Popular Linux Utility Security Flaw Found, Patched

Tux, the Linux mascotWe’re about halfway through Security Awareness Month, and we have another security vulnerability to report for Linux users.

The Hacker News recently reported a flaw that was discovered in the “sudo” utility, which is installed on most popular Linux distributions and allows administrators of a computer to run commands as the root user without changing desktop sessions. The flaw in question could allow a hacker to bypass security policies in place on the computer to run commands without proper authorization.

It has also been reported that this vulnerability is really only possible in very specific configurations. However, it is still essential to stay on top of these reports and to install security updates on your computer as soon as possible. This writer has checked two Linux devices – one running Ubuntu and the other running Linux Mint – and a patched version of sudo was already available for installation, so most Debian-based flavors of Linux should now have the update available.

If you are concerned about your Linux PC being affected, simply run your distribution’s default package manager’s update function (here’s info on Ubuntu and Fedora as examples) to see if a patch is ready!

iOS Users: Don’t Upgrade to 13… Just Yet!

Just wait on iOS 13The newest version of iOS 13 is out now, and it looks like the number 13 might not be a lucky number for Apple. According to Inc., the Department of Defense (DOD) sent an email last night “strongly encouraging” both its employees and contractors not to upgrade their iPhones to iOS 13, but rather to wait for the next release, iOS 13.1, to update their devices. Continue reading iOS Users: Don’t Upgrade to 13… Just Yet!

Anti-Phishing Campaign Expands to Student Accounts

AnitPhish (Anti-Phishing Campaign)After the success of our anti-phishing campaigns sent to faculty and staff, the OIT Security team will soon be expanding this program to the student body to continue to educate as many in the community as possible about what to look for in suspicious e-mails.

Phishing is one of the most common ways that criminals use to obtain your login credentials or other personal information to wreak havoc. By learning what to expect in these messages, you can get rid of them quickly instead of getting tricked! Students can expect these anti-phishing campaign messages to be sent out starting this week.

Continue reading Anti-Phishing Campaign Expands to Student Accounts