Category Archives: News

News

Your data is valuable! Is it safe enough?

Ready to secure the
investment in your data?

Email the IT Service Desk and
tell them you want CrashPlan!
ITServiceDesk@umb.edu

crashplan-it-jun10-jm
Your data is an investment of your time, effort, and expertise. If something causes it to disappear, recreating it can be costly, painful, or sometimes not even possible. Proper backups are insurance on the investment made by you, your group, your students, or your clients. Don’t let your investment remain at risk!

Peter Krogh of dpBestflow.org, coined the idea of the “3-2-1” rule for best practices in data backup. In his overview on backing up data, he writes:

“The simplest way to remember how to back up… safely is to use the 3-2-1 rule:

• We recommend keeping 3 copies of any important file (a primary and two backups)
• We recommend having the files on 2 different media types (such as hard drive and optical media), to protect against different types of hazards.
1 copy should be stored offsite (or at least offline).”

One way to store your data offsite and in a separate media type at the same time, is to use a cloud backup service. UMass Boston’s IT Department now offers access to the CrashPlan Backup Service. What does CrashPlan do?

  • Backup your WHOLE computer, phone and/or tablet, not just a single shared folder, with no transfer or storage limits.
  • Automatic, invisible backups, performed in the background while you use your computer normally.
  • Securely access your files from any browser to restore your files while traveling, at home, or on campus.
  • Data is secured with a strict, industry-standard encryption process. [more info]
  • The IT Department can install CrashPlan for you or your whole group.
  • Click below to read more about Crashplan at UMass Boston:

Ready to secure the investment in your data? Email the IT Service Desk and tell them you want CrashPlan!
ITServiceDesk@umb.edu

News

Failed Microsoft Updates

  • There is a common issue currently plaguing many PC users right now — a faulty Microsoft update that will refuse to install, and then notify the user with endless messages that Windows is removing the update and reinstalling it.
To solve the problem of faulty Microsoft update KB3033929, first “hide” the update by following these steps:
  •  Click Start
  •  Select Control Panel
  •  Click “System and Security”
  •  Click “Windows Update”
  •  Click “Check for Updates”
  •  Click the message that says how many updates are available (see screenshot below)unnamed
  • Right-click the faulty update (it should be labeled KB3033929)
  •  Select “Hide Update” (seescreenshot below)
Screen Shot 2015-04-07 at 3.18.25 PM
That should solve the problem. If it does not solve the problem, contact the IT Service Desk and we will assist further.
News, Security

Tax Season and Tax Fraud Season

tax fraud copySource: StaySafe Online Organization

The closer we get to April 15, the more we’ll be scampering around collecting receipts and crunching the numbers in hopes of receiving tax refunds. At the same time, cybercriminals and scammers will be working on ways to separate people from their hard-earned money. It has been reported that more than 360,000 individuals had been targeted by tax scammers since 2013. These tax cybercrimes include tax identity theft, phone scams and phishing. For more information continue to read Tax Season is also Cyber-Crime Season

How can you help protect yourself?

  • File your taxes as early as possible; this is one way to avoid ID theft and a good way to get your refund in a timely fashion.
  • Get two steps ahead and use multi-factor authentication whenever it’s available. Multi-factor authentication, or two-step verification as it is sometimes called, requires an additional step, such as an SMS text to your phone with a one-time code that’s entered after you enter your username and password for an online account. Check with your online tax preparation service to see if it offers multi-factor authentication (it’s usually free, but you need to opt in). It’s good to enable two-step verification on your email account as well, since it’s a core account — if hacked, cybercriminals can easily access other accounts.
  • When in doubt, throw it out. If you have any doubt about the authenticity of any message you receive over email, text or social media, delete it.
  • Hang up on the bad guys. In the vast majority of cases, if the IRS has identified a problem, it will contact you first by mail. The IRS will never request payment by wire transfer, credit card or prepaid debit card.

The IRS’s help page is http://www.irs.gov/Help-&-Resources

Remember to always STOP. THINK. CONNECT.: take security precautions, understand the potential consequences of your actions and behaviors and connect and enjoy the Internet.

