Software vulnerabilities have always been a reality of managing information technology systems. What has changed in recent years is the speed at which vulnerabilities are discovered, disclosed, weaponized, and exploited. As a result, organizations must adapt their vulnerability management and operational practices to keep pace with an increasingly dynamic threat environment. Continue reading
Featured Announcement
Seven Questions Every Service Owner Should Be Able to Answer
Critical vulnerabilities are being discovered and exploited faster than ever before. When a major vulnerability is announced, organizations often have limited time to assess risk and take action.
Continue reading
Tax Season Phishing Scams
Tax season is upon us, making it an opportune time for scammers to attempt to defraud you. Cybercriminals frequently disguise themselves as Payroll offices/officials by sending emails that contain calls for action, such as requests for you to verify tax information, update direct deposit accounts, print and cash checks, and/or visit a website that is not owned by UConn or the State.
Continue reading
Duo: Sound the Alarm
Users play a crucial role in defending against cybercriminals. When your password is stolen, a hacker will try to use it to gain unauthorized, criminal access to University protected systems and information. Duo serves as a second line of defense, but only with your help. Hackers will attempt to trick you into authenticating a login on their behalf. We’re sharing common attacks to be aware of, how to detect them, and what to do if you are subject to an attack.
Continue reading
LastPass Incident
1/12/23 – Recently, LastPass, a password manager, has been in the news due to a compromise they experienced in 2022. Continue reading
Beware of Gift Card Scams
11/8/2021 – UConn IT Security is reporting a spike in the number of gift card scam messages. In this type of targeted message, the senders impersonate someone that you know, like a supervisor or department head, and they ask you to buy gift cards on their behalf. Do not respond, and do not buy gift cards.
Updated University IT Security Policies
Regular review and revision of policies is part of evolving a mature information security program that protects systems and data for both our community and the institution. Continue reading
Cybersecurity Awareness Month
ITS is kicking off a communication series for Cybersecurity Awareness Month. Continue reading
Cybersecurity Review
Substantive elements of the University’s information technology cybersecurity infrastructure will be reviewed by Deloitte, an external agency. Continue reading
Information Security Policies
The Information Security Office has reviewed and substantively revised information security policies, guidelines, and standards. Continue reading