Information Technology Updates
UNI IT has recently been notified that some of our Zoom users are using clients below the minimum 5.3.0 version level. Clients below the 5.3.0 level are required to be updated by August 6, 2022. Any Zoom clients that have not been updated by August 6 will not be able to join meetings via the Zoom Client for Meetings and will be prompted to update or join from a Web browser.
If you are using a managed UNI machine, Zoom client versioning is taken care of for you and you should automatically be on a recent version.
If you are using a personal device and haven't updated your client, please refer to this support article to upgrade to a compliant version of Zoom.
Phishing attacks have become the most common method cyber attackers use to target people at work and at home. Read more at https://www.sans.org/newsletters/ouch/phishing-attacks-getting-trickier/
Should you use a different password for every site? Absolutely! Should you use your browser to store all of those distinct passwords? Probably not..
https://isc.sans.edu/forums/diary/Use+Your+Browser+Internal+Password+Vault+or+Not/28658/
While social media is a fantastic way to communicate, share, and have fun with others, it is also a low-cost way for cyber criminals to trick and take advantage of millions of people. Don't fall victim to the three most common scams on social media. Read more at https://www.sans.org/newsletters/ouch/top-three-social-media-scams/
Over the past several years, UNI has been rolling out Duo Multi-Factor Authentication (MFA) to protect the CatID accounts of its students, faculty, and staff as well as to protect important University data. To date, all University employees have been enrolled in Duo, including student employees. Students who have a balance remaining on their student financial aid for the semester and have elected to receive that balance via direct deposit into their bank accounts have also already enrolled in Duo MFA.
Starting on Tuesday, April 19th, 2022, Information Technology (IT) will provision students not using Duo into the Duo MFA system. This means the next time on or after April 19th one of these students logs into their UNI Google account or the Student Information System, they will need to complete the enrollment process in Duo MFA. This process is simple and typically takes only a few minutes.
You are able to enroll yourself before April 19, however! To do so, simply visit https://mfa.uni.edu/enroll and sign in with your CatID credentials.
You can follow the instructions at the following IT knowledge article that will also walk you through the process:
https://servicehub.uni.edu/docs/display/SH/How+to+Enroll+in+Duo+Multi-Factor+Authentication
As always, if you have questions or concerns, please don't hesitate to contact the IT Service Desk at 319-273-5555 or by submitting a Service Hub ticket at https://servicehub.uni.edu.
I have recently attended several briefings on the cybersecurity fallout from the current Russia-Ukraine conflict in eastern Europe. That event has resulted in a lot of FUD (Fear, Uncertainty, Doubt) about the online safety of people worldwide. It is certainly true that cyberattacks have played a role in the conflict, but cyberattacks are present every day. There are three general areas that you can concentrate on to protect yourself and your cyber assets.
- Phishing - Be aware and be skeptical of email you receive, particularly from unknown senders. The bad actors will try to fool you by using well-known personal names on the accounts they are using. They may also copy signature blocks, UNI logos, and other details to make their message appear official. Check the actual email address of the sender. Hover over links with your mouse to see where they are going. If it's not uni.edu or another well-known site, think again and don't click the link.
- Passwords - Passwords are hard and not really sufficient on their own today. They should be unique from one site to another and should be more than a simple word or two. Length trumps complexity. Even though "thequickbrownfoxjumpedoverthelazydog" has several issues and shouldn't be used, it is far better than "R3(s4*#1" for a password. Consider a password manager to help. It can generate lengthy unique random passwords per site and remember them for you.
- Patching - For UNI-managed devices, IT tries to take care of this for you but the process does take your cooperation and time to allow the patches to be deployed and made active. For your personal devices, patching is on you. Allow the operating system and applications to apply updates automatically. And when Windows or Adobe or Office tells you their are patches available, let those updates happen. If you can't do that immediately, okay, but do it soon, within a day or two.
Physical objects as security threats are in the news at the moment. The oft-touched upon tale of rogue USB sticks is a common one. Being wary of random devices found on the floor, or handed out at events is a smart move. and now they're showing up in the mail. You simply don’t know what’s lurking, and it’s hard to find out safely without the right tools available. Even then, something can slip by and cause no end of trouble on your desktop or network. Read more at https://blog.malwarebytes.com/cybercrime/2022/01/attackers-are-mailing-usb-sticks-to-drop-ransomware-on-victims-computers/
US Police Warn of Parking Meters with Phishing QR Codes
Always think twice when you're tempted to scan a QR code!
https://www.bitdefender.com/blog/hotforsecurity/us-police-parking-meters-phishing-qr-codes/
Targets aren't just the upper management of a company; the truth is, anybody can be a victim. Even random targeting can allow phishers to gather sensitive information about anyone online, such as their contact details and financial data, which they will use to their advantage. Read more at https://fraudwatch.com/who-are-the-most-common-targets-of-phishing-scams/
The holiday season is nearing. Soon millions of people will be looking to buy the perfect gifts, and many of us will shop online. Unfortunately, cyber criminals will be active as well, creating fake shopping websites and other online shopping scams to steal your information or money. Learn how you can find good deals without becoming a victim at https://www.sans.org/newsletters/ouch/shopping-online-securely-nov-21/
Pages
- ITTC 36
- (319) 273-5555