Report scams to:

News

Blast from the Past! Archives of 20-year-old UMass Boston Computing Services Newsletters

byteline

 

Deep in the archives of the ITC, Healey Lower Level, has been found a little piece of IT Department history. Then called Computing Services, several staff put out quarterly print newsletters with articles like:

  • How to adjust the clock for daylight savings time on Macintosh OS System 6 and System 7,
  • An announcement of the second edition of the Internet White Pages listing email address for users across the world – organized by name
  • And obituaries for retiring microcomputers like the Apple Iigs and IBM AT

The archives have been scanned and uploaded for you to peruse and be nostalgic. See articles from familiar names like Peter Tofuri, Peter C.S. Adams, Jamil Moosavifard, Linda Perrotto, Daniel Ortiz, and more!

Click Here to see the Byteline Archives!

This collection is incomplete. If you have old copies of BYTELINE, please get in touch with itc@umb.edu, and we can arrange to have them digitized and added to this collection.

byteline2

News

What is Ransomware?

 

 

What is Ransomware?

Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed.

Ransomware has been around for more than a decade, but cybercriminals have resurrected the scam over the last couple of years and have been immensely successful. Once the victim’s files are infected they are asked to pay a ransom-in the virtual bitcoin currency if the victims want their files unlocked.

Cryptowall Ransomware one of a family of malware programs that encrypts files and demands a ransom from victims, has undergone a revamp that is frustrating security researchers. CryptoWall uses strong public-key cryptography to scramble files with certain extensions. Aside from paying the ransom, the only other way to counter it is by restoring files from a backup, although CryptoWall hunts around and tries to encrypt those files as well. Please see Cryptowall Ransomware Variant has new defenses.

One of the new variants in the crypto ransomware family is the CTB-Locker which encrypts the victims hard drive and the victim has to pay a large sum in order to get the decryption key. The most famous strain of this is the CryptoLocker, which FBI and other authorities took down GameOver Zeus infrastructure which was used to distribute the Cryptolocker which significantly reduced the malware’s effectiveness.

Peace was only for a short time until the ransomware came in form of the Curve-Tor-Bitcoin (CTB) Locker. Traditionally CTB has been distributed through the Angler Exploit Kit. Now the new wave of CTB is being distributed from malicious spam messages.

The common infection vector of CTB is via an email containing a fake invoice, compressed in a “.zip” or “.cab” file. Once the archive is decompressed displays a decoy RTF document, and after 5 minutes drops the CTB-locker payload and then performs the encryption routine. Users infected are asked to pay two or three bitcoins and those who do not risk losing their files.

In early December 2014, there were several reports about yet another type of ransomware, VirRansom (see Protect Against Virulent Ransomware). Not only does it make data unavailable and lock your computer until you have paid the crooks the ransom they demand, but the key feature of the virus is in addition to taking your computer hostage it has a mechanism by which it spreads to others. Not only will it take your system hostage but also other systems which you communicate with by spreading the virus.

How can you prevent becoming a victim of Ransomware attacks?

1) Get educated about phishing. Never, ever open a file or link in an email or on a social website unless you’re sure it was deliberately sent by the person themselves. It may seem interesting as you are reading it but you could end being a victim.

2) Make backups of all your critical data and software on a separate storage device that is not attached to your network or computer except only when backups are made (during which time you should be offline). Once backup is complete disconnect that drive from the network.

3) Use effective and constantly updated anti-malware tools.

4) Keep your operating system updated with the latest patches.

5)  Don’t click on photos or videos without first considering the consequences. If the person who sent it is someone you know, ask them. Better verify than being sorry later.

6) Download email attachments only from trusted sources.

7) If you think you are infected immediately disconnect your system from the network. Run your updated antivirus program. If it is a University owned asset (work computer) run McAfee antivirus and call IT Service Desk.

8)  Educate your employees, family members and friends about destructive malware. Please read this security alert by US-CERT on Crypto Ransomware

Do not pay the criminals. If you take the required precautions especially backing up your critical software and data, you can reinstall and have a clean copy of your files.

P.S :For Your Information- FireEye and Fox-IT have partnered to provide free keys designed to unlock systems infected by CryptoLocker (Please see Decyptolocker).

 

 

 

 

News

Outlook 2010 and VPN Issues

We have heard from several departments that some Outlook users are having severe difficulties using Microsoft Outlook 2010, usually related to sending mail. This appears to be limited to Outlook 2010; however, our testing appears to show that upgrading to Office 2013 does not solve the problem. We suggest using web mail until we can find another solution. As far as we know, the Mac version of Outlook is also unaffected, as is Apple Mail, so those may be alternatives for some people.

