Take Action Today!

 

ASU Information Security Office

ASU Information Security Office's Mission:
 
Arizona State University’s Information Security Office is committed to preserving the availability, confidentiality, and integrity of its information resources while preserving and nurturing the open information-sharing requirements of its academic culture.

ASU Information Security Office's Vision:

  • Embed information security into the culture of ASU
  • Ensure alignment of the information security program to the University's mission
  • Increase visibility into the University’s security posture

Read More

2018 IT Risk Assessment Toolkit

Resources for addressing Risk Assessment corrective actions.

  • US-CERT Current Activity:
    The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
    http://www.us-cert.gov/ncas/current-activity/
  • Internet Crime Complaint Center (IC3):
    The Internet Crime Complaint Center (IC3) is an alliance between the National White Collar Crime Center (NW3C) and the Federal Bureau of Investigation (FBI). IC3’s mission is to address crime committed over the Internet.
    http://www.ic3.gov/media/default.aspx
  • Microsoft Security Bulletins:
    Microsoft security bulletins provide information & news about computer vulnerabilities and security updates to keep your computer protected.
    http://technet.microsoft.com/en-US/security/dn481339
  • Apple Security Updates:
    This document outlines security updates for Apple products.
    http://support.apple.com/kb/ht1222
  • Oracle Critical Patch Updates, Security Alerts and Third Party Bulletin:
    This page lists announcements of security fixes made in Critical Patch Update Advisories and Security Alerts, and it is updated when new Critical Patch Update Advisories and Security Alerts are released.
    http://www.oracle.com/technetwork/topics/security/alerts-086861.html

Protecting Against Phishing

What is Phishing?

Phishing, in a nutshell, is the online version of a con-job. The perpetrators of phishing messages are essentially tech-savvy con-artists. In a phishing scam, these con-artists send out messages and emails that "look" legitimate, hoping to trick the unsuspecting user into giving out their personal information, including usernames and passwords, and allowing the perpetrator to conduct identity theft.

Read more

Gift Card/Impersonation Scams

Submitted by btwoods on August 30, 2019 - 3:26pm

Recently, we have noticed a large number of gift card scams coming through email services that have been targeting the ASU community. The ASU Information Security Office reminds everyone to be vigilant about the threat landscape that is present on the internet. Below are the details of the scam and actual examples of the gift card scams.

How does the Scam Work:

  1. The scam sent will usually include “Are you available” as the body or subject of the email. 

Apple Issues 3 Emergency Security Fixes To Block Hackers From Taking Over iPhones, Macs, Apple TVs

Submitted by rkamilli on August 30, 2019 - 1:27pm

Alert:

There was a critical security flaw that Apple identified and has the potential to effect MacOS, IOS, and TVOS. The venerability allowed the potential for a malicious application to execute arbitrary code with system privileges and bad actors would have the ability to take control of devices. Apple has provided 3 patches macOS (10.14.6), iOS (12.4.1) and tvOS (12.4.1) that fix the venerability. 

Phishing Reminder

Submitted by meroman1 on March 15, 2019 - 12:46pm

Phishing is always on our radar here at ASU. It remains the #1 successful attack vector for hackers to get your personal information year after year. Understanding the social engineering schemes of phishing is key; rather than “break into” your accounts or information, these attackers find it’s easier in many cases  just to ask you for your information.