Recently in Security Notice Category

May 17, 2013

Enforced MAC ID Password Change

UTS is requiring everyone to change their MAC ID passwords by Wednesday, May 29th.   They have also announced new rules for password complexity.  Starting May 29th, UTS will begin locking accounts which have not had their passwords changed.  See the full message from UTS below.

N.B.: if you have changed your MAC ID password since February 19th, then you don't need to change it again.

Keep in mind that your MAC ID password and your departmental password (for ms, the workstations, compute servers, etc.) are not tied together: changing the one will not change the other.  The password-complexity rules for your MAC ID meet the ms requirements, so you can set your ms password to match your MAC ID password.

To change your MAC ID password:

To change the password for your departmental account:

Continue reading Enforced MAC ID Password Change.

10:30 AM

October 3, 2012

Web Interruptions Following "Team GhostShell" Attacks - Update

Most of the Math & Stats web sites blocked earlier today as a precaution in the wake of the Project WestWind attacks are back up again.

At present, only these sites are inaccessible ...

  • www.math.mcmaster.ca/talks
  • gradconference.math.mcmaster.ca
  • iidda.mcmaster.ca

Update at Friday at 11:00 am

All of the above except for iidda.mcmaster.ca were back on-line on Thursday morning.

8:05 PM

Web Interruptions Following "Team GhostShell" Attacks

As announced yesterday, the Team GhostShell attack on sites hosted on ms.mcmaster.ca were only able to access public information from a database which is used to populate web pages - i.e. only public information was exposed and modification of the data was not possible.

That said, RHPCS is reviewing security on the server and plugging the small holes that have been exposed.  We have disabled parts of www.math.mcmaster.ca and while we tighten up the exploited pages; you will find that some parts of the main web site generate "Access forbidden!" messages.

The following smaller web sites are also disabled for now and we will review them once the main site is fully operational:

  • iidda.mcmaster.ca
  • mss.mcmaster.ca
  • gradconference.math.mcmaster.ca

3:09 PM

October 2, 2012

Team GhostShell Attack on www.math.mcmaster.ca

The main Math & Stats server was one of three web servers at McMaster targetted by the Team GhostShell attack on the  world's top 100 universities.  No sensitive information was pulled from our server: only the data from the database tables used by the http://www.math.mcmaster.ca and http://www.math.mcmaster.ca/phimac web sites.  So the hackers have published email addresses, office locations and seminar abstracts for all the world to see.

We are reviewing the server in order to make sure that there are not other related vulnerabilities which could pose a real threat.


4:38 PM

February 12, 2008

Linux Kernel Vulnerability

A vulnerability in recent versions of the linux kernel was discovered on the weekend: Mandriva linux versions 2007.0, 2007.1 and 2008.0 were affected. We began applying temporary fixed on Sunday and so far have detected no compromises. We are now applying updated, fixed kernels to all affected systems.

I will be installing the latest Mandriva release on some systems where there is any suspicions of compromise. The series of updates of earlier releases (< 2006.0) which I began last month will continue.

2:24 PM

March 15, 2007

Mac Credit Union Phishing Scam

The best phishing scam I've ever seen is making the rounds at Mac. It appears to come from the McMaster Savings and Credit Union and insists - in a plausible way in almost flawless English - that:

You must enroll in "Challenge Questions" Authentication

Do I need to say that you must not and should not do any such thing?

Continue reading Mac Credit Union Phishing Scam.

10:27 AM

December 18, 2006

Sophos Vulnerability - Get Update

UTS advises that some older versions of Sophos antivirus have been found to have a vulnerability:
http://www.frsirt.com/english/advisories/2006/4919

Check to see which version you have and download any necessary updates from UTS.

5:37 PM

December 12, 2006

Microsoft Word Vulnerability

Microsoft has warned of two vulnerabilities affecting Microsoft Word in the past week. The first (announced December 5th) vulnerability affects both Windows and Mac OS X versions; the second (announced December 10th) affects only Windows versions. The Register has a nice summary.

Continue reading Microsoft Word Vulnerability.

1:47 PM

April 27, 2006

Virus Making the Rounds

Several department members have reported receiving messages from the "math.mcmaster.ca user support team" or "math.mcmaster.ca mail admin team" which ask the recipient to open an attached file. These messages contain Windows viruses.
Continue reading Virus Making the Rounds.

3:16 PM

March 1, 2006

Patch for Safari Vulnerability

The Safari vulnerability mentioned last week is addressed in the latest OS X 10.4 patch. I recommend running software update ASAP; a reboot is required.

Continue reading Patch for Safari Vulnerability.

9:27 PM

February 21, 2006

Serious Safari Vulnerability

Safari, the default browser in OS X, has been discovered to have an easily exploitable vulnerability which could result in arbitrary code being executed on a Mac.

The vulerability, which involves automatic execution of code in ZIP files, is described at Secunia.com; the same Web site also has a safe demonstration.

Continue reading Serious Safari Vulnerability.

11:07 AM

October 14, 2005

Recent Attacks and Passwords

We've seen tens of thousands of break-in attempts on servers in a number of departments. One of those attempts resulted in a research group's server (not in Math & Stats) being compromised and removed from the network by UTS when they discovered it to be the source of nasty behaviour.

The compromised system was not attacked via a security hole or subtle social engineering: the compromised account had a password simple enough for the cracking program to guess it.

Please make sure that your mathserv password is good. Good means:

  1. more than one word
  2. at least one of those words is not in the dictionary
  3. you have one or more numbers or symbols in your password
  4. your password has nothing to do with your name

Continue reading Recent Attacks and Passwords.

4:15 PM

September 30, 2005

Worm Free but not Worry Free

UTS scanned the network for Windows PCs vulnerable to Windows MS05-039 Plug & Play exploits, and once again there are dozens of potential victims and none of them are in Math and Stats. That said, chances are your Windows laptop was not checked so it might still be vulnerable. Run Windows Update to make sure that you aren't open to nasty worms of the zotob ilk.

10:37 AM

September 20, 2005

Yay Us - We're Worm Free

UTS reports that McMaster got hit by a worm earlier this week. Math & Stats is clean, I'm pleased to report.
Continue reading Yay Us - We're Worm Free.

10:39 PM

April 25, 2005

Virus/Trojan Making the Rounds

Variants of the MyDoom trojan are making the rounds again, this time with improved grammar and spelling. If you get a message alleging to be from the "mcmaster.ca" or "math.mcmaster.ca" Support Team saying that you have a virus and should open an attachment, please don't open it; the message is from neither UTS nor me and the attachment is a trojan of the sort described here.
Continue reading Virus/Trojan Making the Rounds.

3:30 PM

« Printers | Main Index | Archives | Servers »

Search

Categories

Monthly Archives

About this Archive

This page is an archive of recent entries in the Security Notice category.

Printers is the previous category.

Servers is the next category.

Find recent content on the main index or look in the archives to find all content.