AdobeFlashPlayerStudents, faculty and staff who use Adobe Flash Player are urged to update the program quickly to avoid security vulnerability issues. 

Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.171 and earlier versions. Attackers could use the vulnerability to gain access to your computer and possibly even your private data. 

These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.

Customers of UAB IT's Desktop Services will receive updates to Flash Player. The new version 30.0.0.113 is being released to Desktop Supported and Campus Supported Windows 7 (Active-X, NPAPI and PPAPI) and Win8+ (NPAPI and PPAPI) browsers utilizing the on-premise Adobe Flash update server.  It is being deployed to Desktop Supported Windows 8+ (Active-X) browsers via Microsoft SCCM or Windows Updates. A reboot of your computer is not expected but could be required based on the activity state of Adobe Flash Player at the time of the upgrade.

If you have questions, please contact your department's IT support or contact AskIT at uab.edu/askit or 205-996-5555.

TravelSafety3
Traveling this spring or summer? Here are some tips to protect your tech and your data while you are on the road or flying the friendly skies.

Protect your tech and data when traveling:

  • Travel only with the data that you need; look at reducing the amount of digital information that you take with you. This may mean leaving some of your devices at home, using temporary devices, removing personal data from your devices, or shifting your data to a secure cloud service. Authorities or criminals can't search what you don't have.
  • Most travelers will likely decide that inconvenience overrides risk and travel with electronic devices anyway. If this is the case, travelers should focus on protecting the information that they take with them. One of the best ways to do this is to use encryption. Make sure to fully encrypt your device and make a full backup of the data that you leave at home.
  • Before you arrive at the border, travelers should power off their devices. This is when the encryption services are at their strongest and will help resist a variety of high-tech attacks that may attempt to break your encryption. Travelers should not rely solely on biometric locks, which can be less secure than passwords.
  • Make sure to log out of browsers and apps that give you access to online content, and remove any saved login credentials (turn off cookies and autofill). This will prevent anyone from using your devices (without your knowledge) to access your private online information. You could also temporarily uninstall mobile apps and clear browser history so that it is not immediately apparent which online services you use.

Get your device travel ready:

  • Change your passwords or passphrases before you go. Consider using a password manager if you don't use one already.
  • Set up multifactor authentication for your accounts whenever possible for an additional layer of security.
  • Delete apps you no longer use.
  • Update any software, including antivirus protection, to make sure you are running the most secure version available.
  • Turn off Wi-Fi and Bluetooth to avoid automatic connections.
  • Turn on "Find My [Device Name]" tracking and/or remote wiping options in case it is lost or stolen.
  • Charge your devices before you go.
  • Stay informed of TSA regulations and be sure to check with the State Department's website for any travel alerts or warnings concerning the specific countries you plan to visit, including any tech restrictions.
  • Clear your devices of any content that may be considered illegal or questionable in other countries, and verify whether the location you are traveling to has restrictions on encrypted digital content.
  • Don't overlook low-tech solutions:
    • Tape over the camera of your laptop or mobile device for privacy.
    • Use a privacy screen on your laptop to avoid people "shoulder surfing" for personal information.
    • Physically lock your devices and keep them on you whenever possible, or use a hotel safe.
    • Label all devices in case they get left behind!

Due to enhanced security measures in most countries, travelers with tech should be prepared for possible disruptions or additional wait times during the screening process. Here are some steps you can take to help secure your devices and your privacy.

Good to know:

  • While traveling within the United States, TSA agents at the gate are not allowed to confiscate your digital devices or demand your passwords.
  • Different rules apply to U.S. border patrol agents and agents in other countries. Federal border patrol agents have broad authority to search everyone entering the U.S. This includes looking through any electronic devices you have with you while you are traveling. They can seize your devices and make a copy for experts to examine offsite.

These guidelines are not foolproof, but security experts say every additional measure taken can help reduce the chances of cybertheft.

AcceptableUseComputerNetworkResources

Faculty, staff and students can follow some common sense guidelines to avoid unacceptable uses of University technology tools.

UAB's revised Acceptable Use policy, published in late 2017, gives clear guidance on how faculty, staff and students should use University computers, mobile devices and other technology tools.

The Acceptable Use policy applies to all users of UAB’s computing resources and is intended to prohibit certain unacceptable uses of computers, mobile devices and network resources and facilities, while educating users about their individual responsibilities.

The revised policy gives clearer guidance and expectations to UAB students, faculty and staff regarding their use of University computing resources.

Tax season is the perfect time for scammers to try to take advantage of you, information security professionals with UAB IT warn.

According to the IRS, sophisticated phone scams targeting taxpayers, including recent immigrants, have been making the rounds across the United States. Callers claim to be IRS employees, using fake names and bogus IRS identification badge numbers. They may know a lot about their targets, and they usually alter the caller ID to make it look like the IRS is calling. 

Victims are told they owe money to the IRS and it must be paid promptly through a gift card or wire transfer. Victims may be threatened with arrest, deportation or suspension of a business or driver’s license. In many cases, the caller becomes hostile and insulting. Victims may be told “they have a refund due” to try to trick them into sharing private information. If the phone isn’t answered, the scammers often leave an “urgent” callback request.

Limited English proficiency victims are often approached in their native language, threatened with deportation, police arrest and license revocation, among other things. IRS urges all taxpayers caution before paying unexpected tax bills. Note that the IRS doesn’t:

  • Call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. Generally, the IRS will first mail you a bill if you owe any taxes.
  • Threaten to bring in local police or other law-enforcement groups to have you arrested for not paying.
  • Demand payment without giving you the opportunity to question or appeal the amount they say you owe.
  • Ask for credit or debit card numbers over the phone.

