Carnegie Mellon University Website Home Page
 
Skip navigation and jump directly to page content
Events & News
Technical Services
Policies & Practices
Regulatory Compliance
Training and Awareness
Security Tools
Report Concerns
Archive
About ISO
Contact Us

Information Security Office (ISO)

The ISO collaborates with the campus community to protect Carnegie Mellon from and to respond to threats to our electronic information resources and computing and networking infrastructure.

News & Alerts

horizontal rule

Security Alert- DON'T FALL FOR THIS SCAM - PHISHING EMAIL "IMPORTANT NOTICE!!!"
 04/27/2012

For all Andrew email account holders, a phishing email with the subject “IMPORTANT NOTICE!!!” claiming to be from "CMU Computing Services Help Center" was delivered to a large number of Carnegie Mellon email accounts today. The message alleges that the user's university email account was reported for numerous spams activities and prompts the user to confirm account ownership by responding to the email with Andrew account credentials.

Computing Services staff members will NEVER ask for your password by email, phone or any other method. Please read the entire security alert message on What You Need To Do if you received this phishing email and if you responded already at Security Alert: Don't Fall For This Scam - Phishing Email "IMPORTANT NOTICE!!!"

horizontal rule

Security Alert- Action Needed: Run Apple Security Update to Remove Flashback Malware
 04/13/2012

Over the last several days, Carnegie Mellon has seen a rise in MAC OS X computers being infected by malware called "Flashback." As a result, Computing Services is suspending infected computers from the university network. Apple has released a new update that will remove current variations of Flashback and also take additional steps to prevent future Flashback infections.

Please read the entire security alert message on how to remove Flashback infection and on What You Need To Do to protect your computer at Security Alert: Action Needed: Run Apple Security Update to Remove Flashback Malware.

horizontal rule

Action Needed-Security Alert: Mac Malware Exploits Java Vulnerabilities and Steals Passwords
 04/04/2012

Carnegie Mellon is detecting an increased number of infected computers related to new malware called "Flashback." Flashback infects MAC OS X computers by exploiting vulnerabilities in Java. FlashBack steals usernames and passwords for online payment, banking and credit card websites without user interaction.

Please read the entire security alert message on What You Need To Do to protect your computer at Security Alert: Mac Malware Exploits Java Vulnerabilities and Steals Passwords.

horizontal rule

Action Needed-Security Alert: Run Windows Update Today- Increased Risk in Microsoft Remote Desktop Protocol Vulnerability
 03/17/2012

Due to an increase in malicious activity related to the Microsoft Remote Desktop Protocol (RDP) vulnerability announced on March 13, Computing Services advises that you take certain precautions.

Please read the entire security alert message on Action Required to secure your computer at Security Alert: Run Windows Update TODAY - Risk in Microsoft Remote Desktop Protocol Vulnerability. 

horizontal rule

Security Alert: Remote Desktop Critical Vulnerability
 03/13/2012

Microsoft Windows platforms running the Remote Desktop Protocol (RDP) are susceptible to a vulnerability  which could allow an attacker to execute code on the vulnerable system without being authenticated. By default, RDP is not enabled on any Windows operating system and systems that do not have RDP enabled are not at risk. However, all Microsoft Windows users should take action.

Microsoft Windows users should run Windows Update and install the latest security updates. Please read the entire security alert message on Action Required to secure your computer at Security Advisory: Remote Desktop Critical Vulnerability.

Security Threats



Helpful Links

Related Groups