Advisories

Apple Security Update Needed - April 6, 2012

The Apple Mac operating system has started to face an increasing number of malware threats known as "Trojan Horse" attacks. This typically occurs when a user downloads software from an untrustworthy website or clicks into email links from an unknown email address. Files are then downloaded to a user's computer that exploit software security holes. The attacker can then carry out unauthorized actions on the computer.

Of current concern is an attack known as the "Flashback" Trojan. This attack uses a security hole in Apple's Java code and is reported to have infected more than 600,000 computers world wide as of today.

Apple has just released a security update for this issue, Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7. This update is available via the software update on your Apple computer. Click on the Apple icon in the top left corner of your screen and select "Software Update..." to initiate the update without waiting for the scheduled check.

All Lehman Mac users are requested to immediately apply this update. Please also make sure Office and your anti-virus software are both up-to-date.

For more information, see http://www.zdnet.com/blog/bott/new-mac-malware-epidemic-exploits-weaknesses-in-apple-ecosystem/4726

Apple Phishing Attack Advisory May 23, 2011 update

Apple has released a security update that addresses the Mac Defender malware phishing attack, which has impacted an estimated 60,000 to 125,000 Mac users.

According to an Apple post, security update 2011-003 will locate and remove known variants of Mac Defender installed on a user's computer.

This security update will also perform daily searches for new versions of the malware to prevent new iterations from spreading unchecked through the Mac community. If you happened to have installed Mac Defender, this update should resolve the issue.

The malware creates links that appear at the top of search results in Google and other search engines. Clicking the link brings up a false browser screen that tells the user a virus has been detected. JavaScript code then automatically downloads a zipped installer for the MAC Defender malware.

Newer versions of the malware claim to be updaters of Microsoft Office and other software. The user is then invited to download the file. Installation requires the user to enter their administrative password.

Once installed, the malware launches numerous sites to convince the user that the computer is infected with a virus. It then launches a screen requesting credit card information so the user can buy the false anti-virus solution.

There are a number of practices to protect Apple computers from malware:

  • Never download software from a website that you didn't go to intentionally.
  • Do not enable the Open 'safe' files after downloading option in Safari, or other browsers.
  • Do not enter your administrative password if requested, unless you are installing software that you have planned to install.
  • Always install Apple security updates. The only safe updaters are those that run from inside application you are updating, or directly from Apple's Software Update.
  • There are several new phishing emails appearing to come from coming from Apple-related email addresses describing a new iPhone or taking you to what appears to be an Apple Store link. Avoid clicking on links that come from unsolicited email and delete the message.
  • Keep your anti-virus software up to date there are many no-cost versions available. On a college owned computer, ITR will supply the anti-virus at no cost. One copy of Symantec AV is available for a personally owned computer from the CUNY eMall at no cost.
  • Make sure you turn on the firewall in the System Preferences/Security tab.

If you have questions or need assistance in adjusting your settings, please contact your divisional technical coordinator or helpdesk@lehman.cuny.edu

Recent Compromises of Customer Data Can Lead to Spam and Phishing Attempts - April 7, 2011

The New York State Office of Cyber Security has issued an advisory concerning Epsilon, an e-mail marketing services provider, that has experienced a compromise which exposed the customer data of several high profile companies. Epsilon houses names and e-mail addresses for millions of customers on behalf of more than 2,500 companies, including drugstore chain Walgreen's, electronics chain Best Buy, communications provider Verizon, a number of financial services companies including Capital One, Citibank group, JP Morgan Chase, Barclaycard, hotel chain Marriott, bookseller AbeBooks, sports apparel dealer Lacoste and retail supermarket chain Kroger. A more complete list of impacted companies can be found at: http://www.bankinfosecurity.com/articles.php?art_id=3505.

Epsilon reports that customer names and e-mail addresses may have been exposed but indicates that no sensitive personal data was compromised.

This exposure of customer data may lead to a possible wave of spam messages and phishing attacks. In the months ahead, it is expected that spammers and cyber criminals will exploit the trusted relationships customers may have with companies that use Epsilon for their e-mail marketing needs. Potentially affected companies are urging users to be wary of incoming e-mails that ask for account updates, as it could be a phishing scam.

