Information Security Office (ISO)

ISO Releases its 2014 - Security 101 Training Course
03/31/2014

The 2014 - Security 101 training course was developed by Carnegie Mellon's Information Security Office (ISO) to raise awareness about Carnegie Mellon's information security policies and guidelines, data classification, roles and responsibilities, information security risks, and techniques for safeguarding institutional data and information systems.

For instruction on how you can access the 2014 - Security 101 course, please visit Security 101 Training and Awareness Program.

Security Advisory: Upgrade Now - Windows XP Support Ends April 8
03/20/2014

Microsoft plans to end support for Windows XP on April 8, 2014.  There have been a number of advisories from various sources indicating that shortly after the end of support, a rash of malware and exploits will be released targeting the XP operating system. Accordingly, the Information Security Office (ISO) will begin scanning for XP computers on campus or connected to campus services on Thursday, March 20, 2014.

For information on the security advisory and on What You Need to Do, please read the entire security advisory message on Upgrade Now - Windows XP Support Ends April 8. 

Security Alert: Hewlett Packard (HP) Phone Scam
03/18/2014

Several university staff members reported receiving phone calls where individuals asked for their "HP number". When questioned, the caller typically hangs up. While "HP number" is unclear, it is possible that they are looking for the printers IP address, which might provide the scammer with remote access to the printer.

For information on the security alert and on What You Need to Do, please read the entire security alert message on Hewlett Packard (HP) Phone Scam.

Lessons from Recent Security Breaches
02/25/2014

Several recent high profile vulnerabilities and security breaches serve as reminders of the importance of reporting concerns, staying up to date with security patches, remaining vigilant to scams, and other good security practices, both on campus and at home.

To access the announcement with detailed information and resources, visit Lessons from Recent Security Breaches.

Security Advisory: CryptoLocker Malware Restricts Access to Computer Files
11/14/2013

Malware known as CryptoLocker" is affecting Windows computers across the Internet and here on campus. Cryptolocker encrypts the infected computer’s documents so that they are no longer usable and then displays a webpage demanding payment to restore them. It can encrypt files located on shared network drives, USBs, external hard drives and even cloud storage drives.

For information on the security advisory and on What You Need to Do, please read the entire security advisory message on CryptoLocker Malware Restricts Access to Computer Files.

Focusing on Mobile Device Security during 2013 NCSAM
10/04/2013

In observance of 2013 National Cybersecurity Awareness Month, the Information Security Office (ISO) held a Mobile Device Security event on October 3rd, 2013 at the UC Rangos from 11:00 a.m. to 5:00 p.m. At the event, mobile carriers, vendors, researchers, the ISO and other University entities exhibited their mobile devices and demonstrated security and privacy configurations, answered questions, provided training material, discussed research reports, and shared security solutions.

Information on the event, participating entities, prizes and more is available at Focusing on Mobile Device Security during 2013 National Cybersecurity Awareness Month (NCSAM) .