Information Technology Updates
Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally. Read more at https://www.cisa.gov/cybersecurity-awareness-month
I have been made aware of several instances of text alerts being sent to phones that purport to be from a Veridian domain. The alerts allege that a charge has been made and ask the recipient to login to veridianalertcu [dot] org with the recipient's Veridian credentials. The fake domain page looked very realistic and has already been taken down. Be very aware that a similar domain with relevant messaging may pop up again at any time.
If you use a computer or mobile device long enough, sooner or later something will go wrong. You may accidentally delete the wrong files, have a hardware failure, or lose a device. Even worse, malware may infect and wipe or encrypt your files. At times like these, backups are often the only way you can rebuild your digital life. Read more at https://www.sans.org/newsletters/ouch/backups/
Beware of 'Microsoft Office' USB sticks that show up in the mail. It's a scam! Plugging the USB into a computer will trigger a virus alert and encourage people to call a customer support line, where a scammer will take over the computer and demand payment. Read more here: https://www.pcmag.com/news/beware-microsoft-office-usb-sticks-that-show-up-in-the-mail-its-a-scam
Cyber criminals know that one of the best ways to rush people into making a mistake is by creating a heightened sense of urgency. And one of the easiest ways to create a sense of urgency is to take advantage of a crisis. This is why cyber criminals love it whenever there is a traumatic event with global impact. What most of us regard as a tragedy, cyber criminals view as an opportunity, such as the breakout of a war, a major natural disaster such as a volcanic explosion, and of course infectious disease breakouts like COVID- 19. When there is an immense amount of social media and news coverage about a certain event, cyber criminals know that is the time to strike. Read more at https://www.sans.org/newsletters/ouch/charity-disaster-scams/
UNI IT has recently been notified that some of our Zoom users are using clients below the minimum 5.3.0 version level. Clients below the 5.3.0 level are required to be updated by August 6, 2022. Any Zoom clients that have not been updated by August 6 will not be able to join meetings via the Zoom Client for Meetings and will be prompted to update or join from a Web browser.
If you are using a managed UNI machine, Zoom client versioning is taken care of for you and you should automatically be on a recent version.
If you are using a personal device and haven't updated your client, please refer to this support article to upgrade to a compliant version of Zoom.
Phishing attacks have become the most common method cyber attackers use to target people at work and at home. Read more at https://www.sans.org/newsletters/ouch/phishing-attacks-getting-trickier/
Should you use a different password for every site? Absolutely! Should you use your browser to store all of those distinct passwords? Probably not..
https://isc.sans.edu/forums/diary/Use+Your+Browser+Internal+Password+Vault+or+Not/28658/
While social media is a fantastic way to communicate, share, and have fun with others, it is also a low-cost way for cyber criminals to trick and take advantage of millions of people. Don't fall victim to the three most common scams on social media. Read more at https://www.sans.org/newsletters/ouch/top-three-social-media-scams/
Over the past several years, UNI has been rolling out Duo Multi-Factor Authentication (MFA) to protect the CatID accounts of its students, faculty, and staff as well as to protect important University data. To date, all University employees have been enrolled in Duo, including student employees. Students who have a balance remaining on their student financial aid for the semester and have elected to receive that balance via direct deposit into their bank accounts have also already enrolled in Duo MFA.
Starting on Tuesday, April 19th, 2022, Information Technology (IT) will provision students not using Duo into the Duo MFA system. This means the next time on or after April 19th one of these students logs into their UNI Google account or the Student Information System, they will need to complete the enrollment process in Duo MFA. This process is simple and typically takes only a few minutes.
You are able to enroll yourself before April 19, however! To do so, simply visit https://mfa.uni.edu/enroll and sign in with your CatID credentials.
You can follow the instructions at the following IT knowledge article that will also walk you through the process:
https://servicehub.uni.edu/docs/display/SH/How+to+Enroll+in+Duo+Multi-Factor+Authentication
As always, if you have questions or concerns, please don't hesitate to contact the IT Service Desk at 319-273-5555 or by submitting a Service Hub ticket at https://servicehub.uni.edu.
Pages
- ITTC 36
- (319) 273-5555
