Security

With Okta, we have a flexible Multi-Factor Authentication (MFA) system that requires your username, password and another factor in order to access your account. One of the simplest factors to use is MFA Push, where Okta sends a message to the Okta Verify app on your phone… Continue reading »

The second Tuesday of every month is known as “Patch Tuesday” for Microsoft, and the need to run your Windows Updates remains. Please take a few minutes to download and install them, and always restart your computer after updating it. For Apple’s macOS, if you are on Sequoia… Continue reading »

Tis the season to …. receive a new phone?  If you do get a new phone keep in mind you will want to set it up with Okta Verify BEFORE you discard or erase the old phone.    Doing an iCloud or direct phone to phone transfer of data and… Continue reading »

When macOS Sequoia was released earlier this fall, OIT blocked the upgrade while we investigated and tested the new OS to ensure compatibility with all of our major platforms and software.  We discovered a few things that were incompatible, for example the system we use to install printers on Macs… Continue reading »

Thanks for following along throughout another NCSAM! 2024 has included a resurgence in social engineering attacks, designed to trick people into giving up financial information, actual funds, or account credentials. Each DM from the past few weeks has been recorded on our new OIT About page for InfoSec. Continue reading »

For the 4th week of NCSAM, we’ll address the highest risk email-based threat that we can receive: phishing. TL;DR: when you get one of these emails, please use Gmail’s “Report phishing” function, just like with scams last week. Phishing usually has a specific focus: to steal the credentials to… Continue reading »

Scams are usually emails from unknown senders, often spoof college personas, almost always include a sense of urgency, and are designed to steal from you. Student-facing scams often include offers of part time work (just send $500 for setup fee and equipment), but can take many shapes, including natural… Continue reading »

Spam is unsolicited email from legitimate sources, like junk mail and catalogs you may receive in the actual mail. Spam intends to get a message out (like a sale or a new product release) but is not meant to trick you and is low-risk to you and the college. Because… Continue reading »

This October, we’ll focus on email-based risks, which can affect your Williams and your personal accounts. Week 1 is for classification. To understand the difference between spam, a scam, a phishing email, and a threat, please review the table below, which will be covered in great detail over the next… Continue reading »

On the Microsoft side of the house, Windows users should Check for Updates and apply them, restarting your computer when requested. On Tuesday, 8/13, Microsoft released patches for almost 90 security vulnerabilities, including six 0-days under active exploitation. If you are on macOS or a Linux system, please check for available… Continue reading »

You’ve likely seen the news of the global issue with CrowdStrike on Windows computers. That affects us at Williams as well and we are here to help you. If your computer has a blue screen, please email [email protected] or call x4090 so we can help you. If you have… Continue reading »

Over the past few days, we have noticed an increase in emails claiming to come from Williams faculty or staff requesting a change in their direct deposit settings. Another common theme is a bad actor pretending to be a vendor we work with, and asking our Finance group to change… Continue reading »

It’s a busy and exciting time for everyone here! Just the sort of condition attackers would love to take advantage of! Please take 30 mins (maybe 60 if you have several devices) and check for updates. If you have updates to install, please do so. Then, restart your device if… Continue reading »

To keep you and the college secure, OIT needs to update our Cisco VPN system.  VPN is used to connect securely to some college resources. Please be aware that new versions of the VPN require that Mac computers be running a “supported” operating system version.  The… Continue reading »

Google just patched Chrome to address high-risk security vulnerabilities. Please take a moment to update Chrome, and any other browser you may use. It’s always recommended to stay current on software updates for operating systems and apps. Please contact [email protected] (students) or [email protected] (faculty and staff) for assistance. Thank you… Continue reading »

We have observed an uptick in scams targeting students, faculty and staff. In general, they are predominantly email-based, and often mimic job offers, research opportunities, or the occasional piano for sale. Please remember, only trust emails that come from @williams.edu addresses. We employ solid defensive security measures for our domain,… Continue reading »

Fake job scams continue to appear, often from @gmail addresses and claiming to be a faculty member sending them. Please be suspicious of any email sent from an email address you don’t recognize or know. Williams faculty and staff will communicate via their @williams.edu accounts, not from @gmail. When/if you… Continue reading »

When you replace your cell phone use it one last time to log in and add your new phone to Okta before getting rid of it. If you no longer have the old phone contact [email protected] or x4090 for help. More Info Don't lose access to your Williams account! … Continue reading »

To enhance the security of our systems, Okta MFA will be required for VPN access starting November 15.    Active ransomware groups are targeting organizations that do not have MFA for their VPN users*.  If you have not yet signed up for Okta please do so. To use Okta MFA… Continue reading »

To wrap up National Cybersecurity Awareness Month, please read this post to learn about one way cyber attackers are leveraging generative AI tools and to find out how it was used as part of a successful “blended” social engineering attack. More Information… Continue reading »

Please spend a few minutes to review this installment of National Cybersecurity Awareness Month’s theme. This is an old trick in a different format, so brush up on how to avoid falling for this sort of scam. More Information… Continue reading »

In order consolodate and reduce logins, ticket.williams.edu will be joined to Okta. If you have not already, please sign up for Okta soon. As always you can email us at [email protected] or call x4090 for help. Other college systems will gradually be added to the Okta environment.  This means that… Continue reading »

Employment scams, or fraudulent job offers, pose significant risks to job seekers and can have devastating consequences. These scams typically involve criminals posing as legitimate employers, often using convincing job postings, emails, or even phone calls to lure unsuspecting individuals. More Information… Continue reading »

What is Social Engineering, and why does it matter to you? This Cybersecurity Awareness Month, learn more about the least technical way that organizations get hacked. These attacks target the human, so please read to understand the threats. More Information… Continue reading »