Alerts | Page 14 | Information Technology | University of Pittsburgh
!

Search form

You are here

Home

Alerts

Install New Apple Update to Address Current Vulnerabilities

Tuesday, September 14, 2021 - 09:50

 

Apple has announced security updates to address vulnerabilities that are currently being exploited. These vulnerabilities affect the following software: 

  • watchOS versions before 7.6.2
  • Safari versions before 14.1.2
    (14611.3.10.1.7 on macOS Mojave and 15611.3.10.1.7 on macOS Catalina)
  • iOS/iPadOS versions before 14.8
  • macOS Big Sur versions before 11.6
  • macOS Catalina without Security Update 2021-005

Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by following the guidance on Apple’s website.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Microsoft Announces Critical Vulnerability Affecting Office and Internet Explorer

Wednesday, September 8, 2021 - 18:15

 

Microsoft is investigating reports that some attackers are using specially crafted Microsoft Office documents to exploit a critical new security vulnerability in Microsoft Windows. An attacker who successful exploits the vulnerability could execute remote code on an affected system. Additional details are available in a special security advisory on Microsoft’s website that was released outside of its normal monthly cycle of security bulletins.

Pitt IT expects attackers will use phishing attacks to attempt to exploit this vulnerability. Please take the following steps to help protect your systems:

  • Ensure your endpoints are running the most up-to-date version of Microsoft Defender for Endpoint and that they have the latest signatures. Microsoft Defender for Endpoint detects and blocks attacks that leverage this vulnerability.
  • Ensure that Microsoft Protected View or Application Guard for Office are enabled on your endpoints. Microsoft Protected View, which is enabled by default, prevents attacks that leverage this vulnerability. If you have disabled Protected View, Pitt IT strongly recommends that you re-enable it.  

In addition, Pitt IT strongly recommends that users use caution when downloading unsolicited email attachments from both Pitt and personal email accounts, as well as carefully evaluating attachments before considering disabling the protections provided by Protected View. If you were not expecting to receive such an attachment, please confirm the validity of the email with the sender before interacting with any attachment.

This new vulnerability affects the following systems:

  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows Server 2008 R2
  • Windows RT 8.1
  • Windows 8.1
  • Windows Server 2016
  • Windows 10
  • Windows Server 2019
  • Windows Server 2022

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Bitcoin Job Opportunity Scam

Wednesday, September 1, 2021 - 09:12

 

Pitt Information Technology has identified a new email phishing scam targeting the University. This new scam advertises a fictitious Bitcoin job opportunity and asks recipients to respond to an external address using their personal email accounts only. Typically, scammers then attempt to extract money from respondents by convincing them to provide a deposit before beginning their fake employment.  

The following is a sample of the recent scam. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at http://technology.pitt.edu/security/phishing-scams.

******************************************************************************

Subject: BITCOIN JOB OPPORTUNITY 

Not familiar with BITCOIN? Then this is an opportunity for you to learn & make money. COINBASE  COMPANY ( A secure platform that makes it easy to buy, sell, and store cryptocurrency like Bitcoin, Ethereum)  seek INDIVIDUALS who can VISIT at least “one” BITCOIN ATM every week for survey.  

Weekly pay is $350. No specific time required as long as work is completed in a timely manner. 

For more information’s, Please Email Coordinator Brian at (external email address) for more information 

NOTE: Candidates should email (only) with their PERSONAL EMAIL Address for consideration. 

Sincerely,

Brian Thompson. 
Hiring Coordinator/Director of Field Operations  
external email address
Coinbase.com 

*****************************************************************************

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Payroll Message Scam Links to Malicious Website

Thursday, August 26, 2021 - 17:39

 

Pitt Information Technology has identified another email phishing scam targeting the University. This new scam claims to contain a link to an important payroll message. The link in the email actually directs users to a fake Pitt login page where they are prompted to provide their username and password. The scam originates from an external email address.

The following is a sample of the recent scam. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at https://www.technology.pitt.edu/security/phishing-scams.

If you provided your username and password after clicking the link in the scam, please reset your University password at accounts.pitt.edu as soon as possible.

******************************************************************************

Subject: Important Notification

You have 1 New Payroll Message

Click here to read

Copyright © 2021. All Rights Reserved.

******************************************************************************

Clicking the link in the email takes the reader to a fake login page like the one shown below:

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Failed Document Delivery Scam Links to Malicious OneDrive File

Thursday, August 26, 2021 - 08:13

 

Pitt Information Technology has identified an email phishing scam targeting the University that claims to contain a link to a document requiring urgent approval. The link in the email directs users to a compromised OneDrive document that attempts to capture the reader’s University username and password. The scam may appear to originate from a legitimate pitt.edu email address.

