As part of our Cyber Essentials accreditation for managed staff desktops, we have recently withdrawn the local admin account functionality from Run Advertised Programs on staff PCs. While the local admin account withdrawal happened more suddenly than we had anticipated, we were planning to remove it from RAP this summer anyway. This is in line […]
Author: trish
Password rules are changing
As part of our ongoing commitment to achieving Cyber Essentials Accreditation, we are strengthening our university network password rules. Our current security settings require a minimum of six characters and staff/PGRs must change their password once a year. It is not possible to use your previous two passwords when changing. In future, your password is going […]
Blue button phishing attack resurfaces
Earlier this week, variants of the blue button phishing email scam were circulated and unfortunately a number of accounts have been compromised as a result. Subsequently, user details including username and password were harvested. In this instance the attacker did not use the harvested details until this afternoon, when it emerged that a number of […]
New scam email….your credit card has been invoiced….
…but of course it hasn’t… We’re starting to see a number of emails being sent to staff with the core message that your credit card has been invoiced to the tune of usually around £1,600. The text in the body of the email so far is completely different between users, the sender email is different […]
Whale phishing attack – targeting senior staff
Over the last few months we have seen a substantial rise in the volume of phishing emails being sent to university staff apparently from a colleague. These emails are sent from a fake external email address e.g. colleagues.name@gmail.com or something similar. Often the emails are made to look as if they’ve come from senior colleagues […]
SECURITY ALERT – Blue button phishing scam
UPDATE 11.30, 25/1/19The blue button phishing attack appears to be dissipating although we are still resetting user accounts if we discover they have been compromised. The vast majority of blue button related ingoing and outgoing email was blocked by approx 12pm yesterday but it took the best part of the rest of the day for the Information Centre to work through the backlog […]
Security Alert – green button phishing emails doing the rounds
DON’T PUSH THE BUTTON! There is a new email scam doing the rounds. This one is targeting staff and students. Despite appearance, this spam email is quite sophisticated in that it uses the title of a genuine email that you have replied to previously in order to trick you into believing it is authentic. If […]
Security alert: new form of targetted phishing email doing the rounds
Over the last few days, we have seen a number of reported incidences of what is known as ‘Whaling’ or ‘Whale phishing’. Whaling is a type of fraud or phishing scheme that targets high-profile end-users, usually senior staff in an organisation, politicians, and celebrities. Fraudsters behind whaling campaigns aim to trick targets into giving out their […]
Update on problems with eduroam
15:45 Wed 17 Oct At 14.30 today, we identified a specific problem with a service related to eduroam, which we fixed. This improved the performance and availability of the eduroam service. We have since been monitoring and now believe that eduroam is stable enough for you to try. Please note that you may have to get […]
Issues with eduroam service today
We are still continuing to experience issues with connections to eduroam on campus today. We have been working with our suppliers to identify the cause of the issues but have not yet arrived at a resolution. We will continue to work on this. There are a large number of successful connections to eduroam so the […]