Home | GetProtected

Take Action Today!

ASU Information Security Office

ASU Information Security Office's Mission:

Arizona State University’s Information Security Office is committed to preserving the availability, confidentiality, and integrity of its information resources while preserving and nurturing the open information-sharing requirements of its academic culture.

ASU Information Security Office's Vision:

Embed information security into the culture of ASU
Ensure alignment of the information security program to the University's mission
Increase visibility into the University’s security posture

2018 IT Risk Assessment Toolkit

Resources for addressing Risk Assessment corrective actions.

US-CERT Current Activity:
The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
http://www.us-cert.gov/ncas/current-activity/
Internet Crime Complaint Center (IC3):
The Internet Crime Complaint Center (IC3) is an alliance between the National White Collar Crime Center (NW3C) and the Federal Bureau of Investigation (FBI). IC3’s mission is to address crime committed over the Internet.
http://www.ic3.gov/media/default.aspx
Microsoft Security Bulletins:
Microsoft security bulletins provide information & news about computer vulnerabilities and security updates to keep your computer protected.
http://technet.microsoft.com/en-US/security/dn481339
Apple Security Updates:
This document outlines security updates for Apple products.
http://support.apple.com/kb/ht1222
Oracle Critical Patch Updates, Security Alerts and Third Party Bulletin:
This page lists announcements of security fixes made in Critical Patch Update Advisories and Security Alerts, and it is updated when new Critical Patch Update Advisories and Security Alerts are released.
http://www.oracle.com/technetwork/topics/security/alerts-086861.html

Protecting Against Phishing

What is Phishing?

Phishing, in a nutshell, is the online version of a con-job. The perpetrators of phishing messages are essentially tech-savvy con-artists. In a phishing scam, these con-artists send out messages and emails that "look" legitimate, hoping to trick the unsuspecting user into giving out their personal information, including usernames and passwords, and allowing the perpetrator to conduct identity theft.

From the FBI:

"The FBI has identified successful spearphishing campaigns directed at college and university students, especially during periods when financial aid funds are disbursed in large volumes.... [I]n January 2018... an unidentified number of students attending the University received an email requesting their login credentials for the University’s internal intranet.

Read more about Cyber Criminals Conducting Successful Spearphishing Campaigns Against Students at Multiple Universities

IOS Security Update 12.1.4

Recent vulnerabilities have been identified in Apple's IOS platform that potentially allow bad actors to listen in on phone conversations and exploit Facetime. Please take a moment to update any IOS device to the latest version 12.1.4 which fixes the vulnerabilities.

Resources:

https://support.apple.com/en-us/HT209520

Read more about IOS Security Update 12.1.4

Windows 7 End-of-Support

As of January 14, 2020, Microsoft will no longer provide security updates and patches for the Windows 7 Operating System. As these security updates and patches provide critical protection against newly discovered exploits, systems running on Windows 7 after this date are potentially insecure, and ASU recommends migrating to a newer Operating System prior to that date. Precautions may be taken at that time to protect the ASU network and systems, including removal of outdated systems from the network.

Read more about Windows 7 End-of-Support

Menu

Search