Alerts | Page 6 | Information Technology | University of Pittsburgh
!

Search form

You are here

Home

Alerts

Phishing Alert: Email Deactivation and Fake Job Opportunity Scams

Wednesday, December 21, 2022 - 19:47

 

Pitt Information Technology is aware of two new phishing scams targeting the University of Pittsburgh community.

Email Deactivation Scam

The first scam, which appears to originate from a pitt.edu address, claims that a recipient’s Pitt Email accounts will be deactivated unless they log in with their Pitt credentials to reactivate it. The Subject of the message is typically “Email Update.” Below is a sample of the scam:

******************************************************************************

Subject: Email Update

Dear User,

Your PITT.Edu Email account will be Deactivated shortly for security reasons. CLICK HERE [link removed] and log in to reactivate your PITT portal.

Thank you,

PITT.EDU IT-Helpdesk

******************************************************************************

Clicking on the link in the email opens a malicious webpage that encourages recipients to log in with their Pitt credentials. 

Job Opportunity Scam

The second scam also appears to originate from a pitt.edu address and advertises a fictitious job as an administrative assistant. The message may use a variety of Subjects and contains PDF attachment that asks recipients to provide personal contact information for follow-up, including date of birth, cell phone number, and address. Below is a sample of the scam:

******************************************************************************

Subject: Paid Part-Time Job

To whom it may concern

I am sharing a Job Vacancy to students who might be interested in Administrative Assistant Job to make up to $500 or more weekly. If interested Kindly reply or find attached for urgent details of employment.

 

Position: Personal Assistant
Type: Part-Time Job
Pay:$800weekly
Hours: Average of 11hrs weekly

This position will be home-based and it's a flexible part time job, you can be working from home, School, or any location

******************************************************************************

Reporting Scams

If you received these messages (or any message similar to them), please report them as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at http://technology.pitt.edu/phishingscams.

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

New Online Form Replacing PDF for Employee Mart Access Requests

Tuesday, December 20, 2022 - 15:40

 

The current PDF form for requesting Employee Mart Access will be replaced with an online form to the secure Federated Authorization Community after business hours on Wednesday, Dec. 21. Employee Mart is the single-source location for accessing secure records, details, and HR Analytics Dashboards related to University employees. Improvements include:

  • A single, self-service experience to complete requests online
  • Improved workflow to reduce the time it takes to process requests
    Note: For additional details, see the FAQs on the Federated Authorization Community page.
  • Browser- and mobile-device friendly accessibility
  • Email notifications and regular reminder messages sent to approvers when they have something to review
  • Status notifications when request(s) are finalized

Please take note of the following:

  • New access requests require use of the Employee Mart online form beginning Dec. 22.
  • Access requests already submitted using this PDF form will be processed.
  • Effective Dec. 22, bookmarks in browsers pointing to the PDF form should change to https://technology.pitt.edu/fedauth
  • Current Federated Authorization Community users may need to refresh their browser session to see the Employee Mart Access Requests.
  • For first-time users, approval information is available on the Federated Authorization Community page.

Employee Mart Access Requests will be transitioned to a new group. Responsibility Center Authorized Approvers will handle all Employee Mart Access Requests. Individuals who want to submit Employee Mart Access Requests should contact their RC Authorized Approver(s).

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

Apple Security Updates Address New Vulnerabilities

Wednesday, December 14, 2022 - 13:05

 

Apple has announced security updates to address new security vulnerabilities affecting the software listed below. Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by following the guidance on Apple’s website.

Please note that these updates include security patches for a zero-day vulnerability that is being actively exploited and could result in the execution of malicious code.

Affected Software 

  • iCloud for Windows versions prior to 14.1
  • Safari versions prior to 16.2
  • iOS versions prior to 15.7.2, for iPadOS 15.7.2, iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
  • iOS versions prior to 16.2, for iPadOS 16.2, for iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later
  • macOS Big Sur versions prior to 11.7.2
  • macOS Monterey versions prior to 12.6.2
  • macOS Ventura versions prior to 13.1
  • tvOS versions prior to 16.2
  • watchOS versions prior to 9.2

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at +1-412-624-HELP (4357) if you have any questions regarding this announcement.

