Tag: SecureIT

News

MSU responds to the Heartbleed Bug

A major security vulnerability called the Heartbleed Bug was disclosed Monday night with serious implications for the entire web.

What is the Heartbleed Bug?

A security defect was found in a component that is the foundation of security for a large percentage of Internet websites.

The security defect, in a component called OpenSSL, allows attackers to acquire random data from “secure” web servers without logging in. Read Full Article →

News
A student works on a laptop computer

IT Services warns about CryptoLocker malware, cybersecurity

IT Services is warning computer users about a particularly vicious kind of malware, called CryptoLocker.

How CryptoLocker works

CryptoLocker encrypts or freezes large parts of a Windows PC’s hard drive, then asks the user to pay to regain access.

Once CryptoLocker installs itself, it contacts a remotely operated server run by criminals, called a command-and-control server. Read Full Article →

News
A student works on a laptop computer

MSU community warned to watch for phishing after attempted theft

The Michigan State University Police Department is investigating an attempted theft of employee direct-deposit payroll earnings.

Direct-deposit incident

On Friday, October 18, two employees reported receiving email confirmation of a change in their direct-deposit designation.

Police say that valid credentials (MSU NetID and password) were used by a perpetrator to modify the employees’ banking information on the EBS HR/Payroll (SAP) system. Read Full Article →

News
National Cyber Security Awareness Month logo

MSU SecureIT celebrates National Cyber Security Awareness Month

October is National Cyber Security Awareness Month.

Michigan State University has an ongoing safe computing campaign called SecureIT to help educate the MSU community on safe computing practices.

Tips to staying safe 1. Make sure your personal firewall is turned on.

Learn more about how to configure Windows and MacOS X firewalls. Read Full Article →

News
Image of IT staff member with a laptop

MSU IT Services offers suggestions for handling Java-based vulnerability

Last week a serious Java-based vulnerability was identified by security experts. The vulnerability allows criminals to exploit the opportunity to silently install malware when a hacked site is visited while using the insecure browser plugin.

Users are advised to upgrade to the latest version of Java (currently, it is Version 7 Update 11) immediately, and to only allow Java code to run from known safe sources and that is properly digitally signed. Read Full Article →