If you contact the IT Service Desk about this issue, we may ask you a variety of questions to try to narrow this problem down, including: What version of Outlook are you using? Is the problem strictly with sending mail? Are you using cached mode? Does your computer have Kace installed? Is your computer running McAfee ViruScan with EPO?

In addition, some people are also experiencing trouble staying connected to our VPN service issue (i.e. they are able to connect, but are disconnected after a very short period). Our network and systems teams are working to resolve this problem.

We understand these are very important issues and are working hard to resolve them. We apologize for the inconvenience.

News

Four Fall IT Events – Turnitin, NVivo, MATLAB and Cyber Security

Turnitin – Plagiarism Detection & More

October 30, 12:00 – 1:30pm – Healey LL P2 [Light Lunch Provided]

Turnitin is a plagiarism prevention and detection tool available within Blackboard Learn which compares student-submitted papers to a large database including previously submitted papers as well as indexed web content. A representative from Turnitin will demonstrate the product along with its reporting features, the GradeMark tool which allows you to mark up student papers and leave audio comments, and the iPad app which works with GradeMark. Light lunch will be provided. We encourage you to bring your laptops and iPads.
Click here for more information!

NVivo – Qualitative Research Tool

October 31, 1:00pm to 3:00pm – Healey LL P2

Members of QSR International will be on campus to demo some of the new features of NVIVO.  To learn about NVIVO and what it can do for your research, please stop by Presentation room # 2 on October 31st from 1:00pm to 3:00pm.   We have a limited number of licenses which you can use by sending an email to software@umb.edu
Click here for more information!

MATLAB – Technical Computing Language

November 14, 12:00 to 3:00pm – Healey LL P2 
[Light Lunch Provided]

Presentation and discussion of ways to increase your productivity and effectiveness using MATLAB.  Best practices and common pitfalls in writing MATLAB code, explore the use of the MATLAB Profiler to find bottlenecks, and introduce the use of Parallel Computing Toolbox and MATLAB Distributed Computing Server to solve computationally and data-intensive problems on multicore computers and clusters.
Click here for more information!

Cyber Threat Smackdown! – Defending your Digital Devices

Wednesday October 22, 11:00 to 12:15 
Campus Center 3rd floor ball room
An iPad will be raffled off, plus other prizes!

Cyber Security is in the news every day, with stories about the celebrity iCloud photo release, and credit card breaches from Target and Home Depot. October is Cyber Security Awareness Month, and the UMass Boston IT department is hosting an event to help keep your data and devices secure.
Click Here to register for this free event

 

** Have a question regarding software – please email software@umb.edu or visit: http://www.umb.edu/it/getting_services/hardware_software_equipment

News

IT Educational Technology Software Updates

Mathematica – Renewal of License

The annual license for Mathematica has been renewed for another year – until September 15, 2015.  You may download the latest version from the Wolfram portal in the Download Center [http://user.wolfram.com].  Existing users whose activation keys are marked as “auto renew” will not need to do anything.

STATA – Site License – Faculty, Staff & Labs

The 5 campuses have jointly subscribed to a site license for STATA – a data analysis and statistical software application.  To obtain a copy of the software, please send an email to software@umb.edu.  The license allows us to install the software on faculty, staff and lab computers [university owned].  For students, there is a “student” version which you can purchase from STATA.

 SPSS – Student / Home User version

We have purchased a limited number of licenses for student and home use of this predictive analytics statistics software.  The cost for this license is $40.  To obtain a license please send an email to software@umb.edu and mention that you are looking to purchase the ‘Student’ version.  If there are groups of students or a class needing access to SPSS, please  let us know as we can arrange to place an order for a block of 20 or 40 licenses – the cost per license will remain the same.

** Have a question regarding software – please email software@umb.edu or visit: http://www.umb.edu/it/getting_services/hardware_software_equipment

News

IT Office Moves – How to find your support team

As of this week, several divisions or offices within the IT Services Division no longer reside in the Quinn Building. You can find the following divisions or offices in these new locations.

The Office of the Vice Provost and CIO for IT:
Healey Library, Lower Level, room 15

Desktop Services:
Healey Library, 3rd floor, room 9 (adjacent to the IT Service Desk)

Application and Web Services:
Bayside Office Center
150 Mount Vernon Street, 5th floor
Suite 550

Phone numbers and email addresses for affected staff members remain the same, but please be patient as phones and computers are installed and staff members complete the moves into their new locations.

Some other personnel have moved as well. If you have any questions, please contact Salina Allen-Sharpp at 617-287-5410