NSA, Net Neutrality Fears Overshadow Senate Cybersecurity Vote

by in , , , , , , , , , 0

The Senate Intelligence Committee will vote Tuesday on a bill that would allow companies to share information about digital threats, but the legislation faces potential roadblocks over concerns it could boost surveillance efforts and endanger net neutrality.  Additional information can be found here.

Are you emailing sensitive information? If so, beware... This could happen to you!

by in , , , , , , , , , , 0

It's inevitable that at some point at a college or university a request for sensitive data will be made to the owning department for a research project, a cross departmental project, or even a report to upper management.  All of these scenarios are common and acceptable requests, however, the method used to transmit or share the requested confidential data is critical to the safety and security of that data.  Here is an example of using an incorrect transmission method and the repercussions that followed.


Sharing of confidential information is an acceptable practice provided the following safeguards are used:
  1. Approval of the data owning department is given (preferably in writing).
  2. A secure, encrypted transmission method is setup to send and receive the data.
  3. Communication!  If you're unsure transmitting this data is appropriate or safe contact your security team.
Following these steps at a minimum will save you from many headaches and heartaches later.

by in , , , , , , , , , , , 0

Email phishing continues to increase and the attackers are constantly looking for better ways to trick you.  Phishers have their sites focused on PayPal now more than ever.  Read this SC Magazine article summarizing "The Internet Threats Trend Report April 2014" to learn more.

Hackers hit eBay database containing personal info, users asked to change passwords

by in , , , , , , , , , 0

EBay is asking users to change their passwords after it was announced yesterday attackers gained unauthorized access to eBay's corporate network, compromising a database containing encrypted passwords and other personal data.  Additional information may be found here or on eBay.

What you need to know about Heartbleed, a critical OpenSSL vulnerability that enables SSL/TLS decryption

by in , , , , , , , , , , , , 0

You know that little padlock icon you look for to ensure your Web traffic is encrypted and secure? It turns out that you might not be as secure as you think thanks to a vulnerability that was accidentally introduced into the code of OpenSSL.


Read this article which explains what you need to know about Heartbleed and OpenSSL.

Additional resources:

Major Apple security flaw found. Patches issued and should be applied.

by in , , , , , , , , , 0

Apple rushed to release iOS 7.0.6 on Friday and OS X 10.9.2 today with patches for a shockingly overlooked SSL encryption issue that leaves iPhone, iPad and Mac computer users open to a man-in-the-middle (MITM) attack.  All users of iOS 7 and Mac OS X Mavericks (10.9) should download and apply these patches.  The vulnerability is not present in versions of OS X prior to OS X 10.9 Mavericks or iOS prior to iOS 6.


Additonal resources:
For a full listing on the security patches in this update, visit the Apple site.

For a full listing on the security patches in this update, visit the Apple site.

Computer Security and You.

by in , , , , , , , , , , , , , , 0

Scammers, hackers, and identity thieves are looking to steal your personal information – and your money. But there are steps you can take to protect yourself, like keeping your computer software up-to-date and giving out your personal information only when you have a good reason.


Visit our friends at OnGuardOnline.gov and see what you can do to better protect yourself and your personal information.