Fortunately, there are no new issues to report. Some phishing emails are still coming from infected WSU email accounts. But the numbers seem to be dropping. There was one that came through this morning that had a new twist. It stated that “IP Security upgrades discovered an irregular Login attempt” and it even gave an IP address. It then had the “threat” statement saying they recommend you “validate your account to avoid suspension,” followed by CLICK HERE. Do not be fooled. This is a malicious email. See image to the right.
The other lingering issue is that we are still plagued by intermittent connection slowdowns. We have been working with Nick Pappin and Bill Bonner to find a solution. They think they have found one that involves bringing in a line from LocalTel to run a parallel network that will route our connections to whichever system is running the fastest at any given time. This will be set up at the same time as they install an AirMax wireless bridge that should handle all of our wireless issues. Jim has given his approval to the plan to proceed to the next step. Hopefully, they should be able to begin as soon as the week of the 18th. We may have more information on this for the next faculty meeting.
In case you are interested in seeing how much traffic goes through our network, take a look at the Internet Activity Report in my other blog article.
Maintenance & Security Notices from Central IT
- Mozilla releases security updates.
From US-CERT: Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 57.0.2 and ESR 52.5.2and apply the necessary updates. - Microsoft releases security updates for its Malware Protection Engine.
From US-CERT: Microsoft has released updates to address a vulnerability in Microsoft Malware Protection Engine affecting multiple products. A remote attacker could exploit this vulnerability to take control of an affected system.
US-CERT encourages users and administrators to review Microsoft’s Advisory and apply the necessary updates. - Apple updates everything – Again!
From SANSInternet Storm Center: After a rushed release of iOS 11.2 over the weekend to fix a “December 2nd Crash” bug, and last weeks special update to fix the passwordless root authentication bypass in macOS, Apple today (Dec. 6) released its official set of security updates. With this, we (SANS) also received details about the security issues patched in iOS this weekend. Apple’s different operating systems share a lot of code with each other, and as a result, they also share some vulnerabilities. I am trying to organize the details in a table below (starting with macOS. Others will be added soon) the table can be found here: https://isc.sans.edu/forums/diary/Apple+Updates+Everything+Again/23107/
Apple’s security updates can be found here: https://support.apple.com/en-us/HT201222 - Google Releases security update for Chrome
From US-CERT: Google has released Chrome version 63.0.3239.84 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update. - Emergency preventative maintenance to the ITB Data Center
This work was performed last night after 5 pm and was successfully completed. The work was needed to recover the Date Center switching from a degraded state. - Phone service maintenance notice
ITS performed additional maintenance on the phone servers Thursday evening. The work was completed and no problems have been reported. - REMINDER: Videoconference maintenance next week
From ITS Coordinator: During the week of December 11th the Polycom infrastructure will undergo a transition from two independent infrastructure environments to a single clustered environment. During this time, registered endpoints will drop registration and will require re-registration. The video conferencing support team will coordinate with stakeholders to make sure their endpoints are registered correctly. No preparation is required prior to maintenance.
We will also be working with impacted meeting schedulers to move them onto a different bridging service during this maintenance window. Support teams will be manually dialing them into their conference still, so academics should not be impacted. If there are new requests, please have users contact the support team for options.
If you have questions, please contact the VC Services team at 5-6575. - Notice of maintenance to Skype for Business
From ITS: Beginning at 8 pm Monday, December 11, ITS Engineers will be performing maintenance on Skype for Business servers in an effort to recover from a reported audio issue.
We do not expect any outage, and this should not affect any services. However, ITS wants customers to be aware this work is taking place and will last no more than an hour.