Recently in Security Notice Category
May 17, 2013
- ssh to ms and enter the command passwd
- for detailed instructions, see
October 3, 2012
October 2, 2012
February 12, 2008
A vulnerability in recent versions of the linux kernel was discovered on the weekend: Mandriva linux versions 2007.0, 2007.1 and 2008.0 were affected. We began applying temporary fixed on Sunday and so far have detected no compromises. We are now applying updated, fixed kernels to all affected systems.
I will be installing the latest Mandriva release on some systems where there is any suspicions of compromise. The series of updates of earlier releases (< 2006.0) which I began last month will continue.
March 15, 2007
The best phishing scam I've ever seen is making the rounds at Mac. It appears to come from the McMaster Savings and Credit Union and insists - in a plausible way in almost flawless English - that:
You must enroll in "Challenge Questions" Authentication
Do I need to say that you must not and should not do any such thing?
December 18, 2006
UTS advises that some older versions of Sophos antivirus have been found to have a vulnerability:
Check to see which version you have and download any necessary updates from UTS.
December 12, 2006
April 27, 2006
March 1, 2006
The Safari vulnerability mentioned last week is addressed in the latest OS X 10.4 patch. I recommend running software update ASAP; a reboot is required.
February 21, 2006
Safari, the default browser in OS X, has been discovered to have an easily exploitable vulnerability which could result in arbitrary code being executed on a Mac.
October 14, 2005
We've seen tens of thousands of break-in attempts on servers in a number of departments. One of those attempts resulted in a research group's server (not in Math & Stats) being compromised and removed from the network by UTS when they discovered it to be the source of nasty behaviour.
The compromised system was not attacked via a security hole or subtle social engineering: the compromised account had a password simple enough for the cracking program to guess it.
Please make sure that your mathserv password is good. Good means:
- more than one word
- at least one of those words is not in the dictionary
- you have one or more numbers or symbols in your password
- your password has nothing to do with your name
September 30, 2005
UTS scanned the network for Windows PCs vulnerable to Windows MS05-039 Plug & Play exploits, and once again there are dozens of potential victims and none of them are in Math and Stats. That said, chances are your Windows laptop was not checked so it might still be vulnerable. Run Windows Update to make sure that you aren't open to nasty worms of the zotob ilk.