The following is a sample of the recent scam. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at https://www.technology.pitt.edu/security/phishing-scams.

If you provided your username and password after clicking the link in the scam, please reset your University password at accounts.pitt.edu as soon as possible.

******************************************************************************

Subject: URGENT APPROVAL IS REQUIRED

I tried sending you this document earlier but noticed the delivery failure, so I had to re-send

Click here to sign in with YOUR EDU MAIL to view the document for a kind and urgent consideration.

Thank You

******************************************************************************

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

University AFS-Hosted Website Addresses Updated

Thursday, August 12, 2021 - 09:41

 

The addresses of personal websites hosted on the University’s Andrew File System (AFS) recently changed from www.pitt.edu/~username to sites.pitt.edu/~username (where username is the University username of the individual hosting the website).

Attempts to access AFS-hosted websites using the previous address format are being redirected automatically to the new address. Owners of AFS-hosted websites do not need to take any action, but are encouraged to use the new address in communications going forward.

AFS is a distributed file system that provides Pitt users with a limited amount of storage space and the ability to host a small website. Some students, faculty, and staff use AFS to publish a personal website, and some instructors use it to host a website for their class.  

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions about this announcement.

August Microsoft Security Update

Tuesday, August 10, 2021 - 17:29

 

Microsoft Corporation has announced security updates for August that affect the following software: 

  • .NET Core & Visual Studio
  • ASP .NET
  • Azure
  • Azure Sphere
  • Microsoft Azure Active Directory Connect
  • Microsoft Dynamics
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Microsoft Scripting Engine
  • Microsoft Windows Codecs Library
  • Remote Desktop Client
  • Windows Bluetooth Service
  • Windows Cryptographic Services
  • Windows Defender
  • Windows Event Tracing
  • Windows Media
  • Windows MSHTML Platform
  • Windows NTLM
  • Windows Print Spooler Components
  • Windows Services for NFS ONCRPC XDR Driver
  • Windows Storage Spaces Controller
  • Windows TCP/IP
  • Windows Update
  • Windows Update Assistant
  • Windows User Profile Service

Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible. Additional information about the updates is available on Microsoft’s Security TechCenter.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Microsoft 365 Ends Support for IE 11 on August 17

Tuesday, August 10, 2021 - 11:47

 

Microsoft has announced that effective Tuesday, Aug. 17, Microsoft 365 apps and services will no longer support Internet Explorer 11 (IE 11). New features for Microsoft 365 apps and services may not function properly in IE 11 and the vendor will no longer fix IE 11 issues.

Microsoft recommends Microsoft Edge as a possible replacement for IE 11. Additional information about Microsoft’s decision is available on their support site.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Simplified Pitt Guest Wi-Fi Access Arrives Monday, Aug. 9

Wednesday, August 4, 2021 - 16:05

 

Based on positive feedback from the launch of the Anyroam Guest Wi-Fi option in March and declining use of Pitt’s legacy guest Wi-Fi system, Pitt Information Technology is upgrading its Pitt Guest Wi-Fi service to Anyroam, effective Monday, Aug. 9.

Simpler, Better Guest Wi-Fi

The enhanced Pitt Guest Wi-Fi service, now powered by Anyroam, simplifies guest Wi-Fi and provides several benefits over the previous service:

  • Does not require Pitt-affiliated sponsors to approve guests

  • Does not require guests to enter a password
  • Enables guest Wi-Fi access for up to one year instead of 30 days
  • Provides access at most Pitt campus locations and other institutions that participate in Eduroam and Anyroam

Connect In 3 Easy Steps

Guests can use the service by completing three steps after they arrive on campus:

  1. Connect to the network named “Pitt Guest Wi-Fi Setup”
  2. Complete the one-time device configuration wizard
  3. Connect to the “Eduroam” network for Wi-Fi access from this point forward

Visit Pitt IT’s website to view detailed Pitt Guest Wi-Fi instructions and compare available guest Wi-Fi options.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have questions about this announcement.

MyResNet Network Maintenance Scheduled for Friday, Aug. 6

Wednesday, August 4, 2021 - 08:27

 

Pitt Information Technology continually works closely with our vendor partner, Apogee, to optimize MyResNet performance. As part of this process, Apogee has scheduled network maintenance on Friday, Aug. 6, that will affect MyResNet service.

MyResNet will be unavailable for up to 30 minutes from 4 to 6 a.m. on Friday, Aug. 6, while maintenance is underway. The network will be returned to service earlier if work is completed ahead of schedule.  

As a reminder, we encourage you to continue to report any Wi-Fi service interruptions or performance issues to the Technology Help Desk at 412-624-HELP (4357) so that they can take steps to resolve them.