Latest Security Threats at GHC
|04-10-2014||OpenSSL Heartbleed Vulnerability|
GHC Faculty, Staff, and Students,
As you may have read in the news, yesterday a critical flaw was announced within OpenSSL. OpenSSL is a piece of software used by millions of servers throughout the world to provide SSL/TLS encryption services for websites. For example, when you log in to your bank via https://www.mybank.com, it is SSL/TLS that provides security for the data in transit so that your session is encrypted and protected.
We took immediate action to patch our vulnerable systems and re-generate any security certificates as necessary. Because of the widespread scope of this flaw, we strongly encourage you to change your account passwords if you have accounts on any of the sites listed below. The mainstream media has not, in our opinion, correctly conveyed the seriousness of this critical flaw. The implications are enormous, and you should take action now to protect your account credentials in case they were compromised. You will likely receive communication from financial websites, email providers, social media sites, online shopping sites, and others asking you to change your account passwords. In the event you receive such emails, never click any links. Go directly to the website in question, log in, and then change your credentials. As always, we strongly recommend NOT using the same credentials for multiple logins.
Again, this is just a short list of the sites we know of thus far who were affected by this flaw:
- Intuit / TurboTax
|02-19-2014||Phishing Scam - @Account Security Upgrade|
Please see below. The following is a phishing scam first reported to us on Wednesday, February 19, 2014. Please do NOT respond to this email, open any attachments, or click any links contained within. If you have already done so, please immediately contact ITS at 706-295-6775 or submit a ticket to email@example.com.
Our records indicate that your account has not been updated as a part of our regular account maintenance.
Our new SSL servers check each account for activity and your information has been randomly chosen for verification.
Email Management Center strives to serve their email user with better and secure email service.
Please click on the link below to update
Notification: Failure to update your account information may result in account limitation.
Thank you very much for your cooperation!