Alerts | Page 16 | Information Technology | University of Pittsburgh
!

Search form

You are here

Home

Alerts

Phishing Alert: Work-From-Home Job Opportunity Scam

Wednesday, June 23, 2021 - 12:09

 

Pitt Information Technology has identified an email phishing scam targeting students, faculty, and staff claiming to be soliciting applications for a work-from-home job opportunity. The scam appears to originate from a legitimate pitt.edu email address and may falsely offer part-time work with UNICEF. Scammers may attempt to convince individuals who respond to share their University credentials or provide some form of monetary payment.  

The following is a sample of a recent fraudulent email. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at https://www.technology.pitt.edu/security/phishing-scams.

******************************************************************************

Subject: Work From Home Job Opportunity

To whom it may concern,

I am sharing a Job Information to students who might be interested in a Paid Unicef Part-Time Job to make up to $500 (USD) weekly

Attached is further information about the employment schedule, If interested kindly contact Dr. Susan Albrecht with your alternative email address for urgent details of employment

NOTE: THIS IS STRICTLY A WORK FROM HOME POSITION.

Regards,
Academy Career Opportunity.


******************************************************************************

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

June Microsoft Security Update

Tuesday, June 8, 2021 - 16:43

 

Microsoft Corporation has announced security updates for June that affect the following software: 

  • .NET Core & Visual Studio
  • 3D Viewer
  • Microsoft DWM Core Library
  • Microsoft Intune
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Office SharePoint
  • Microsoft Scripting Engine
  • Microsoft Windows Codecs Library
  • Paint 3D
  • Role: Hyper-V
  • Visual Studio Code - Kubernetes Tools
  • Windows Bind Filter Driver
  • Windows Common Log File System Driver
  • Windows Cryptographic Services
  • Windows DCOM Server
  • Windows Defender
  • Windows Drivers
  • Windows Event Logging Service
  • Windows Filter Manager
  • Windows HTML Platform
  • Windows Installer
  • Windows Kerberos
  • Windows Kernel
  • Windows Kernel-Mode Drivers
  • Windows Network File System
  • Windows NTFS
  • Windows NTLM
  • Windows Print Spooler Components
  • Windows Remote Desktop
  • Windows TCP/IP

Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible. Additional information about the updates is available on Microsoft’s Security TechCenter.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

New Requirements for Accessing Web-Based Services Begin July 1

Wednesday, June 30, 2021 - 14:00

 

Please be aware that beginning on Thursday, July 1, the University will require the use of more recent browser versions to access all web-based University services. This change is necessary to reduce vulnerabilities to attack through outdated web browsers that do not support modern encryption.

Most current versions of web browsers already support required security protocols. However, anyone using an older browser may need to update it or manually enable versions 1.2 or 1.3 of Transport Layer Security (TLS) protocols.

Visit SSL Client Test to determine the encryption level for each browser you use:                                                  

  • No action is needed if the Protocol Support section indicates “Your user agent has good protocol support.”
  • If the Protocol Support section does not indicate “good protocol support,” follow these steps to update your browser or enable the security protocols.

Keep in mind that using the most up-to-date version of a web browser provides several important benefits:

  • Protects the user’s device by ensuring they are using the strongest encryption protocols
  • Protects the University by eliminating the use of outdated security protocols that are more vulnerable to attackers
  • Ensures University researchers remain compliant with NIH funding requirements
  • Prepares the University community for plans announced by Apple, Google, Microsoft, and Mozilla to end support for the older protocols

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Action Required: Replace Symantec Endpoint Protection on Your Devices Before June 14

Tuesday, June 1, 2021 - 16:20

 

As we communicated last year, the University replaced Symantec Endpoint Protection with Microsoft Defender ATP as its enterprise antivirus solution last year.

If you are still using Symantec Endpoint Protection, please upgrade to Microsoft Defender for Endpoint (formerly known as Defender ATP) on University-owned devices or an alternative antivirus solution on personal devices. Doing so ensures your devices remain protected against the latest security threats and ensures the University remains compliant with its licensing agreements. 

Symantec stopped providing virus definitions and security updates after the University’s license expired on June 13, 2020, except for a small number of devices that received a limited, one-year license extension. The limited extension of the University’s Symantec license expires on Monday, June 14, 2021. All devices still running a University-licensed version of Symantec will stop receiving virus definitions and security updates after this date, rendering them vulnerable to security threats.

Please contact the Technology Help Desk if you have questions or need assistance transitioning your device to Defender for Endpoint.

Early Morning Phone Outage on June 7; Pitt Police Number Remains Active

Tuesday, June 1, 2021 - 08:56

 

Pitt Information Technology will perform telephone network maintenance from 4 to 7 a.m. on Monday, June 7. Most phones on the Pittsburgh campus will be able to place calls but unable to receive them during the maintenance window. A smaller number of phones and some emergency phone stations will be unable to make or receive calls while maintenance is underway. University units who use Pitt IT’s automated call distribution (ACD) service to manage support center calls will not be able to receive calls during the maintenance window.

The University of Pittsburgh Police Department will continue to receive calls at 412-624-2121 from any active phone and the University’s Emergency Notification Service will also remain operational. In addition, Pittsburgh campus numbers that have been moved to Microsoft Teams and all regional campus telephones will be unaffected. Calls to the Technology Help Desk will also remain available.

