and Trend Micro Security for Macs 1.5:

  • Features
  • New operating system support (Windows 7 and Mac OS X 10.6)
  • Why it is important to upgrade as soon as possible
  • Deployment schedule for central IT Trend Micro service
  • What users should expect with the upgrade
  • General availability on K-State’s antivirus website

Continue reading “IT Security Roundtable Nov. 6: Trend Micro updates for Windows and Mac OS X computers”

October is National Cybersecurity Awareness Month

NCSAM1October marks the sixth annual National Cybersecurity Awareness Month (NCSAM) sponsored by the Department of Homeland Security. The theme for 2009 is “Our Shared Responsibility” to reinforce the message that all computer users, not just your IT support staff or industry and government, have a responsibility to protect themselves, their colleagues, family members, and K-State’s valuable information and technology resources.

Even though it’s late in the month, familiarizing oneself with cybersecurity risks and best practices is something everyone needs to do continually, not just one time a year. In conjunction with NCSAM, K-State’s IT security team hosted a Regents-wide IT security training event Oct. 5 in the K-State Student Union. PowerPoints from the presentations are available on the event website. Most presentations apply directly to K-State, so visit the website to learn about a variety of topics with offerings for both less technical and more technical audiences.

Continue reading “October is National Cybersecurity Awareness Month”

Submitting malware samples for analysis helps improve Trend Micro

In order to escape detection by antivirus software, hackers are constantly altering the malware they proliferate through malicious e-mail attachments, web links, USB flash drives, and a variety of other means. Estimates of new malware produced every day are as high as 50,000, which makes it impossible for pattern-based antivirus software to keep up and detect every single one.

That is not to say antivirus has no value — Trend Micro antivirus has detected more than 73,000 instances of malware since Jan. 1. In fact, in one recent report, Trend Micro security software was rated the most effective tool for catching malware among evaluated consumer-grade antivirus products, so Trend Micro OfficeScan is doing its job. The point is antivirus software cannot catch all malware, so K-Staters are potentially vulnerable to new malware when it first arrives.

One way  K-Staters can help is to submit new malware to Trend Micro for analysis, so those characteristics can be added to the pattern files used by OfficeScan to detect and delete malware. To make this easier for K-Staters, the IT security team developed the “Malicious Software Reporting Tool” where suspicious file(s) can be uploaded and described.

Continue reading “Submitting malware samples for analysis helps improve Trend Micro”

Trend Micro antivirus changes coming soon

As reported earlier, changes are in the works for antivirus protection for both Windows and Mac computers at K-State. For Windows, the primary issue was support for Windows 7 since Trend Micro OfficeScan 8 does not support it. For Macs, there were two issues — expiration of the Symantec AntiVirus for Macs license on Oct. 27 and Trend Micro Security for Macs 1.5 (TMSM) not supporting Mac OS X 10.6 (Snow Leopard). Fortunately, we now have solutions for all these issues.

Continue reading “Trend Micro antivirus changes coming soon”