|Security Alerts||Security News and Updates|
The mission of Valdosta State University’s Information Security Services is:
- Ensuring the ability of Valdosta State University to grow and fulfill its mission in the face of an ever changing risk environment.
- Aiding the University in advancing a technologically sound education medium.
- Maintaining the role of an active and responsible participator in the Internet world.
- Ensuring the integrity of the University’s technology based teaching medium
The Information Security Department strives towards these goals by implementing, measuring and continuing to promote user awareness in the field of information security. The purposes of these goals are to strengthen the resilience of the University by limiting the effect of security related exposures through creating and maintaining policies and procedures to ensure business continuity. Developing and nourishing plans and methods for becoming both proactive and effectively reactive to threats that endanger the strategic plans of the University and the University system is ultimately the purpose for such endeavors.
Faculty and staff wishing to establish network connections originating from off campus (e.g., remote desktop) must complete and return the request form titled Request for Remote Desktop prior to being approved for your connection. For information on what to do after completing the form or for troubleshooting, please click here.
For a complete list of the top 10 for the above listed categories, click here.
Another "social engineering" malware scam was detected on October 14, 2009. The threat was discovered by Websense. This particular malicious threat affects users through an email that appears to be sent from the user's own domain. In our case, if a user were to receive the message, the sender might appear to be something like "email@example.com". If the message were received through another email host such as Gmail or Yahoo, the proper domain would be relected. Please note that we do not have a "techsupport" email account. Also note that we would never email you a message asking you to download something.
The message itself is deceiving in that it appears to come from the tech support department of the particular domain. It encourages the user to browse to a website in order to apply some new settings that it has supposedly set for Microsoft Outlook Web Access (OWA). Once the user browses to the site using the link provided in the email, the user is directed to a webpage that continues to appear legitimate. After browsing to the page, the user is encouraged to download and install what ultimately is a malicious file.
Information Security has created a more specific form that should now be used when users want to request Remote Desktop access. For information on Remote Desktop, click here or download the form here if you already understand the process.
On June 8, 2009, some users received emails from Amazon, Hallmark, Hi5, and/or Twitter. These emails included the following attachments: Shipping Documents.zip (Amazon), Postcard.zip (Hallmark), Invitation Card.zip (Hi5 and Twitter). The emails were very convincing to some users because they were likely expecting emails from these senders. Once the user opened the attachment, he or she became infected with a Trojan which then used the user's contact list to send out the infected message to more users. Users should be cautious of any message with an attachment. Companies, vendors, and social networking sites will almost never attach a file to their email correspondence. The presence of an attachment to an email (especially from someone or some company you're not expecting an email from) should always raise a red flag to the user. Emails like this should almost always be deleted immediately unless you're absolutely certain that the email you've received is legitimate and should have an attachment. For further precautions, you may choose to save the attachment then have your antivirus software scan the attachment to ensure that it is not infected.
When this issue was discovered, we immediately began remediation steps to prevent the spread of the virus and to disinfect those machines that became infected.
The Federal Trade Commission has made the 2008 Consumer Complaint data available. Georgia ranks 7th nationwide of states that have reported identity theft according to the FTC. More facts regarding their findings can be found here.
Some users on campus may have received emails that appeared to be sent by Ikea, Hallmark, and Coca Cola claiming to contain job applications or greeting cards. In actuality, these emails were not legitimate. These messages contain compressed files (.zip) which include an executable file that, when executed, adds registry values, programs, and attempts to propagate through SMTP. This virus is known as I-Worm/Generic.CTC, Worm/Generic.CSY, Vundo.DY, and Worm_Swarley.A. These are all variants of the same virus that is commonly known as the Downadup worm which has become very prevalent this month.
If your computer was identified as a computer that was infected, Information Security has blocked your computer from accessing the Internet. While your computer is blocked, you will still be able to access on-campus network resources. Once your computer is disinfected, we will remove the block.
If you believe you may be infected and have not heard anything from Information Technology, please contact the helpdesk at 245-HELP (4357) to report your infection.
For everyone else, if you receive any emails from the above-mentioned companies that you are not expecting, please delete the messages. One should be suspicious of any email that contains an attachment from not only unknown senders, but from senders you know, but are not expecting an attachment from. When in doubt, ask the sender about the attachment and/or scan the attachment for viruses.