K-State broke a record in 2010, but it is not a record to be proud of: 445 K-Staters were tricked into giving away their passwords to criminals in response to spear-phishing scam e-mails. The criminals then used the stolen information to sign in to webmail and send thousands of spam messages.
Obviously, the first thing on this semester’s top-six security list must be:
- Never give your password to anyone in an e-mail message! K-State was plagued by 406 instances of phishing scams in 2010 (compared to 296 in 2009) that try to trick people into replying with their eID password. The hackers responsible for these scams are relentless! If you remember this one simple rule, you can prevent becoming a victim: K-State IT support staff will never ask for your password in an e-mail, nor will any legitimate business or organization. If you get such an e-mail, just delete it. The same holds if you get an email with a link to a web form that asks you to fill in your username and password – don’t do it!
Continue reading “Six things you need to know about IT security at K-State”
Students (including graduates) and faculty/staff who are leaving the university permanently should check out the Preparing to Leave K-State webpage, which includes:
- How to forward your e-mail and update your e-communications
- The importance of copying files, e-mail, etc. before those are erased
- The need to remove K-State’s antivirus and other software obtained via a university site license or volume-purchase agreement
- Other essential steps to do BEFORE you lose access to K-State resources
When an individual’s K-State affiliation ends, they will be notified and given two weeks to copy files, e-mail, and personal webpages. After that, a $50 fee is assessed for temporary access to personal files. Continue reading “Information for students, employees leaving K-State”
As reported last week, updates to K-State’s antivirus software for Windows and Mac computers will be available this week, but the date has been pushed back to Wednesday, Nov. 11.
For computers running Microsoft Windows, the upgrade from Trend Micro OfficeScan 8 to OfficeScan 10 will be pushed out from the server and installed automatically. This process will begin Wednesday, Nov. 11, for all computers that use the central IT Trend Micro service, which includes student computers in the residence halls. Colleges and departments running their own Trend Micro server will not necessarily follow the same schedule, so check with your IT support staff.
When the installation is complete, users will be prompted to reboot their computer, with a message similar to this in the lower right corner of their screen:
Users should reboot their computer as soon as possible, since their computer will not have antivirus protection until after the reboot.
Continue reading “Trend Micro antivirus updates coming Wednesday, Nov. 11”
In order to escape detection by antivirus software, hackers are constantly altering the malware they proliferate through malicious e-mail attachments, web links, USB flash drives, and a variety of other means. Estimates of new malware produced every day are as high as 50,000, which makes it impossible for pattern-based antivirus software to keep up and detect every single one.
That is not to say antivirus has no value — Trend Micro antivirus has detected more than 73,000 instances of malware since Jan. 1. In fact, in one recent report, Trend Micro security software was rated the most effective tool for catching malware among evaluated consumer-grade antivirus products, so Trend Micro OfficeScan is doing its job. The point is antivirus software cannot catch all malware, so K-Staters are potentially vulnerable to new malware when it first arrives.
One way K-Staters can help is to submit new malware to Trend Micro for analysis, so those characteristics can be added to the pattern files used by OfficeScan to detect and delete malware. To make this easier for K-Staters, the IT security team developed the “Malicious Software Reporting Tool” where suspicious file(s) can be uploaded and described.
Continue reading “Submitting malware samples for analysis helps improve Trend Micro”
Apple aficionados are excited about last Friday’s release of Mac OS X 10.6, aka “Snow Leopard”. Unfortunately, security software vendors haven’t matched that enthusiasm, so the likes of Symantec and Trend Micro do not yet support MacOS 10.6 with their antivirus products.
Consequently, K-Staters should delay deployment of Mac OS X 10.6 until a supported antivirus product is available. Continue reading “Antivirus protection not yet available for Mac OS X 10.6”
For many years, K-State has provided antivirus protection for Mac users with Symantec Antivirus (SAV) for Macs corporate edition (SAV). The bad news is that our license for SAV expires Oct. 27, and given the current budget challenges, there are no funds to renew. The good news is that Trend Micro now has a Mac antivirus client that is included in our site license, so it is already paid for with full support until March 2012 for all faculty, staff, and student office and home Mac computers.
SIRT, K-State’s Security Incident Response Team, is in the process of testing a beta release of a Trend Micro Security for Mac (TMSM) version 1.5. In fact, engineers from Trend Micro are on campus this week (July 27-28) to help install, configure, and test TMSM on servers and Mac computers around campus. Unlike SAV, TMSM is a manageable product and includes more security features, such as support for Web Reputation Services. Continue reading “Update on Mac antivirus protection at K-State”
A new semester has begun, so it is time to remind everyone of their personal responsibility in helping protect themselves online and keep K-State information and technology safe. To quote IT security experts, “the Internet is a bad neighborhood,”* and based on the number of security incidents at K-State in 2008, it’s getting worse. You can still function safely online, though, if you take the time to learn about security and “think before you click.” Here are five things you should know about IT security at K-State: Continue reading “Five things you need to know about IT security at K-State”