Keeping Information Security Simple – Murphy is our shepherd!
Letter from the CISO, Vol 4 Issue 11 WashU Community: Confession time I have two confessions to share. First, I have failed phishing tests. Not the ones I’ve seen and approved for use (thank goodness), but ones that caught me at the wrong time in the right way. It can happen to anyone. As I […]
Chance to Win $100 in Our Monthly Challenge
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this April. The Inside Man is a soap opera-style training that covers critical […]
Scam of the Month: New payment request
The Office of Information Security observes a trend in which criminals send fraudulent invoices, hoping that victims will click a malicious link, open the attachment, or call the given number. If you see a message like the one below, please do not interact with the sender, phone number, or attachment. Do not follow any special […]
Inside ABC: Unique Initiatives for Unique Audiences
The Office of Information Security’s (OIS) Awareness, Behavior, and Culture (ABC) team is focused on infusing good cybersecurity practices into everything we do here at WashU. We work to provide the WashU community with the tools we all need to safely navigate the cyberspace. That landscape is full of would-be scammers and bad actors who […]
Security Responsibilities for PHI Handlers
All WashU community members who handle PHI are responsible for maintaining a secure environment and patient privacy. This includes faculty, staff, volunteers, trainees, and students. WashU’s core technology systems are designed to safely store and transmit PHI for safety and compliance with HIPAA. Before using external websites or cloud services to store, create, or transmit WashU Confidential […]
Keeping Information Security Simple – Taking care of ourselves and everyone around us
Letter from the CISO, Vol 4 Issue 10 WashU Community: Taking care of ourselves and everyone around us WashU IT’s theme for the month of March is “Employee appreciation: Every day is a day to recognize your time and talent,” and I think one of the most important things for everyone to do is to […]
Chance to Win $100 in Our Monthly Challenge
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this March. The Inside Man is a soap opera-style training that covers critical […]
Scam of the Month: Verify You’re a Human
The Office of Information Security has observed a trend in which criminals create fake CAPTCHA pages to trick users into copying malicious code into their computer. To protect yourself, do not paste material into your computer. When a victim clicks the ‘I’m not a robot’ box, verification steps are presented. Completing these steps triggers a […]
Keep Your Information Secure This Tax Season
Tax Day is April 15, and internet scammers will capitalize on the moment. The Internal Revenue Service initiates most contact through regular mail delivered by the United States Postal Service. To verify the IRS sent the letter, you can search for it on IRS.gov. Sometimes, they will call or visit, but other than that, the Internal Revenue Service […]
Meet Your InfoSec Team: Una McGarry, Information Security Analyst I
The Office of Information Security (OIS) has recently welcomed Una McGarry to the team. In her role as Information Security Analyst I, Una is part of the Vulnerability Management team’s efforts to protect WashU’s data and systems from bad actors. This includes assessing daily vulnerabilities, communicating risks to stakeholders, and coordinating with business partners to […]
The Risk of Running Unsupported Operating Systems
What if you are still running Windows XP or 7 on some of your computers? Extended support for Windows 7 ended on January 14, 2020, over 10 years after the release of Windows 7. Now the operating system no longer receives security updates. Some versions of Windows 10 and 11 are already unsupported. Devices with an […]
External Email Banner Exception Request
WashU IT has installed the external email banner for Microsoft Outlook to boost security and prevent account compromises by highlighting emails from outside the university. The purpose of having an external banner is to alert faculty, staff, and students when an email comes from outside the university, urging them to proceed with caution. If you […]
Keeping Information Security Simple – Happy Valentine’s Day – You’ve been scammed!
Letter from the CISO, Vol 4 Issue 9 WashU Community: For every season, there is a scam Our theme for February is “Securing information, promoting innovation, supporting tech – IT is a labor of love.” This sets me up nicely to provide dire warnings about romance scams, tax scams, and deepfakes. “Nearly 59,000 Americans lost […]
Chance to Win $100 in Our Monthly Challenge
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this February. The Inside Man is a soap opera-style training that covers critical […]
(Un)encrypted Messaging Under Hacked Telecoms
In October 2024, the Wall Street Journal reported a large cyberattack against U.S. telecommunications companies. The FBI, NSA, and the Cybersecurity and Infrastructure Security Agency released new guidelines for protecting communications infrastructure in the United States. Despite the government’s efforts, the Chinese hackers continue their hacking of US telecom networks. If the most valuable items on your […]