November 2017

Changes to Duo Two Factor Authentication

As of Friday, 17 November 2017, UT Austin's Two-Factor Authentication service (2FA) Duo has stopped reporting possible security issues to its push clients when they authenticate. 

What does that mean?  The Duo App, from 20 July 2017 until last week reported, based only on release date of the software on the device, that the system was insecure and in need of updates.  This confused many users, or just plain infuriated them in that their phones were reporting to be insecure. 

Security tools like 2FA via Duo are essential in this age of

Read more about Changes to Duo Two Factor Authentication

Controlled Phishing Campaign by ISO

On 1 November 2017, the Information Security Office announced that it would "soon begin a controlled phishing assessment in an effort to continue to improve security awareness around this particular attack vector. All faculty and staff are potential recipients."

According to the announcement, "you may receive fake phishing emails designed to look like ones that bad guys are sending. However, instead of harming you, these emails will provide the ISO with data and teach you how to identify these scams and protect yourself. The ISO will send at least three rounds of emails

Read more about Controlled Phishing Campaign by ISO

Speed up your Old iPhone

If you have an older iPhone or iPad that you've been using for a while and that has been through several iOS upgrades, chances are you've noticed its running ever slower.  This happens for two reasons:

  1. Each new OS release has more features, meant to take advantage of the latest, fastest new iPhones' and iPads' hardware.  Hence, each new release runs slower on older devices.
  2. Over time, use and upgrades cause the system to slow down due to a variety of reasons.

The first cause can be fixed only by buying a newer

Read more about Speed up your Old iPhone

Illicit Keyloggers

Recently, several machines in the College of Natural Sciences have been found to be infected with a variant of Elite Keylogger. 

Keyloggers can be hardware or software, and are designed to capture all keystrokes a user makes on a machine.

This variant of Elite Keylogger is illicit software that sends logs of captured keystrokes to machines on the Internet, where these logs are parsed.

The people responsible for deploying the keylogger are usually looking for keystrokes that are username/password combinations that will gain them

Read more about Illicit Keyloggers