Content | Navigation |

Please use this form to register your "out of vendor support" computers

Type of Computer

NDSU IT Security Updates

April 15, 2014

Heartbleed - Change These Passwords Now

The Internet was stunned to learn of a significant vulnerabilty to security this last weekend.  OpenSSL, an application that is used by software and services throughout the Internet for authorization of legitimate websites was found to have a core flaw.  Essentially anyone from anywhere could send a specially crafted packet to a service or site using OpenSSL, asking if the server is still accepting communications and the server would return up to 64 Kilobytes of what was in its memory at the time of request.  This return could be username and passwords, or documents, or even security certificates.  The OpenSSL foundation responded and fixed the core code of OpenSSL, but there are still hundreds of thousands devices, or services that still are running the old version of the software.  Please check for updates on your devices, and change any passwords for sites you maybe concerned about. However, only change those passwords after a site has patched their services, and revoked their old security certificate and created a new one.

http://heartbleed.com/

December 5, 2013

Over 2 Million passwords to popular webpages discovered.

In Mid June, Trustwave Spiderlabs researchers were able to view information in the Pony Botnet controller that indicated that there were over 650,000 website credentials that had been harvested by this particular botnet, which, is fairly widespread.  On Tuesday they announced that upon a more detailed look that over 2 million passwords have been harvested by this botnet.  Many of these services have now been notified and they are taking corrective action on those accounts that have been compromised.

 

 


Student Focused. Land Grant. Research University.

Follow NDSU
  • Facebook
  • Twitter
  • RSS
  • Google Maps

North Dakota State University
IT Help Desk Phone: +1 (701) 231-8685
Administrative Calls Only: +1 (701) 231-7961 / Fax: (701) 231-8541
Campus address: Quentin Burdick Building 206
Physical/delivery address: 1320 Albrecht Blvd, Fargo, ND 58102
Mailing address: NDSU Dept. 4510 / PO Box 6050 / Fargo, ND 58108-6050
Page manager: Information Technology Services

Last Updated: Monday, April 21, 2014 4:45:58 PM