Posted: 09 Apr 2014
The Heartbleed vulnerability affects sites that use the OpenSSL cryptographic software library. OpenSSL is used to encrypt web traffic, usernames, passwords, and content transmitted through secure webpages (pages that start with “https”). The Heartbleed bug allows attackers to read the memory of systems using the vulnerable versions of the OpenSSL software.
Posted: 03 Apr 2014
Technology Services has seen an uptick in phishing attacks involving CryptoLocker ransomware (see
As means to reduce future infections, we are blocking email with attachments of .zip archives that contain executable files.
Posted: 31 Mar 2014
Many Tulane faculty and staff use the Box file storage application for file storage and sharing, but do you also use Box Sync? Box Sync is a utility that allows you to synchronize a folder on your desktop with the files you store on Box. You can create, edit, and delete documents directly through the Box folder on your desktop using your native applications (such as Microsoft Word or Excel). All changes automatically sync back to your online Box account.
Posted: 19 Feb 2014
Many of you are already aware that the Windows XP operating system is being retired and will not be supported after April 2014. Any Windows XP machine that is connected to the Tulane network after this date represents a security risk to every machine connected to the network.
Posted: 14 Feb 2014
We are pleased to announce the following workshops and webinars:
Getting Started with Blackboard Collaborate
Uptown at the Howard Tilton Library Room 309/308
February 18th at 3:30 (309) and March 12th at 1pm (308)
Downtown in the Matas Library at the Medical School
February 19th at 2pm and March 13th at 2pm
Blackboard Collaborate gives you the functionality you need to support synchronous teaching and learning environment, such as two-way audio, multi-point video, interactive whiteboard, application and desktop sharing. This session will cover the initial set up and deployment of your Blackboard Collaborate Room. Register here
Users who have Java enabled in their browsers are vulnerable to a threat referred to as "Zero Day Java 7 Vulnerability." Browsing the web with a vulnerable version of Java installed and enabled means that simply visiting a website is enough for an attacker to compromise your computer. This is known as a "drive-by download." Tulane Information Security is aware of this exposure and is monitoring activity related to this issue. We are blocking traffic from known sites that represent a threat.
While disabling Java is one method of blocking this threat, the use of Java is essential to use of Banner and other Tulane enterprise systems so it is not a practical solution. We recommend that the Tulane computing community be as vigilant as possible about visiting unfamiliar websites and consider the following:
Information Security will provide continued updates about his issue. Please follow Information Security at https://twitter.com/tulaneInfoSec. If you have questions or require further detail about this issue, please email us at firstname.lastname@example.org.
Technology Services, Tulane University, New Orleans, LA 70118 -- TSNOC: 1-866-276-1428 -- email@example.com