This maintenance is necessary to permanently resolve an issue that interrupted phone service at the Pittsburgh campus on Thursday, May 13. Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Apple Security Updates Address New Vulnerabilities

Tuesday, May 25, 2021 - 15:35

 

Apple has announced security updates to address vulnerabilities affecting the following software: 

  • Safari prior to version 14.1.1
  • iOS prior to version 14.6
  • iPadOS prior to version 14.6
  • watchOS prior to version 7.5
  • tvOS prior to version 7.5
  • macOS Big Sur prior to version 11.4
  • macOS Catalina prior to security update 2021-003
  • macOS Mojave prior to security update 2021-004

Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by following the guidance on Apple’s website.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

May Microsoft Security Update

Tuesday, May 11, 2021 - 14:52

 

Microsoft Corporation has announced security updates for May that affect the following software: 

  • .NET Core & Visual Studio
  • HTTP.sys
  • Internet Explorer
  • Microsoft Accessibility Insights for Web
  • Microsoft Bluetooth Driver
  • Microsoft Dynamics Finance & Operations
  • Microsoft Exchange Server
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Office Access
  • Microsoft Office Excel
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Microsoft Windows Codecs Library
  • Microsoft Windows IrDA
  • Open Source Software
  • Role: Hyper-V
  • Skype for Business and Microsoft Lync
  • Visual Studio
  • Visual Studio Code
  • Windows Container Isolation FS Filter Driver
  • Windows Container Manager Service
  • Windows Cryptographic Services
  • Windows CSC Service
  • Windows Desktop Bridge
  • Windows OLE
  • Windows Projected File System FS Filter
  • Windows RDP Client
  • Windows SMB
  • Windows SSDP Service
  • Windows WalletService
  • Windows Wireless Networking

Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible. Additional information about the updates is available on Microsoft’s Security TechCenter.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement

Brief Johnstown Campus Phone Service Interruption on May 18, 19

Tuesday, May 11, 2021 - 08:42

 

Incoming phone calls to University of Pittsburgh at Johnstown telephones may be briefly interrupted beginning at 9 a.m. on Tuesday, May 18, as campus telephones are transitioned to a new service provider. In addition, the main Johnstown campus phone number, 814-269-7000, will be briefly unavailable beginning at 9 a.m. on Wednesday, May 19, while it is transitioned.     

Incoming calls to Johnstown campus phones may not connect if the call is placed while the phone number is being moved to the new service provider. Individual phone numbers may be unavailable for up to 15 minutes during the transition. Outgoing calls placed from Johnstown campus phones will not be affected.

Full phone service should resume both days by 11:30 a.m. If you experience issues receiving calls after that time, please report them to the Technology Help Desk and, when possible, include the phone number of the person who was trying to reach you and the time that they called.

Brief Bradford Campus Phone Service Interruption on May 12

Wednesday, May 5, 2021 - 17:00

 

Incoming phone calls to University of Pittsburgh at Bradford telephones may be briefly interrupted beginning at 9 a.m. on Wednesday, May 12, as campus telephones are transitioned to a new service provider. 
 
Incoming calls to Bradford campus phones may not connect if the call is placed while the phone number is being moved to the new service provider. Individual phone numbers may be unavailable for up to 15 minutes during the transition. Outgoing calls placed from Bradford campus phones will not be affected. 
 
Full phone service should resume by 11:30 a.m. If you experience issues receiving calls after that time, please report them to the Technology Help Desk and, when possible, include the phone number of the person who was trying to reach you and the time that they called. 

 

ParkMobile Data Breach Affects Some Mobile Parking App Users

Wednesday, April 14, 2021 - 16:15

 

Pitt Information Technology has received reports of a data breach that occurred at ParkMobile in March 2021. ParkMobile makes the popular mobile parking app of the same name and provides metering and parking app services to the City of Pittsburgh. Some University of Pittsburgh garages may accept payments through ParkMobile, if you pay through the application.

What Data Was Affected?

ParkMobile indicates that basic user information was taken, including license plate numbers and, if provided by the user, email addresses, phone numbers, and vehicle nicknames. Encrypted passwords were taken but not the encryption keys necessary to read the passwords, meaning that significant resources would be needed to break the password encryption.

ParkMobile indicates that no credit cards or parking transaction history were accessed, and they do not collect Social Security numbers, driver’s license numbers, or dates of birth.

What Do I Need to Do?

If you have an account with ParkMobile, out of an abundance of caution, Pitt IT recommends you change that password as soon as possible.

While the data exposed in the alleged breach did not come from University systems, sometimes individuals reuse the same passwords on multiple websites. If you use the same or a similar password at Pitt or other websites, you should also change those passwords. Also, because of the nature of other data taken, be vigilant for an increase in phishing scams or other scams related to this data.

In addition, utilize the following good password practices to minimize your susceptibility to data breaches:

  • Use a password manager to simplify the management of your various passwords. Pitt Password Manager (LastPass) is available at no cost to all students, faculty, and staff. You can use it to create strong, unique passwords for all your online services.
  • Do not reuse passwords across different websites. Scammers try variations of known passwords, so it is important to make sure your passwords are not similar to each other.  
  • Use strong, complex passwords that include symbols, numbers, and uppercase and lowercase letters.
  • Change your passwords frequently.
  • Use multifactor authentication on websites that allow it.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.