Santa Clara University

Information Security Office

News and Events

 
RSS

Information Security News and Events

News, events, views, tips, and hints for keeping your personal information private.

  •  Bug in Microsoft’s Internet Explorer versions 6 - 11

    Tuesday, Apr. 29, 2014

    Internet security firm, FireEye, has identified a bug in Microsoft’s Internet Explorer versions 6 - 11 which can allow attackers to take control of computers using Microsoft’s popular web browser.  Government and industry computer security experts recommend that people use alternative browsers, like Mozilla Firefox or Google Chrome, until Microsoft releases a patch.

    While there are technical work-arounds to mitigate the problem, SCU’s Information Security Office suggests following the experts’ advice and use an alternative browser until the patch from Microsoft is made public.
     
     
  •  25 Most Popular Passwords

    Friday, Apr. 25, 2014

     

    25 Most Popular Passwords

    --If yours is on the list, it is time to change!

     

    password

    123456

    12345678

    abc123

    qwerty

    monkey

    letmein

    dragon

    111111

    baseball

    iloveyou

    trustno1

    1234567

    sunshine

    master

    123123

    welcome

    shadow

    ashley

    football

    jesus

    michael

    ninja

    mustang

    password1


     

  •  HeartBleed-Critical Internet Security Issue

    Wednesday, Apr. 9, 2014

    Immediate action required whether you use a PC, Mac, or smartphone. Researchers have discovered a critical bug in the communication protocol that is used to secure transactions on an estimated 500,000 websites. When you log into a website, your username and password are sent to that website's server. Typically your credentials are encrypted using a protocol called Secure Sockets Layer, or SSL.  One of the most commonly used implementations of SSL is called OpenSSL and it is used by approximately 66% of websites.

    Heartbleed is a bug in OpenSSL that allows attackers to decode and read text from emails, instant messages, passwords, even business documents -- anything sent to a vulnerable site's server. Heartbleed is so critical that almost every major web site and vendor service is scrambling to resolve it.

    Google has released a statement that their sites are not vulnerable.  SCU’s technical staff is working with our vendors to identify and address the issue on other SCU systems.  

    SCU's Information Security Office strongly recommends that you change your SCU Network ID and eCampus passwords right away.  

    You can change your Network ID password here: https://sso.scu.edu/gam/passwords.html.  

    We also recommend changing passwords for all sites where you conduct financial or personal business.  Be sure to use long and strong passwords and change them regularly.

     More information about Heartbleed

    http://www.cnn.com/2014/04/08/tech/web/heartbleed-openssl/

     http://www.thewire.com/technology/2014/04/what-you-need-to-know-about-heartbleed-the-new-security-bug-scaring-the-internet/360366/

     

     

Categories
Tags
Information Security Office, 1-408-554-5554, iso@scu.edu