Breadcrumbs

Security Threat Awareness

ITS strives to provide the UIS campus community with the most up to date information about current security threats and good practices on what you may need to do to reduce your risk of a security incident.

Threats to be aware of:

Heartbleed

On the evening of Monday, April 7, code was released to the world that put much of the Internet’s security infrastructure at serious risk.

The code exploited a security flaw making it possible for an attacker to pull additional information from a secure website. Examples of information that could be pulled include passwords, credit cards, Social Security numbers and other personal information from the people who used the at-risk website or service.

The flaw that makes all of this possible has been named Heartbleed. Many computer security experts are referring to Heartbleed as a once in a lifetime security threat. An attack via Heartbleed leaves no traces, making it nearly impossible to determine if a vulnerable website was actually compromised. If a website is at risk, it is not possible to trust that the information sent to and from the website is actually protected.

More information about Heartbleed can be found at Reuters

http://www.reuters.com/article/2014/04/10/us-cybersecurity-internet-bug-idUSBREA3804U20140410

In the coming days, you may receive notices to change your password from companies who have been effected by this flaw. Please remember to review ITS’ recommendations and best practices for selecting and managing several passwords by visiting:

http://www.uis.edu/informationtechnologyservices/about/security/#passwords