Blog

Spectre and Meltdown Vulnerabilities for IT Professionals

Updated 1/26/2017: While patching continues, especially for the "Spectre" vulnerabilities, we are going to stop updating this page as of 1/26.  IT professionals should pay attention to firmware/microcode updates and *test them thoroughly* before considering deployment.  Be on the look out for, and continue to apply, patches for web browsers and operating systems.

On January 3, 2018 information about three vulnerabilities in computer processors was made public (...

Read more about Spectre and Meltdown Vulnerabilities for IT Professionals

KRACK (WPA2 Vulnerability)

What Happened?

A vulnerability has been discovered in WPA2, the security that protects most wifi connections.

What is the Risk?

When successfully exploited, the KRAK attack lets cyber criminals snoop on your unencrypted wireless network data or slip dangerous content into an unencrypted website connection. 

What is Harvard Doing?

HUIT is investigating the risk to our networks and will deploy patches as they become available for...

Read more about KRACK (WPA2 Vulnerability)

Equifax Data Breach

What Happened?

Consumer credit reporting agency Equifax revealed that they had suffered a cyber attack. This attack resulted in the loss of records for over 140 million people, including social security number and banking information.

What is The Risk?

Cyber criminals can use this information to take control of existing financial accounts, or open new accounts using your personal information. The goal of this is almost always financial, to defraud businesses and individuals of money.

...

Read more about Equifax Data Breach

Phishing Emails from Harvard Email Accounts

What Happened?

A targeted phishing campaign was discovered yesterday, July 5, which used compromised Harvard email accounts to send messages to others within the Harvard community. The message provides a link to a “shared file” that will require login to access it. The objective of the attacker was to gain access to more Harvard email accounts by recording and using these login credentials. The message comes from individuals known to the recipient, although the content is generic and not expected.

...

Read more about Phishing Emails from Harvard Email Accounts

Ransomware Outbreak

What happened?

A large number of computers around the world have been infected with the WannaCry Ransomware. It has been seen in over 70 countries and impacted thousands of computers. 

What is the risk?

Ransomware encrypts the data on your computer, making it impossible to recover without the key. To get the key, you must pay a ransom. In this case, the attackers are demanding roughly $300 USD. The ransomware works by exploiting a vulnerability in Microsoft Windows, a vulnerability that has been patched...

Read more about Ransomware Outbreak

Google Phishing Campaign

 

What Happened?

A large-scale phishing campaign was discovered yesterday, May 3rd. The objective of the attacker was to gain access to the victim’s Google account. The messages appeared to come from addresses known to the recipient.

What Is the Risk?

Within an hour, Google disabled the accounts associated with this attack. The phishing websites associated with the attack have been taken offline. For those users who clicked the link, logged into their Google account, and granted...

Read more about Google Phishing Campaign

LastPass Security Updates

 

What happened?

Two vulnerabilities were discovered in the LastPass browser extension.

 

What is the risk?

In certain circumstances, these vulnerabilities could be used to steal passwords or run malicious code, though there have been no confirmed incidents of stolen data or passwords.

 

What has LastPass done? 

All versions of the LastPass browser extension have been updated to fix these vulnerabilities and are being pushed to clients. Instructions for...

Read more about LastPass Security Updates

Apache Struts2 Vulnerability

What happened?

A vulnerability has been discovered in Apache Struts2, a framework for providing application services through a web server. 

What is the risk?

When successfully exploited, this vulnerability gives a cyber attacker the ability to run commands on the web server running the affected software. Exploiting this vulnerability does not require sophisticated technical skill. Active exploits have been widely detected across the Internet. 

What is Harvard Information Security doing?

Harvard...

Read more about Apache Struts2 Vulnerability

Harvard Branded Phishing Campaign

What happened?

Phishing emails which may appear as official Harvard communications were sent to internal and external recipients. These messages encourage a user to click a link or download a file. 

What is the risk?

Clicking the link exposes the user to malicious code which may install malware on their computer. Once installed, malware provides an attacker access to files and passwords on the computer.

What can I do?

Click Wisely. Click only links and files that are expected...

Read more about Harvard Branded Phishing Campaign