If you conduct business with any of these firms and have provided them with your e-mail address, you should have received information regarding this breach. Please note that any correspondence with affected companies should not ask the customer to confirm or provide any information.

This loss of data is likely to result in targeted spam and phishing attacks in the customers' account. It is important to understand how to recognize a phishing attempt and what you can do to protect yourself and the College:

What Can I Do:

  • Be cautious about all communications you receive including those received from "trusted entities".
  • Do not respond to unsolicited (spam) e-mails, including clicking links or opening attachments contained within those messages.
  • If it appears to be a phishing communication, do not respond. Delete it. You can also forward the email to the Federal Trade Commission at spam@uce.gov.
  • Do not respond to an e-mail requesting personal information and do not enter personal information in a pop-up screen. Legitimate companies, agencies, and organizations don't ask for personal information via e-mail or on pop-up screens. Providing such information may compromise your identity and make you vulnerable to identity theft.
  • Do not respond to e-mails threatening to close your account if you do not take the immediate action of providing personal information.
  • Install a phishing filter on your home e-mail application as well as on your web browser.The College has these filters in-place. The filters will not keep out all phishing messages, but will reduce the numbers of phishing attempts.

What is https://? - [March 11, 2011]

When you use your wireless device to log-in to the Lehman College wireless network, have you noticed that your browser says https://?

Hyper Text Transfer Protocol Secure, or https://, is a secure communications protocol that is often used for e-commerce and online banking. Many web browsers will display a padlock or other icon to indicate that the website is secure.

When a Lehman user connects to the campus wireless network, communication between the user's device and Lehman's wireless gateway are encrypted using a VeriSign Secure Socket Layer (SSL) digital certificate. Encryption is a mechanism that reduces the possibility of identity theft, eavesdropping and tampering with transmitted data. Because wireless devices need to first establish a secure connection with sites using SSL, there may be a slightly slower response time. Also, keep in mind that when visiting other sites, you are exiting the encrypted mode if the destination link is does not say https://.

It is becoming increasingly common for popular websites to default to (or enable users to opt for) more secure protocols, using https://. Doing so helps prevent against identity theft in Wi-Fi hotspots such as coffee shops and bookstores.

For example, in January 2011, Facebook introduced the option to encrypt Facebook sessions – we encourage that you utilize this option. Hotmail has a similar option and Google now encrypts Gmail at all times, not just during sign-on.

This is just a small sample of how more and more organizations, including Lehman, are working to create a more secure communications experience for their community.

2011 Cyber Advisories

The NY State Cyber security alerts website Click here

About Junk Email Settings - October 1, 2010

Many desktop email programs, including Microsoft Outlook, have a built-in junk mail filter intended to separate junk e-mail (also called spam) from legitimate messages. Typically, such email is marked as junk and moved from your Inbox to a dedicated Junk E-Mail folder. By default, Outlook sets the level of junk e-mail protection to "low." However, many in the Lehman community are observing that this setting mistakenly identifies some legitimate email as junk. Other desktop email programs such as Eudora may behave in a similar fashion.

Lehman College uses a well-regarded tool to scan email for viruses and spam. As such, you can safely turn off the junk email settings on your desktop mail program. If you choose to continue to filter for junk email, please regularly check the contents of your junk folder in order to recover legitimate email.

To view and change the level of junk e-mail protection in Outlook 2007:

1) Select "Options" in the Tools menu.

2) In the "Preferences" tab, click the Junk E-mail button.

3) In the Junk email preferences tab, select "No automatic filtering", then click OK (see image below).

4) While reviewing your junk settings, you may want to scan the "Blocked Senders" tab to be sure legitimate email addresses are not listed.

If you have questions or need assistance in adjusting your settings, please contact your departmental or divisional technical coordinator or helpdesk@lehman.cuny.edu






Last modified: Apr 9, 2012

IT Systems Status

9/2/2014: A New SPAM E-mail is being sent to the Lehman Community. The Mail states that "Your Account has been SUSPENDED" PLEASE DELETE THE MAIL. Do Not Click on the Link in the body of the Message.

Systems Status Explained

  • ITR Work Order
  • In Your Class
  • Student Resources
  • Campus Map
  • CUNY Portal
  • Gartner
  • Textbook Savings