Starting this March, you’ll probably see fewer spam messages in your inbox and will find them in your Junk Email or Deleted Items folders instead. This is because OIT will be implementing an enhanced spam filtering system, Armorblox, to more aggressively prevent unwanted emails from reaching you. Continue reading New Spam Filtering Service Enters the Fight Against Unwanted Emails
Category: Security Awareness
Winter 2022 Security Report Now Available
Our Winter 2022 edition of the OIT Quarterly Security Update is now available to the SMU community.
Cybersecurity Advisory: Log4j Vulnerability
SMU has been actively reviewing all systems and associated third-party services following the alert issued by the United States Cybersecurity and Infrastructure Agency (CISA), highlighting a vulnerability in Log4j. Log4j is an open source software package created by the Apache Foundation to record activity within an application. Continue reading Cybersecurity Advisory: Log4j Vulnerability
Log4Shell Vulnerability Impacts Systems Across the Internet
On December 9, 2021, a vulnerability in the popular Java logging library Log4j—used by developers of web and server applications around the world—was discovered and made public. The zero-day vulnerability allows for code to be run remotely by sending a malicious code string, allowing a hacker to take control. Published the next day in the National Vulnerability Database as CVE-2021-44228, it is already being exploited in the wild across Windows, Linux, macOS and devices. Teams across the internet are working to patch enterprise systems and web apps to protect against these critical zero-day exploits. Even games like Minecraft can be impacted, leading Microsoft to post instructions on how players of the Java version can patch their systems. Of course, our Security Team is aware of the issue and reviewing SMU systems to determine impact. Continue reading Log4Shell Vulnerability Impacts Systems Across the Internet
Reminder: Changes Coming to Duo January 4, 2022
Beginning January 4, 2022, users will no longer be able to use the “call me” or SMS passcode options in Duo Security as these factors are susceptible to vulnerability and fraud.
Continue reading Reminder: Changes Coming to Duo January 4, 2022
