There are several phishing emails circulating campus right now. This is just a reminder that IT will NEVER request passwords or other personal information via email. Messages requesting such information are fraudulent.
Archive for the ‘Security’ Category
Current Phishing Attempts: 10/24/09
Saturday, October 24th, 2009IT security advisory regarding virus cleanup
Monday, February 2nd, 2009Title: Clean up of worm/virus/malware infected machines
Date Issued: 02/02/2009
Issued By: Adrian Irish, IT Security Officer
Scope: Campus Wide
Reference Number: 2009-002
IT strongly recommends that the best course of action when dealing with virus infected computers is to do a clean rebuild* whenever possible. Several of the specific viruses hitting campus in recent days are confirmed to open up backdoors allowing arbitrary code execution on the infected machine. The unfortunate reality when dealing with modern malware is that once a machine has been compromised in this way, it is very difficult to have complete confidence that a machine is “clean”. While removal tools will generally remove the worm or virus responsible for the spread and delivery of a payload, they are not always successful in dealing with other more stealthy malware which comes in through the backdoor.
We understand that circumstances and time constraints may prevent you from being able to perform a clean rebuild on all infected machines, but please keep in mind the risk associated with using only the removal tools. If you are unable to perform a clean rebuild and must rely upon virus removal tools alone, you should at least reboot the computer in safe mode before updating virus definitions and, once the virus definitions have been updated, you should perform a full virus scan while still running in safe mode.
Also, at least one of the viruses in this wave is known to install a keystroke logger. Therefore we recommend that clients change their passwords for any accounts they might possibly have accessed during the time their machine was infected.
