HOME / BLOG /

Security

Meltdown and Spectre

Computer researchers have recently revealed that the main chip inside most modern computers and other electronic devices --- the CPU --- has a hardware design flaw, or bug. This flaw creates two serious security issues dubbed “Meltdown” and “Spectre”.

The design flaw in CPUs has been there since 1995 and affects most CPUs, regardless of manufacturer.  While the scope of the problem is not yet well understood, it is believed to affect nearly every modern computer and device with a CPU.

At this time, we know it affects the hardware that runs Microsoft

Read more about Meltdown and Spectre

High Sierra Root Vulnerability Macs Under CNS-OIT Management

If you own a Mac, you have probably heard by now that Apple introduced a serious bug into High Sierra by which anybody could log into a Mac using 'root' as the username and no password, and get full access to the system.

If your Mac is under CNS-OIT management, then a workaround has been applied: a root password has been set on your machine. Additionally, owners of managed machines will receive an email reminding them to apply as soon as possible the security patch that fixes the root vulnerability.

As always, if you have questions or need help, please don'

Read more about High Sierra Root Vulnerability Macs Under CNS-OIT Management

High Sierra Root Vulnerability: Known Issue Migrating From 10.13.0 to 10.13.1

If you own a Mac, you have probably heard by now that Apple introduced a serious bug into High Sierra by which anybody could log into a Mac using 'root' as the username and no password, and get full access to the system. You may have also heard that Apple released a patch to fix this vulnerability. But have you heard that the bug 'silently' reappears on systems that are subsequently upgraded from 10.13.0 to 10.13.1?

If you apply the security patch to

Read more about High Sierra Root Vulnerability: Known Issue Migrating From 10.13.0 to 10.13.1

Changes to Duo Two Factor Authentication

As of Friday, 17 November 2017, UT Austin's Two-Factor Authentication service (2FA) Duo has stopped reporting possible security issues to its push clients when they authenticate. 

What does that mean?  The Duo App, from 20 July 2017 until last week reported, based only on release date of the software on the device, that the system was insecure and in need of updates.  This confused many users, or just plain infuriated them in that their phones were reporting to be insecure. 

Security tools like 2FA via Duo are essential in this age of

Read more about Changes to Duo Two Factor Authentication

Controlled Phishing Campaign by ISO

On 1 November 2017, the Information Security Office announced that it would "soon begin a controlled phishing assessment in an effort to continue to improve security awareness around this particular attack vector. All faculty and staff are potential recipients."

According to the announcement, "you may receive fake phishing emails designed to look like ones that bad guys are sending. However, instead of harming you, these emails will provide the ISO with data and teach you how to identify these scams and protect yourself. The ISO will send at least three rounds of emails

Read more about Controlled Phishing Campaign by ISO

Illicit Keyloggers

Recently, several machines in the College of Natural Sciences have been found to be infected with a variant of Elite Keylogger. 

Keyloggers can be hardware or software, and are designed to capture all keystrokes a user makes on a machine.

This variant of Elite Keylogger is illicit software that sends logs of captured keystrokes to machines on the Internet, where these logs are parsed.

The people responsible for deploying the keylogger are usually looking for keystrokes that are username/password combinations that will gain them

Read more about Illicit Keyloggers

Web Browser Security Warnings

You may have received an error or warning in your web browser about a site you visit not being secure.  This can happen for many reasons.  Usually, the fault lies with the web server because the server administrator has not been keeping up with the latest security best practices or has made a mistake in implementing a security measure.  Nevertheless, in a surprising number of cases, the cause can be a non-server issue, such as your machine's clock being off by more than several minutes, or from your using a free public WiFi service that has a captive login portal.

Read more about Web Browser Security Warnings

Out-of-Band Flash Security Update

Vulnerable versions of Adobe Flash are being actively exploited. Please patch your copy of Flash as soon as possible.

Title: Adobe Flash Releases Out-of-Band Flash Player Security Update
Description: Adobe has released an out-of-band security update for Flash Player in response to CVE-2017-11292, a zero-day vulnerability under active exploitation. CVE-2017-11292 manifests as a type confusion vulnerability. Reports have indicated that this vulnerability is being leveraged by the Black Oasis APT group. Users are advised to update as soon as possible to reduce the

Read more about Out-of-Band Flash Security Update

Exploit of WiFi security protocol

Earlier today an announcement was made of a serious security vulnerability in a protocol that encrypts almost all WiFi traffic today. An attack against this vulnerability exposes all encrypted wireless traffic for an attacker to read, record, or possibly manipulate. The vulnerability exists on all unpatched platforms and wireless access points, although testing by the people who discovered this vulnerability shows that Android phones and Linux and BSD computers are the easiest for hackers to exploit.

To exploit this vulnerability, a hacker needs only to be within

Read more about Exploit of WiFi security protocol

Biometric Authentication

The UT Information Security Office (ISO) has just released a draft of new guidelines1 for using Facial Recognition and other biometric methods for authentication. This was brought about mostly by Apple Face ID on new iPhones, but Microsoft Windows' facial recognition Hello software is similar and getting a lot of attention, as well.

The ISO has rated Apple Face ID and Windows Hello for Business as highly secure. In the lesser category of secure (as opposed to highly secure), they add eye/iris scanners, finger/thumb scanners (including Apple Touch ID), and other facial

Read more about Biometric Authentication