(7/22/2014) A quarterly report revealing the “most exposed” programs on users' systems, found that old vulnerabilities in Microsoft XML Core Services continued to plague users.
(7/22/2014) HP researcher's findings highlight ongoing problems with POS software and hardware
(7/22/2014) More than three months after the disclosure of the catastrophic Heartbleed vulnerability in the OpenSSL library, critical industrial control systems sold by Siemens remain susceptible to hijacking or crashes that can be triggered by the bug, federal officials have warned.
(7/21/2014) Cybercriminals don't just send fraudulent email messages and set up fake websites. They might also call you on the telephone and claim to be from Microsoft.
(7/16/2014) The U.S. Secret Service is advising the hospitality industry to inspect computers made available to guests in hotel business centers, warning that crooks have been compromising hotel business center PCs with keystroke-logging malware in a bid to steal personal and financial data from guests.More news...
As part of the University's information security program, all University employees must complete annual security awareness training. Please complete the designated SANS training modules in SANS Securing the Human. You will not immediately receive a certificate when you complete the required modules. Certificates will be distributed via email twice a month for your records. Please contact the UM Chief Information Security Officer with questions at firstname.lastname@example.org.
(4/9/2014) The University is vigilantly taking action to protect our systems and services; most companies are doing the same. While we cannot determine the scale of direct impact, a vast number of online services such as social media sites, e-commerce sites, software installation sites, et cetera use OpenSSL software to encrypt information.
(4/9/2014) A new OpenSSL vulnerability has shown up and some companies are annoyed that the bug was revealed before patches could be delivered for it. Updated April 8.
(4/16/2009) Advisory for Advisory- Cisco AnyConnect Virtual Private Network (VPN) application for iOS has been updated to address vulnerabilities related to the Heartbleed bug.