Kansas State University


IT News

Author: Josh McCune

K-Staters advised to stop using Internet Explorer 8 browser immediately

Confirmed exploits in the wild have been reported for a vulnerability in Internet Explorer 8. There is currently no patch available. The vulnerability can be exploited by a simple drive-by attack which will allow adversaries to install malware on your computer without any user action necessary. This means you could be infected simply by visiting a legitimate website that has been compromised and hosting the malicious code. The vulnerability was already leveraged in a targeted attack on the U.S. Department of Labor.

1. We recommend that all users stop using the Internet Explorer 8 web browser immediately.

2. On Thursday, May 9, Microsoft released a workaround that acts as a temporary fix until a patch is released. The fix is available at https://support.microsoft.com/kb/2847140 .

Continue reading “K-Staters advised to stop using Internet Explorer 8 browser immediately”

SSL VPN service now available to all K-Staters

As part of an ongoing project to decommission the aging hardware that is currently supporting most VPN services at K-State, all users with an active K-State eID are now enabled to use the new SSL-based VPN (K-State Virtual Private Network) and the Cisco AnyConnect client. The new client:

  • Is available for Windows, Mac, and Linux
  • Is simpler to configure
  • Should work better than the older IPSEC-based client in more restrictive network environments

Continue reading “SSL VPN service now available to all K-Staters”

Torpig malware threatens K-Staters' bank account information

Silently sneaking onto your computer, Torpig lies in wait for you to log in to your bank’s website and sends your account information to well-organized criminals. Torpig has found its way on to more than 70 computers at K-State in the last year, and the number of infections is on the rise. The chart below shows infections from February 2009 through February 2010.

K-State Torpig Infections

Unfortunately, security technology can’t always prevent infection because the malicious software changes rapidly and uses sophisticated stealth techniques to hide itself on infected computers. Thus, once again the user plays a key role in preventing infection and financial fraud.

Torpig, also known as Sinowal or Anserin, is malicious software belonging to the Trojan horse family that is designed to steal sensitive information from the computer that it infects. It specifically targets personal and corporate financial information such as credit card data, usernames, and passwords used in the victim’s web browser. It’s constantly changing and evolving and employs rootkit functionality to make it very difficult to detect and remove.

Torpig initially infects computers in several different ways. Continue reading “Torpig malware threatens K-Staters' bank account information”

IT Security Roundtable June 5: PGP Whole Disk Encryption installation demo

The June IT security roundtable will be 9-10:30 a.m. this Friday, June 5, in Union 213 on PGP Whole Disk Encryption software. Josh McCune, network security analyst, will give a presentation and facilitate the discussion.

You may recall the presentation on this topic back in December. We are ready to begin rolling out this software to those who purchased it. There will be a recap about what the software is and why it’s necessary, followed by a demonstration of the installation procedure. Departmental support personnel who will be responsible for installing this software are encouraged to attend, as well as server administrators who will be running their own instance of PGP Universal Server. The IT security roundtable is sponsored by SIRT and is open to everyone.