Kansas State University

search

IT News

Author: Harvard Townsend (harv@ksu.edu)

Chief Information Security Officer

Use caution when considering Internet Explorer 8

Posted on by Harvard Townsend (harv@ksu.edu)

On March 19, Microsoft released Internet Explorer 8 (IE8), its next-generation web browser. While it has several useful security features, people should talk to their IT support staff before switching to IE8 since it has not been thoroughly tested with K-State enterprise applications like iSIS and K-State Online.

Recalling the application incompatibilities experienced when IE7 replaced IE6; proceed  cautiously with plans to upgrade to IE8. Microsoft did try to deal with the IE6-to-IE7 fiasco this time by including a “Compatibility View” in IE8 that should correctly display pages incompatible with IE8, but again this needs to be tested thoroughly.

Continue reading “Use caution when considering Internet Explorer 8”

Register this week for April 9 IT security training

Posted on by Harvard Townsend (harv@ksu.edu)

The deadline to register for the April 9 IT security training event sponsored by SIRT is Sunday, April 5. Register this week to reserve your spot and identify the sessions you will attend. The event is free and open to any K-State faculty, staff, or students, as well as IT professionals from other Regents’ institutions. All sessions take place 8:30 a.m.-1:30 p.m. Thursday, April 9, in the K-State Student Union.

Details are available on the event website. If you have any questions, contact Harvard Townsend (785-532-2985, harv@k-state.edu) or Neil Sindicich (785-532-2598, neilsin@k-state.edu).

64 spear phishing scams and counting

Posted on by Harvard Townsend (harv@ksu.edu)

Thus far in 2009, K-State has been the target of at least 64 different spear phishing scams that attempt to steal eID passwords, and at least 41 people have replied to the scams with their password. Of those 41 replies, 37 are known to have been used by criminals to log in to K-State’s WebMail system and send spam. That means K-State is averaging about two new scams every three days and one compromised WebMail account every two days.  The latest compromised eID resulted in someone logging into K-State’s WebMail from the island nation of Mauritius and sending spam from the K-State e-mail servers. Besides the embarrassment of contributing to the worldwide scourge of spam, this has resulted in K-State getting put on spam blocklists for the likes of Hotmail, MSN, and Comcast.

K-Staters are probably tired of hearing this  – IT support staff will never ask for your password in an e-mail. Follow that simple rule, and you will not become a victim of these scams.

Continue reading “64 spear phishing scams and counting”

“Travel safely” security roundtable rescheduled April 10

Posted on by Harvard Townsend (harv@ksu.edu)

Due to a campus power outage March 13 that included the K-State Student Union, the IT security roundtable discussion on traveling safely has been rescheduled to 9-10:30 a.m. Friday, April 10, in Union 213.  Mark your calendars now so you can learn how to travel safely and protect yourself from identity theft, financial fraud, and other threats related to information and technology while traveling for business or pleasure.

Registration open for April 9 IT security training event

Posted on by Harvard Townsend (harv@ksu.edu)

Registration is now open for the April 9 IT security training event sponsored by SIRT. There is no cost to attend but registration is required so visit the online registration site now to reserve your spot and identify the sessions you will attend. All sessions will take place 8:30 a.m.-1:30 p.m. Thursday, April 9, in the K-State Student Union and are open to any K-State faculty, staff, or students, as well as IT professionals from other Regents’ institutions.

As in the past, you will have a choice of less-technical and more-technical topics during the two breakout sessions. Topics include: Continue reading “Registration open for April 9 IT security training event”

17+ K-State eID passwords stolen in e-mail scams

Posted on by Harvard Townsend (harv@ksu.edu)

The crooks are at it again — in the past week, scam e-mails have tricked at least 17 K-Staters into giving their eID password to criminals, who then log into WebMail with the stolen account information and send thousands of spam messages to the world.

This is a reminder to NEVER provide your password in an e-mail to anyone under any circumstances!

This simple rule will prevent you from becoming a victim of these scams and will help keep K-State off spam block lists, since e-mail service providers will block all e-mail from K-State when they see thousands of spam messages coming from WebMail. Furthermore, K-State IT support staff will NEVER ask for your password in an e-mail, nor will any legitimate business. If you ever get an e-mail asking for your password, personal identity information, or financial account information, you can assume it is a fraud and delete it.

Continue reading “17+ K-State eID passwords stolen in e-mail scams”

IT Security Roundtable March 13: Traveling safely over spring break

Posted on by Harvard Townsend (harv@ksu.edu)

The time is nigh for K-State students, faculty, and staff to vacate Manhattan for distant lands over spring break.  Thus, this month’s IT security roundtable, which is 9-10:30 a.m. Friday, March 13, in Union 213, will discuss tips on how to travel safely so people can protect themselves from identity theft, financial fraud, and other threats related to information and technology while on vacation. Topics include:

Trend Micro site license renewed for three years

Posted on by Harvard Townsend (harv@ksu.edu)

Based on feedback from the campus and SIRT, K-State’s site license for Trend Micro OfficeScan security software was renewed for another three years. The license, which now expires March 31, 2012, covers computers both in the office and at home for all K-State faculty, staff, and current students. The Silver Premium Support contract was renewed for one year and will be re-evaluated each year.

OfficeScan provides K-State with a suite of security functions for desktops and servers that includes antivirus, antispyware, a firewall, intrusion detection, and blocking access to known, malicious websites (“Web Reputation Services“).

Continue reading “Trend Micro site license renewed for three years”

IT security training event April 9

Posted on by Harvard Townsend (harv@ksu.edu)

Mark your calendars for 8:30 a.m.-1 p.m. Thursday, April 9, so you can attend SIRT‘s annual IT security training event in the K-State Student Union. This annual event is free and open to any K-State faculty, staff, or student.

Like past events, this year’s training will include two general sessions covering topics relevant to everyone, plus two sets of breakout sessions with more technical and less technical options during each. Topics include:

  • How to secure the technology in your home
  • Tools for assessing the security of your computer
  • How to use “Spider” to discover sensitive information on your computer
  • How to determine if your computer has been hacked (basic forensics)
  • Advanced security forensics
  • Web application security
  • Effective management of Trend Micro security tools

Larry Kettlewell, the Chief IT Security Officer for the State of Kansas, will give a keynote address.

Watch InfoTech Tuesday for more details and registration information.

Trend Micro meeting moved to 9:30 a.m. Wednesday, Feb. 18

Posted on by Harvard Townsend (harv@ksu.edu)

The campus meeting about renewing the Trend Micro license postponed from last Friday is scheduled 9:30-10:30 a.m.  Wednesday, Feb. 18, in Union 213.  Since K-State’s license for Trend Micro antivirus software expires March 31, Harvard Townsend, chief information security officer, will facilitate a discussion of the options for renewing the license (which boil down to whether we renew for one year or three years), how a decision will be made, and considerations for Macintosh support.

K-State’s Symantec license for Macs expires in October 2009, and Trend Micro is about to release a native Mac antivirus product. Continue reading “Trend Micro meeting moved to 9:30 a.m. Wednesday, Feb. 18”