Keeping Information Security Simple – Murphy is our shepherd!

Keeping Information Security Simple – Murphy is our shepherd!
Letter from the CISO, Vol 4 Issue 11 WashU Community: Confession time I have two confessions to share. First, I have failed phishing tests. Not the ones I’ve seen and approved for use (thank goodness), but ones that caught me at the wrong time in the right way. It can happen to anyone. As I […]

Chance to Win $100 in Our Monthly Challenge 

Chance to Win $100 in Our Monthly Challenge 
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this April. The Inside Man is a soap opera-style training that covers critical […]

Scam of the Month: New payment request 

Scam of the Month: New payment request 
The Office of Information Security observes a trend in which criminals send fraudulent invoices, hoping that victims will click a malicious link, open the attachment, or call the given number.  If you see a message like the one below, please do not interact with the sender, phone number, or attachment. Do not follow any special […]

Inside ABC: Unique Initiatives for Unique Audiences

Inside ABC: Unique Initiatives for Unique Audiences
The Office of Information Security’s (OIS) Awareness, Behavior, and Culture (ABC) team is focused on infusing good cybersecurity practices into everything we do here at WashU. We work to provide the WashU community with the tools we all need to safely navigate the cyberspace. That landscape is full of would-be scammers and bad actors who […]

Security Responsibilities for PHI Handlers 

Security Responsibilities for PHI Handlers 
All WashU community members who handle PHI are responsible for maintaining a secure environment and patient privacy. This includes faculty, staff, volunteers, trainees, and students. WashU’s core technology systems are designed to safely store and transmit PHI for safety and compliance with HIPAA. Before using external websites or cloud services to store, create, or transmit WashU Confidential […]

Chance to Win $100 in Our Monthly Challenge

Chance to Win $100 in Our Monthly Challenge
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this March. The Inside Man is a soap opera-style training that covers critical […]

Scam of the Month: Verify You’re a Human

Scam of the Month: Verify You’re a Human
The Office of Information Security has observed a trend in which criminals create fake CAPTCHA pages to trick users into copying malicious code into their computer. To protect yourself, do not paste material into your computer. When a victim clicks the ‘I’m not a robot’ box, verification steps are presented.   Completing these steps triggers a […]

Keep Your Information Secure This Tax Season 

Keep Your Information Secure This Tax Season 
Tax Day is April 15, and internet scammers will capitalize on the moment. The Internal Revenue Service initiates most contact through regular mail delivered by the United States Postal Service. To verify the IRS sent the letter, you can search for it on IRS.gov. Sometimes, they will call or visit, but other than that, the Internal Revenue Service […]

Meet Your InfoSec Team: Una McGarry, Information Security Analyst I

Meet Your InfoSec Team: Una McGarry, Information Security Analyst I
The Office of Information Security (OIS) has recently welcomed Una McGarry to the team. In her role as Information Security Analyst I, Una is part of the Vulnerability Management team’s efforts to protect WashU’s data and systems from bad actors. This includes assessing daily vulnerabilities, communicating risks to stakeholders, and coordinating with business partners to […]

The Risk of Running Unsupported Operating Systems

The Risk of Running Unsupported Operating Systems
What if you are still running Windows XP or 7 on some of your computers? Extended support for Windows 7 ended on January 14, 2020, over 10 years after the release of Windows 7. Now the operating system no longer receives security updates. Some versions of Windows 10 and 11 are already unsupported. Devices with an […]

External Email Banner Exception Request 

WashU IT has installed the external email banner for Microsoft Outlook to boost security and prevent account compromises by highlighting emails from outside the university. The purpose of having an external banner is to alert faculty, staff, and students when an email comes from outside the university, urging them to proceed with caution.  If you […]

Chance to Win $100 in Our Monthly Challenge 

Chance to Win $100 in Our Monthly Challenge 
The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. Back by popular request, the InfoSec team is continuing to assign the Inside Man series as our competition this February. The Inside Man is a soap opera-style training that covers critical […]

(Un)encrypted Messaging Under Hacked Telecoms 

(Un)encrypted Messaging Under Hacked Telecoms 
In October 2024, the Wall Street Journal reported a large cyberattack against U.S. telecommunications companies. The FBI, NSA, and the Cybersecurity and Infrastructure Security Agency released new guidelines for protecting communications infrastructure in the United States. Despite the government’s efforts, the Chinese hackers continue their hacking of US telecom networks.  If the most valuable items on your […]