Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

Internet

Heartbleed wreaks havoc

Friday, May 9th, 2014

If you read about a computer bug in the YOU, it has to be serious. This is exactly what happened with Heartbleed last week.

The now already infamous bug surfaced last month and wreaked havoc and many popular websites. You also might have received an e-mail by now requesting you to change your password for certain websites.

Heartbleed indicates a vulnerability in security in OpenSSL software commonly for web encryption. The vulnerability allows a hacker access to the memory of data servers. According to Netcraft, a company specialising in interne research, 5000 websites might have been infected by it.

Unlike some viruses infiltrating your computer via e-mail, Heartbleed targets a weakness on web servers. This implies that someone using a compromised website, runs the risk of having his username, password or credit card details intercepted. Without too much effort your data can be obtained and also access to your account.

With Heartbleed hackers can also gain access to the digital keys responsible for encryption on servers and thereby access a company’s confidential, internal documents.

According to Vocativ, the term Heartbleed was chosen by Ossi Herrala, a systems administrator at Codenomicon. The technical name is CVE-2014-0160 and refers to the line of code where the bug is located. Heartbleed refers to an extension in OpenSSL called heartbeat. The protocol is used to keep connections open, even if data is not transmitted between connections.

If you haven’t changed your password for the affected sites, rather play it safe and change it anyway. It still remains good practice to change your passwords on a regular basis. If you want to know which sites have been targeted or what their current status is, you can do so here.

More detailed information on Heartbleed is available at:

http://www.cnet.com/news/how-to-protect-yourself-from-the-heartbleed-bug/
http://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
http://www.vocativ.com/tech/hacking/behind-scenes-crazy-72-hours-leading-heartbleed-discovery/

BRON: www.cnet.com

 

 

Internet Explorer vulnerability disclosed

Thursday, May 8th, 2014

Recently security vendor FireEye publicly disclosed a vulnerability in all versions of Internet Explorer. Government security response teams urged users to rather use an alternative browser until a security fix was released. After Microsoft released the update this week, it”s no longer needed to use an alternative browser.

This high risk vulnerability, if exploited by an attacker, would allow him to gain the same user rights as the current user. The security breach could be achieved by an attacker hosting a specially crafted website that is designed to exploit this vulnerability through IE and then convince a user to view the website.

He would then entice the user the attacker enticing a user to view the attacker-controlled content by getting them to click a link in an e-mail or IM message or by opening an attachment in an e-mail.

Updating your Internet Explorer (versions 6, 7, 8, 9, 10 and 11) is critical on Windows clients. The security update addresses the vulnerability by modifying the way IE handles objects in its memory.

Microsoft has released update KB2964358 and KB2964444 to prevent this vulnerability. (More information on Microsoft’s security update can be found here.)

Campus assets running Microsoft Windows OS have the WSUS configuration installed, automatic updating enabled and users will not need to take any action. The security update will be downloaded and installed automatically.

FireEye noted that attacks rely on Flash and advised users to disable the Flash plugin in IE. Also always ensure that your antivirus software is current and updated regularly to avoid future security attacks.

SOURCE: http://www.zdnet.com en www.mirosoft.com

IE & my.sun not playing along?

Friday, February 28th, 2014

Recently we introduced a brand new my.sun interface (read the article here). As with most new developments, there are bound to be some hiccups.

One of the problems recently experienced by some users when they browse to the staff portal are either that their version of Internet Explorer has to be upgraded or only a blank screen is displayed.

There reason for this glitch is Internet Explorer’s compatibility mode. This function of Internet Explorer has the tendency to recognise the wrong versions of the software. For example, with compatibility mode Internet Explorer 8 and 9 thinks it’s running 7, while version 10 and 11 recognises it as 9.

However, there is an easy solution. By deselecting “Display intranet sites in Compatibility View” (see picture) Internet Explorer will report the correct version of the browser and not request an upgrade of the browser.

If Internet Explorer requests an upgrade, first check the version of the browser (see above ) and deselect compatibility view. Internet Explorer version 10, Mozilla Firefox and Google Chrome are recommended internet browsers.

1. How to find out which version of IE is installed on your pc
Click:  Help, About Internet Explorer

 

 

 

 

 

 

 

 

 

 

 

 

 

2. How to check if compatibility mode is enabled
Click: Tools, Compatibility View  Settings

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Send an email to help@sun.ac.za or contact IT ’s Service Desk on 0218084367 if you need assistance or experience problems. More information can be found on the my.sun help page. 

Download the mobile Inetkey application

Friday, February 14th, 2014

With the growing amount of mobile applications used on a daily basis, a need arose for a simple, effective Inetkey application that can be used on all devices and platforms – including Android, iOS, Blackberry and Windows.

After extensive testing on most available platforms, the official Inetkey app was launched on iOS, Android, Windows and Blackberry. You can download the appropriate version by clicking on the links below.

downloadandroid2
downloadblackberry
Download_on_the_App_Store_Badge_US-UK_135x40
downloadwindows

Non-official Inetkey mobile applications exist, but have been developed by independent individuals and are not supported or endorsed by Information Technology. Unofficial Inetkey apps carry the risk that they may intercept users’ credentials, which could be abused or stolen.  A user keys credentials into an app and does not know how or where they are stored or communicated, or even if it’s secured.

We can accept no responsibility if users download these apps and experience problems.

FOR MORE INFORMATION ON INTERNET AND INETKEY, PLEASE CONSULT OUR SERVICE CATALOGUE

Cell C offers now available for students and staff

Friday, January 31st, 2014

Students, as well as staff, can now obtain cheaper cellular data offerings through a joint offering by the University and Cell C.

These deals brings the cost per MB from 15c a megabyte down to around 3.3 cent/meg. The offer includes 3GB of data per month for six months at R600-00, but there are also deals available for 12 months.

Cell C will be on site on the Rooi Plein under the bridge between Admin A and B until 7 February, so make use of this opportunity! You need to take basic RICA documents: ID and proof of residence to the Cell C stall to make use of these special deals.

Telkom mobile will also introduce their offerings during the month of February, in case you miss out.

For more information e-mail the IT HUB at student@sun.ac.za​, visit them (entrance below the bridge on the Rooi Plein) or visit the Cell C stall.

 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.