https://light.its.yale.edu/messages/its/current.asp en-us Copyright 2008 Yale University 2008-8-20T10:7:44 Jane Livingston, Associate Director Communications, Yale University - Information Technology Services https://light.its.yale.edu/messages/its/detail.asp?msg=34300 UPDATE: August 18, 2008 Yale ITS will never ask you to provide your email log in information via email. Phishing / attacks continue at Yale purporting to be from various Yale support / organizations. These messages attempt to trick individuals into / providi... August 18, 2008, 1:08 pm https://light.its.yale.edu/messages/its/detail.asp?msg=34321 To: Yale Community / Yale clients have reported receiving "News Alert" email purportedly from CNN.COM and MSNBC.COM. DO NOT OPEN these messages or click on any links contained in the email. The emails have been crafted to look like news alerts from CNN.... August 14, 2008, 7:08 pm https://light.its.yale.edu/messages/its/detail.asp?msg=34306 A new phishing attack targeting the University involves an email message purporting to be from the IRS:From: Internal Revenue Service Subject: Urgent MessageThis message attempts to trick individuals into clicking on the link provided in the email.IMPORTA... August 13, 2008, 10:08 am https://light.its.yale.edu/messages/its/detail.asp?msg=34292 FROM: Morrow Long, University Info Security Officer / To: IT Partnerscc:  unix.systems@yale.edu, dcsunix@yale.eduApache Tomcat Directory Traversal VulnerabilitiesApache has released patches for Tomcat v. 4, 5 and 6 to fix cross-site scripting problems triggered by specially-crafted web requests (see adv... August 11, 2008, 3:08 pm https://light.its.yale.edu/messages/its/detail.asp?msg=34262 A new phishing attack targeting the University involves an email message purporting to be from a Yale employee: / Subject: Salary Increase Plan Of 2009 / I heard about this news from somebody, but I am not sure of it, what / do you think of it ?More ... August 6, 2008, 2:08 pm https://light.its.yale.edu/messages/its/detail.asp?msg=34245 Information Security has received a copy of an email purportedly from CNN.COM with the subject ' CNN.com Daily Top 10.' The email is a fake message and should not be opened. (The message bears address sender patti-knaataso@slinkey.no, though the email was... August 5, 2008, 11:08 am https://light.its.yale.edu/messages/its/detail.asp?msg=34234 Tomcat versions 4, 5 and 6 contain an important flaw which can allow access to content which would otherwise be protected. The Apache Software Foundation has announced upgraded (fixed) versions of tomcat 4, 5 and 6. The announcement (which follows) contai... August 2, 2008, 10:08 pm https://light.its.yale.edu/messages/its/detail.asp?msg=33965 FROM: Morrow Long, University Info Security Officer / To:  IT Staff       IT Partners       IT Support TeamsIf you or your clients maintain or develop Internet Information Services (IIS), please read the following information.  Last week,&... June 30, 2008, 12:06 pm https://light.its.yale.edu/messages/its/detail.asp?msg=33913 This new security vulnerability impacts the following systems: MacOS X 10.4 and 10.5 / / There is a security weakness in MacOS X 10.4 and 10.5 for which there is currently no fix nor patch available from Apple. / IMPACT: If you have any Apple Ma... June 20, 2008, 10:06 am https://light.its.yale.edu/messages/its/detail.asp?msg=33803 This weekend a number of Yale clients reported receiving messages that attempted to trick users into providing their email credentials, telling them: / This message is from YALE.EDU messaging center to all YALE.EDU email account owners. We are current... June 16, 2008, 11:06 pm https://light.its.yale.edu/messages/its/detail.asp?msg=33690 Today (May 24, 2008) Yale clients reported receiving messages that attempted to trick users into providing their email credentials, telling them We are deleting all unused yale.edu accounts to create more space for new accounts. The message also included... May 24, 2008, 8:05 pm https://light.its.yale.edu/messages/its/detail.asp?msg=33363 UPDATE May 21: There was a new crop of phishing messages that begin with Dear yale.edu Email Account Owner. ITS has blocked messages with this content as of 5:15 on May 20. Some messages did get through prior to the block, you can safely delete such mes... May 21, 2008, 9:05 am https://light.its.yale.edu/messages/its/detail.asp?msg=33515 FROM: ITS Information Security Office / TO: IT Program Directors / ITS Support Groups / ITS Staff / IT Partners / IT Friends / RE: Serious Vulnerability in Debian & Ubuntu (Linux) Keys (SSH & SSL) / A serious vulnerability has been discovered with the keys generate... May 16, 2008, 12:05 pm https://light.its.yale.edu/messages/its/detail.asp?msg=32046 Since late March, national news services have been reporting a dramatic increase in messages fraudulently claiming to be from the IRS. Yesterday, several Yale clients reported receiving messages that looked very convincing. The message contained authenti... April 3, 2008, 9:04 am https://light.its.yale.edu/messages/its/current.asp