Please keep in mind that scammers will try to perform this attack via phishing emails. Please be aware and vigilant of these efforts. If you suspect that you have received or fallen victim to a tax-related scam, contact the IRS at Treasury Inspector General for Tax Administration at 800-366-4484.

For additional information about this tax season’s scams, refer to this IRS web site.

Devices that use WiFi are vulnerable to a newly discovered and serious flaw, dubbed KRACK, in a commonly used wireless security protocol, WPA2.

Even on correctly configured wireless networks, attackers can potentially use KRACK — short for Key Reinstallation Attack — to read information that was previously assumed to be safely secured. WiFi access points as well as devices are impacted by this significant weakening of these wireless security protections.

How it works 
Devices can be tricked into installing an encryption key that allows for some or all wirelessly transmitted data to be read.

What to do 

  • Limit any potentially sensitive activities performed on wireless networks, or utilize the UAB VPN as a way to protect communications when on wireless at UAB or at home. 
  • Use wired networks if possible.
  • Update all wireless devices to address the vulnerability. This will depend on vendors creating and releasing the updates for various devices, including routers and access points as well as phones, tablets and laptops.
  • Ensure any activities on that must be performed on wireless networks are done via secure channels (HTTPS websites, SSH, S-FTP). Avoid unencrypted channels such as HTTP websites, Telnet, FTP.
  • Watch for suspicious individuals in a close proximity to your wireless network.
Want free ice cream? UAB IT is hosting a free ice cream social for students to kick off its second annual free Laptop Checkup for students.

The events are part of the celebration of National Cyber Security Awareness Month, which serves to remind everyone of the importance of information security. The ice cream social will be held Monday, Oct. 9, from 10 a.m. to 2 p.m. in room 318 at the Hill Student Center. Stop by for games, information and, of course, free ice cream.

Then come back Tuesday through Thursday, Oct. 11-12, for the free Laptop Checkup. Our tech experts wil ltake a look at your laptop to make sure it is free of viruses and other security risks.
MultiplyingPhish
When a suspicious email hits your inbox, it is sometimes followed by even more — but why so many?

If one person at UAB falls for a phishing email, their account can become compromised — and send out dozens or hundreds of similar phishing emails, all from that legitimate but compromised account. Because the phish comes from what appears to be a legitimate account, more people are apt to click links or attachments in the email.

And if more people fall for the phish, the emails continue to spread.

When phishing reports are made to UAB IT, the Information Security team acts quickly to recover compromised accounts and block the senders and suspicious URLs. That's why reporting a phishing email — through the PhishMe Reporter button in Outlook or by forwarding to phishing@uab.edu — is so important to stopping the spread of malicious emails.

Learn more about phishing and how to recognize a phish at uab.edu/phishing.
A new phishing email attempt is circulating among UAB students, faculty and staff. The email claims that your BlazerID is about to expire.

The email looks similar to the one below. Some emails may even come from valid but compromised UAB email accounts.

BlazerID AbouttoExpire
If you receive a similar email, please report it using the "PhishMe Reporter" button on your Outlook, or forward to phishing@uab.edu

To avoid phishing scams, pay close attention to the sender and any links in the email. If they look unusual, ignore them. You can always log in to a known web site — such as the BlazerID web site — instead of clicking on the link.

The video below gives more tips on how to catch a phish.

A new ransomware cyberattack called “Petya” is spreading globally and infecting computers, allowing malicious attackers to demand ransom payments to restore data.

The attack is similar to the WannaCry ransomware attack that spread a few weeks ago. Experts believe the initial infection comes from an email attachment, possibly a Microsoft Word attachment.

Some tips to avoid falling for Petya (also called Petwrap):

  • Patch your Windows-based computers and update your Microsoft Office suite. Contact AskIT if you have any questions.
  • Be extremely vigilant when opening email from anyone with whom you are not familiar.
  • If you receive email from an unknown sender, be cautious about replying, opening an attachments or clicking on links or graphics in the email.
  • If you believe you have received a suspicious email, click the “PhishMe Reporter” button in your Outlook or forward the email to phishing@uab.edu.
  • Be cautious about attachments you were not expecting. Even if you receive an email from someone you know, that person’s email may have been infected with ransomware. Contact the sender by phone to make sure the attachment is legitimate.
  • Be wary of emails with incorrect grammar or spelling, or messages in which the signature does not match the sender’s name.
  • Do not click links in messages that ask you to log in. Type a trusted web address in your browser, or Google for the web site if you don’t know the address.
Phishing emails that purport to be a "payroll notification" are actually an attempt to steal your password or personal information. Delete the emails; do NOT open the attachments or enter your BlazerID or password on any links enclosed.

The emails looks similar to the images below:

Phish 012117phish payrollnotification 012317


This email is not related to the campus-wide simulated phishing campaign that UAB IT is using as a tool to educate campus users about phishing attacks that attempt to steal personal or financial information. Please visit uab.edu/phishing to get up-to-date information about the latest phishing attempts and tools to help you protect your information. Campus users can also download the PhishMe Reporter tool for one-click access to report phishing attempts. Follow UAB IT on Twitter for alerts on phishing attacks.

If you receive an email with a link such as “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads. Even if the page looks familiar, verify the URL or type in a URL you know before entering your information.

Look at the URL of the website you are visiting. 

To report suspected spam to AskIT, please follow the instructions here or download the PhishMe Reporter button for one-click reporting.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.