Security & Policy Blog Posts

  • We have received approximately 15 reports from faculty and staff who have had a fraudulent 2013 federal tax return submitted to the IRS in their name. There is no evidence the tax fraud is a result of a disclosure of information that originated from IU.
  • On March 24th 2014, Microsoft released an advisory describing a vulnerability in all supported versions of Microsoft Word.
  • Apple has released critical security updates to address a dangerous bug in Apple's implementation of SSL/TLS that affects multiple versions of iOS 6, iOS 7, Apple TV OS 6, OS X 10.9 (Maverics).
  • Older version of NTP with outdated configuration may allow servers to be used in a Denial of Service attack

    Recent Security Bulletins

  • Vulnerability in OpenSSL versions 1.0.1 before 1.0.1g
  • New ransomware named CryptoLocker threatens to destroy data unless a payment is made.
  • Critical Java Vulnerability included in Exploit Kit
  • This bulletin details four recently published, critical rated, vulnerabillies in Adobe ColdFusion and ways to mitigate the risk of them being exploited including the hotfix for supported versions.