Here's a great new video from the NCSA geared to 17-25 year olds.  It's fast moving, entertaining, and quick education for our students and anyone else interested.  The second video has been around for a while, and still good! 

Another chance for Jason Fosen's Windows 7 Security presentation.  The first was well received by staff who joined us on October 29 to view the webcast together in Davidson Hall. 
For any who missed it or want to hear it again, browse to the following URL:

Special Webcast: What is New For Security In Windows 7 and Server 2008-R2

IPS is experimenting with a new service. I'm producing a weekly report of threats and vulnerabilities which may be of particular interest to individuals responsible for IT producs and services at Rutgers.

Ubuntu 9.10 is out and I re-installed my desktop with it. It is a pretty big improvement and should be wonderful for netbook and laptop use. Unfortunately I had to work through some X issues like so many others are reporting.

National Cyber Security Awareness Month is over but our responsibility remains.  Technology can’t do everything.  All it takes is a visit to a hacked website, email click, or phishing exploit to pick-up malware.  Identity theft is just around the corner, but there are even bigger risks. Botnets have become a significant part of the Internet.  These groups consisting sometimes of millions of computers, remotely control their victims machines through malware for various purposes, including denial of service attacks, spam fraud, theft of application serial numbers, login IDs, and financial information such as credit card numbers. Can we handle it? Of course we can and awareness is a big part of it. Become aware of your surroundings, be careful on the Internet…don’t click that link in email, or provide your personal information unsecured; and if it looks "too good to be true”,  it probably is.  Security is our shared responsibility, so if you’re using a computer or any other mobile electronic device, Stop. Think. Secure IT!  

Many times attackers use social engineering tactics to trick victims into installing malware.  Malware is short for malicious software and includes Trojans, worms, viruses, etc. It can do any number of things to disable your computer and make life and computing frustrating.  To begin with, don’t be fooled by fake antivirus tools in pop-up windows, emails with embedded links and/or rusecuretelling you to provide confidential information (passwords, bank account numbers, etc) .  Stay away from links on social networking sites.  They’re a hotbed for the distribution of malware, often by sharing links by way of compromised accounts.  Spammers also send email looking like software upgrade advisories to trick you into installing malicious programs.  Stop. Think. Secure IT!

It’s the NPPI we have to worry about. 

 It's the end of the day and I feel that this is important enough to pass it on as a second blog.  The FDIC just released a special alert about emails appearing to be from them  and asking that you download and open a file.  The subject line reads, "personal FDIC insurance file". Delete the email, do not click on the link provided. It is believed that clicking on the hyperlinks will cause an unknown executable file to be downloaded. For further information please read the alert: https://rusecure/content/special-alert-fdic-federal-deposit-insurance-corp   

 Yesterday I received a "hot tip" from a friend in the form of an email offering a free laptop from Sony-Ericsson if I forwarded the offer to 8 people on my address list.  I'd get even a better laptop if I sent it to 20.  Too good to be true, right?  Right!  A quick visit to snopes.com answered my question and straightened out my friend.  Not only was there no laptop, but the person's name on the offer never existed.  It was a pretty picture of a nice laptop!  Urban legends, they're also in email.  Check before you send, or you might be sorry!  Stop. Think. Secure IT!

Sounds easy, but for security reasons, there’s a little more to it than just plugging the computer into the wall, or opening up your laptop.  If you’re working with wireless make sure you’re working on a secure network. Though wireless is easy and accessible, most wireless is not secure.  An insecure network can allow people in your area to use your Internet connection, access your computer, and steal information sent over the connection. Internet cafes and other wireless access points are insecure. Most wireless accommodations are open and available for anyone to drop into. Use wireless for public information transmissions only; do not maintain or store sensitive or confidential information on mobile equipment; do not use wireless to transmit confidential information (bank account numbers, passwords, personal information, [NPPI], etc.); make sure the firewall on your computer is enabled and you're using a complex password.  Stop. Think. Secure IT!