December Microsoft Security Update

Tuesday, December 13, 2022 - 15:22

Microsoft Corporation has announced security updates for December that affect the following software: 

  • .NET Framework
  • Azure
  • Client Server Run-time Subsystem (CSRSS)
  • Microsoft Bluetooth Driver
  • Microsoft Dynamics
  • Microsoft Edge (Chromium-based)
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Office OneNote
  • Microsoft Office Outlook
  • Microsoft Office SharePoint
  • Microsoft Office Visio
  • Microsoft Windows Codecs Library
  • Role: Windows Hyper-V
  • SysInternals
  • Windows Certificates
  • Windows Contacts
  • Windows DirectX
  • Windows Error Reporting
  • Windows Fax Compose Form
  • Windows HTTP Print Provider
  • Windows Kernel
  • Windows PowerShell
  • Windows Print Spooler Components
  • Windows Projected File System
  • Windows Secure Socket Tunneling Protocol (SSTP)
  • Windows SmartScreen
  • Windows Subsystem for Linux
  • Windows Terminal

Pitt Information Technology recommends that users immediately identify and install the security updates necessary to remediate these vulnerabilities by using Microsoft's Windows Update feature on their computers as soon as possible. Additional information about the updates is available on Microsoft’s Security TechCenter.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP (4357) if you have any questions regarding this announcement.

LastPass Announces Security Incident; Vault Data and Passwords Remain Secure

Thursday, December 1, 2022 - 12:03

 

LastPass, the provider for the University’s Password Manager service, is investigating a security incident involving a cloud storage service that is used by LastPass and its affiliate, GoTo.

If you use Password Manager (LastPass), please be assured that your passwords remain safely encrypted and all data stored in your LastPass vault remains secure. Although LastPass indicates that customers do not need to take any action in response to this incident, Pitt Information Technology is reaching out directly to Pitt users with a LastPass Business account in case they would like to change their LastPass master passphrase out of an abundance of caution.

LastPass is working to understand the scope of the incident and identify what specific customer information has been accessed. Details about the incident, as well as additional updates, will be posted to the LastPass website.

In the meantime, Pitt IT encourages LastPass users to keep in mind these security tips:

  • Make sure your LastPass master password is strong, unique, and sufficiently random.
    Learn how to create strong passwords …
  • If you have a personal LastPass account, enable multifactor authentication (MFA) protection. MFA will protect your LastPass account in the event the password becomes compromised. If you have a LastPass Business (formerly LastPass Enterprise) account, it is already protected by the University’s Multifactor Authentication Service (Duo).
    Learn how to enable MFA in LastPass …     

Please contact the Technology Help Desk at +1-412-624-HELP (4357) if you have any questions regarding this announcement.

Evening Network Outages Affect Some Buildings During Nov. 21, 22, and 23 Maintenance

Friday, November 18, 2022 - 16:03

 

Pitt Information Technology is conducting network maintenance in buildings across multiple campuses.

During the maintenance periods listed below, PittNet Wired and Wi-Fi network access will be intermittently unavailable in affected locations for up to 45 minutes between 9 and 11 p.m.

  • Nov. 21: Cathedral of Learning (floor 7)
  • Nov. 21: 5051 Centre Avenue (The Assembly, all floors)
  • Nov. 22: Salk Hall (all floors)
  • Nov. 22: Bradford Campus (maintenance from 5 to 5:30 a.m.)
  • Nov. 22: Titusville Campus (maintenance from 5 to 5:30 a.m.)
  • Nov. 23: Loeffler Building (basement)
  • Nov. 23: Olympic Sports (basement)
  • Nov. 23: Petersen Event Center (basement)

You can subscribe to receive maintenance announcements and reminders on our IT Service Status dashboard (status.pitt.edu):

  1. Visit status.pitt.edu and click the Subscribe to Updates button in the upper right-hand corner of the page.
  2. Enter your email address and click Subscribe via Email. (You can also click the phone icon if you prefer to subscribe via text message.)
  3. Select all the services to which you want to subscribe (be sure to check PittNet Wired Network and PittNet Wi-Fi), then click Save.

Please contact the Technology Help Desk at +1-412-624-HELP (4357) if you have any questions about this announcement

PRISM Unavailable During Extended Upgrade Dec. 8-12

Wednesday, November 16, 2022 - 13:56

 

PRISM, the University of Pittsburgh’s enterprise financial system, will be unavailable during an upgrade scheduled from 5 p.m. on Thursday, Dec. 8, through noon on Monday, Dec. 12. This effort is a collaboration between Pitt Information Technology and the Office of the CFO to deliver an upgraded, vendor-hosted version of the Oracle E-Business Suite that PRISM is built on for improved operational efficiency.

Though there are slight changes to the PRISM interface, most users will not notice any changes to their experience. If you are a PRISM user or support PRISM users in your department, please take note of the following:

  • Be certain to complete all transactions (including printing) and exit the system before 5 p.m. on Dec. 8. Any transactions that are not completed will be terminated without notice when the system goes offline.
  • Effective Dec. 12, bookmarks in browsers should be changed to https://prism.pitt.edu.
  • Users can also access PRISM from myPitt.

As part of this upgrade, the legacy “DI-Prod” server used for data integrations with PRISM will be decommissioned and replaced with PittSFTP. Pitt IT will be communicating directly with identified users needing assistance migrating to PittSFTP.

