We are currently experiencing an issue causing Google’s Safe Browsing service to pick up links checked by Mimecast as malware sites. This means you may get a warning notice in your browser when you click on certain links.
This has been caused by URLs rewritten by Mimecast being flagged by Google as malware and the problem is being investigated by our service providers at Mimecast.
Microsoft released a number of critical security updates last night to protect your Windows machine from any new cyber-attacks.
To ensure that your computer remains protected, we urge you to install these updates when prompted to do so. Once installed, you must restart your computer for the update to take effect. If you don’t restart, your computer and data will still be at risk.
These patches addresses vulnerabilities similar to those hackers used to spread last month’s WannaCry ransomware.
Ensure your UCT and home computer is protected
If your computer is set up to accept updates via WSUS, it will remain protected.
Please report any cyber security incidents to the UCT CSIRT at firstname.lastname@example.org.
Upgrade your Windows XP machine
Microsoft and ICTS no longer support Windows XP machines which means that your machine could pose a security risk to the UCT network. Currently, there are still about 150 machines that have Windows XP installed. If ICTS has not been in contact with you in the past month about your machine, then you need to upgrade to a supported version of Windows as soon as possible. You can log a call with the IT Helpdesk for assistance.
ICTS engineers are continuing to improve the performance of Drupal – the UCT web content management system. While this work is underway, you may experience slowness or get a 503 error when accessing UCT websites.
We will send an update if there are changes to the condition. We thank you for your patience during this time.
Previous message posted Monday, 29 May 2017 at 12:28 p.m.
ICTS is aware of an issue affecting websites on the Drupal web content management system.
We are currently working to resolve the issue.
ICTS will be conducting emergency maintenance on the Wi-Fi infrastructure.
This will start at 10pm tonight and will last for approximately 4 hours. Wireless service will be impacted and may be unavailable for the duration of the maintenance slot.
ICTS engineers have resolved the problem that was affecting some wireless access points across campus last week.
They will, however, continue to monitor the situation.
Previous message sent Thursday, 18 May 2017 at 13:22 p.m
ICTS is aware of a problem affecting. Some users may experience issues accessing the UCT wireless network. ICTS engineers are currently investigating.
UCT subscribes to lynda.com, an extensive online training library. On Saturday, 20 May 2017, the service will undergo maintenance from 06:00 – 09:00 a.m.
As a result, lynda.com may be unavailable during this time.
Learn a new skill wherever you are
Lynda.com boasts thousands of high-quality instructional videos covering soft skills, design, software, and business management. Courses range from beginner to advanced and are accessible from your computer, laptop, and mobile device.
If you haven’t yet accessed lynda.com, follow these step-by-step instructions to register, then find a course that meets your needs.
ICTS is aware of a problem affecting some wireless access points across campus. Some users may experience issues accessing the UCT wireless network.
ICTS engineers are currently investigating.
Preventative actions will be performed to prevent further ransomware attacks: your computer may restart
A few days ago, ICTS informed campus that a global ransomware attack has impacted many Windows computers. Most computers on campus are protected, but some users have either refused the updates or their computers have not been restarted following the updates. To protect the university network, we must forcibly update and restart these computers, totalling approximately 1000.
How this will affect you
Your Windows computer may be forcibly restarted to apply critical patches to the operating system.
This will occur at 2pm today, 17 May.
To avoid an unexpected restart, please restart your computer as soon as you can if you have not done so since the last Windows patches were applied. Unsecured computers found to be causing serious problems will be disconnected form the UCT network until the issues have been remediated.
What is Ransomware?
Ransomware locks files on your computer and demands a ransom in digital currency to restore the files. There is no guarantee that the files will be restored after paying the ransom. Creating a digital currency account and obtaining digital currency is also not a simple process. While attempts to circumvent the spreading and effect of the ransomware (or any other virus) are announced from time to time, these attempts are often nullified because the creators modify the original version.
At least five new versions on the first attack are spreading, and so far about 200 000 infections in 150 countries have been recorded.
Make sure you back up your data regularly, preferably on an external hard drive that is not constantly connected to your computer and stored in a different location. This is the only guaranteed way to protect your data.
Please report any cyber security incidents to the CSIRT at email@example.com
A global ransomware attack, which started on Friday has sent shockwaves around the world and has so far impacted over 100 countries, including South Africa.
The ransomware worm, called "WannaCry" infected about 75,000 computer systems on Friday and is continuing to cause issues across the globe.
The ransomware locks up files on your machine and makes them unavailable to you unless you pay the ransom amount. If your system is infected, a pop-up window will appear with instructions on how to pay a ransom of $300.
What do I do?
- The ransomware can infect your machine in several ways, including email. Please do not open any suspicious or unfamiliar emails.
- If your machine has been compromised, do not pay the ransom. There is no guarantee you will get your data back.
- Make sure your anti-virus software is up to date, on your computer as well as other devices such as phones and tablets.
- Make sure the latest security patches have been installed and that your computer has been restarted after the updates.
- Make sure you back up your data regularly and that your backups are up to date.
Please report any cyber security incidents to the CSIRT at firstname.lastname@example.org
Well done to everyone who spotted the latest phishing attempt. This one pretends to be a notification that your UCT ActiveDirectory (AD) account has been corrupted, and asks you to verify your credentials so that we can restore your account.
Do not respond to the email
The UCT CSIRT team has implemented the required security controls. However, we ask that you do not respond to the email, and do not click the link in the email.
If you already clicked on the link, please change your password immediately by going to Password Self Service.
Remember these security tips
- Don't reply to emails that request personal information.
- Don't open email of unknown origin.
- Don't click on links in emails if you cannot recognise where the link directs you.
- Don't reply to spammers asking them to remove you from their mailing list.
- By replying, you are confirming your email address as valid and will only encourage more spam.
- Don't forward chain letters or marketing material. Don't respond to emailed competitions.