Carnegie Mellon University
—
—
—
Search
Search
Search this site only
Information Security Office
Computing Services
Request for Comment on ISO Guidance
Wednesday, September 28, 2016
Request for Comment on ISO Guidance
The Information Security Office is kicking off a 2011 refresh of several guidance documents including the Guidelines for Data Classification, Guidelines for Data Protection and the Guidelines for Data Sanitization & Disposal. We are very interested in your feedback and suggestions as we work through this refresh cycle. If you've had the opportunity to leverage this guidance in your work over the last year or you simply have thoughts on how these documents can be matured, please send feedback to the ISO mailbox at iso@andrew.cmu.edu.
Security Alert: Phishing Email: "Your [id@andrew.cmu.edu] Account is on Restriction
Tuesday, November 08, 2011
Security Alert: Phishing Email: "Your [id@andrew.cmu.edu] Account is on Restriction
The Computing Services Information Security Office (ISO) received numerous reports from Andrew users today of a phishing email with the subject, "Your [id@andrew.cmu.edu] Account is on Restriction" from a sender address of Administrator <administrator@andrew.cmu.edu>. In response, the ISO blocked the response Web address and further relaying of the phishing messages. Administrators at the originating site have been notified.
Tuesday, November 08, 2011
The ISO Celebrated National Cyber Security Awareness Month (NCSAM)
The Computing Services Information Security Office (ISO) hosted a number of events in observance of National Cyber Security Awareness Month during the month of October. Featured events included classes on using the Identity Finder software and piloting a new security awareness program that will be offered online through the Open Learning Initiative (OLI). Staff members interested in participating in the pilot should contact the Information Security Office at iso@andrew.cmu.edu for the course access code.
Security Advisory: Epsilon Breach Could Increase Spear Phishing Attacks
Friday, April 08, 2011
Security Advisory: Epsilon Breach Could Increase Spear Phishing Attacks
Epsilon, a service provider that manages email communications for many companies, reported last week that it suffered a security breach that exposed names and email addresses for some of its clients' customers. Although Epsilon has indicated that no other personally-identifiable information was put at risk, the compromised information could be used to send spam, phish, or malware-infected email. Most concerning is a type of phishing known as "spear phishing," whereby a phisher exploits a trust relationship to convince you to supply sensitive data like your login ID and password, credit card data, or banking information. Your name, email, and the name of a company that you do business with provide all the ingredients for a successful spear-phishing attack.
Security Advisory: Vendor Breach Results in Browser Updates
Thursday, March 24, 2011
Security Advisory: Vendor Breach Results in Browser Updates
Earlier this week, Comodo, a service provider of Carnegie Mellon, experienced a security breach. According to details published by Comodo, this breach was the result of a compromised username and password that a customer used to access services. As a result of Comodo detection and remediation, this breach does not impact security controls at Carnegie Mellon. While this security breach does not directly impact Carnegie Mellon, it could potentially impact services provided by Google, Microsoft Live, Mozilla, Skype and Yahoo who were all targeted in this breach.
Mid-Semester Security Tips for Faculty and Staff
Tuesday, March 22, 2011
Mid-Semester Security Tips for Faculty and Staff
The Information Security Office would like to remind faculty and staff to follow a few security practices to minimize the risk and impact of computer and account compromises. Please read further for our Mid-Semester Security Tips for information on how to protect confidential information and University computing assets.
Security Reminders for Students
Monday, March 21, 2011
Security Reminders for Students
The Information Security Office welcomes you back from spring break and reminds you of a few important safe computing tips. Please read below to learn how to protect your confidential information and computing assets.
Available now, NCSAM Presentations
Thursday, March 03, 2011
Available now, NCSAM Presentations
During National Cyber Awareness Month (NCSAM) 2010, the ISO invited a number of local experts to present on security issues impacting the university. Mobile Device Privacy is a presentation conducted by Professor Norman Sadeh from the School of Computer Science, on how to protect your privacy when using a mobile device. Another interesting presentation was "How Cyberwar Impacts the University End User" by Timothy Shimeall, a Senior Member of the Technical Staff at the Software Engineering Institute.The presentation defines cyberwar and its effect on Carnegie Mellon community members. For additional video training and presentations, please visit the ISO presentationswebpage.
Load more articles
Support Contact
Information Security Office
412-268-2044
iso@andrew.cmu.edu
Related Topics
Computing Services
Frequently Asked Questions
About
Computing Services Help Center
News
Report Concerns