Note: Oracle Analytics Cloud (OAC) data used for the Financial Data Warehouse, Planning & Budgeting Cloud Solution (PBCS), and Profitability & Cost Management (PCM) tools will not be updated during this downtime. Therefore, users should wait until the upgrade is complete to access the most current data.

Please contact the Technology Help Desk at +1-412-624-HELP (4357) if you have any questions regarding this announcement.

Student Information System Unavailable During Maintenance Scheduled for Nov. 19-20

Monday, November 14, 2022 - 16:30

 

PeopleSoft and PeopleSoft/HighPoint Campus Experience (CX) will be unavailable during vendor maintenance scheduled for the Student Information System beginning at 7 p.m. on Saturday, Nov. 19. This work is expected to last until 7 p.m. on Sunday, Nov. 20. The systems will be returned to service earlier if work is completed ahead of schedule.

This routine maintenance is necessary to maintain the security, stability, and reliability of the Student Information System.

Please contact the Technology Help Desk at 412-623-HELP (4357) if you have any questions regarding this announcement. Learn more about scheduled maintenance periods here.

Reconfigure Unix Timesharing Service to Linux By May 2023

Monday, November 14, 2022 - 12:10

 

Pitt Information Technology will be replacing the Unix Timesharing Service with the upgraded Linux Timesharing Service at the close of spring term in May 2023.

The Linux service provides updated software, enhanced encryption, and replaces the Solaris-based system, which is no longer supported by the vendor. Any client machines or applications used to access the service should be reconfigured to point to the Linux Timesharing Service. Like the Unix service, the Linux Timesharing Service can be used for programming, creating a personal webpage, and running statistical software.

Please ensure that any clients you use to access Timesharing are configured to point to linux-ts.it.pitt.edu before May 2023. Step-by-step instructions are available on our website. After May 2023, the following host names associated with the Solaris-based Unix Timesharing Service will no longer work:

  • unix.cssd.pitt.edu
  • unixs.cssd.pitt.edu
  • unixs.cis.pitt.edu
  • unixs1.cis.pitt.edu

In addition, programs written and compiled on the Unix Timesharing Service’s Solaris-based server will need to be recompiled to run on the Linux Timesharing Service. Data associated with the Timesharing service is stored on the separate Andrew File System (AFS) and is not affected by the retirement. You can continue to access AFS data directly through the Linux Timesharing Service. 

You may access the Linux server directly from within PittNet and while using Virtual Desktops for Remote Work or the Virtual Student Computing Lab. If you are connecting from outside PittNet, you will need to use the University’s preferred VPN solution, PittNet VPN (GlobalProtect), or the legacy PittNet VPN (Pulse Secure) service. 

Please contact the Technology Help Desk at +1-412-624-HELP (4357) if you have any questions regarding this announcement.

Phishing Alert: Musical Instrument Scam Asks Recipients to Pay Shipping

Tuesday, November 8, 2022 - 23:07

 

Pitt Information Technology is aware of a new phishing scam targeting the University of Pittsburgh community. The scam appears to originate from a Pitt email address and offers recipients a free musical instrument if they are willing to pay for shipping costs. The scam’s goal is to convince recipients to pay money for an instrument that will never be delivered.

The following is a sample of the recent scam. If you receive this message (or any message similar to it), please report it as a phishing scam by forwarding the email message as an attachment to phish@pitt.edu. Detailed instructions on reporting scams are available at http://technology.pitt.edu/phishingscams.

******************************************************************************

Subject: GIVEAWAY-DOWNSIZING MUSICAL INSTRUNMENTS AND ITEMS

Mrs. Ann Patrica is downsizing and looking to give away Her late husband's Musical Instruments and items to a loving home as she is travelling out of states soon . The instruments are

  • PIANO ( 2014 Yamaha baby grand )
  • Guitar ( Eric Clapton's 1939 Martin OOO-42 )
  • Violin (Yamaha AV7-44SG 4/4 Size )
  • Leica S (TyR 007) Digital SLR Camera

You can email or text Mrs. Ann Patrica to indicate your interest, Kindly contact her via her private phone number <Phone number removed> only if you are capable of making the delivery fee for the items. As the item awaits first person to send address and shipping fee to Mrs. Ann Private movers

NOTE: THE ITEMS ARE FREE

NO PICKUP OPTION DUE TO HER CURRENT SITUATION

REQUIREMENTS: SHIPPING FEE RANGING $100 - $500 DEPENDING ON YOUR LOCATION  

******************************************************************************

Pitt IT strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. If you were not expecting to receive such an email, confirm with the sender prior to interacting with the message. If you must interact with the message, avoid clicking on links contained in such emails. These may lead to sites that contain malicious software, or sites that attempt to steal your credentials. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, Pitt IT recommends that all students, faculty, and staff install Antivirus and Anti-Malware (Malwarebytes) Protection. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at +1 412-624-HELP (4357) if you have any questions regarding this announcement.