Main Alerts

Single Sign On Change Notification

As part of our effort to bring a unified Single Sign On (SSO) experience to more of MUIT services, we are preparing to migrate to a new Shibboleth Identity Provider (IDP) server that will allow us to integrate with Active Directory Federation Services (ADFS). Once this migration is complete, those attempting to log-in to services protected by shibboleth will no longer see the traditional Marshall Shibboleth SSO page.

Once the migration is complete, users will see the standard ADFS login page instead.


What is Shibboleth?

As a federated system, a Shibboleth IdP supports secure access to resources across security domains. Information about a user (known as attributes) is sent from a home identity provider (IdP) to a service provider (SP), which prepares the information for protection of sensitive content and use by applications.

What is ADFS?

Active Directory Federation Services (ADFS) is a software component developed by Microsoft that can be installed on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries.

Which systems will be affected?

Bb Transact for Eaccounts

eRezLife

InCommon federation including CILogon, Educause, Eduroam

Poll Everywhere

Tapingo

WVAquavit


Please note that this is re-directing to ADFS for authentication only. The remainder of the process is handled by shibboleth just as it always has for attribute release, etc.  As of right now, we are planning on migrating to the new server during the standard maintenance window on 10/21/18.

 

Please contact the IT Service Desk for any questions, 304-696-3200, or chat below.

 

 

MATLAB Support Change

Below is an update from MATLAB:

If you have installed MATLAB on a platform that is impacted by a support change.

MathWorks periodically updates platform support and has made the following changes:

New Platforms

  • Ubuntu 18.04 LTS: Support begins with R2018b.
  • SUSE Linux Enterprise Desktop 15: Support begins with R2018b.
  • SUSE Linux Enterprise Server 15: Support begins with R2018b.

Dropped Platforms

  • Windows 8.1: Support has ended as of R2018b.
  • macOS 10.11 “El Capitan”: Support has ended as of R2018b.

See the complete set of system requirements and the platform road map for the latest information on planned platform changes to MathWorks products.

Sincerely,
MathWorks Customer Service Team
mathworks.com/contact

MU Information Security Alert

A number of fradulent emails have been circulating with various subjects and @live.marshall.edu senders, all with message bodies looking similar to the image below.  Many accounts are continuing to be compromised. Please DO NOT CLICK any links in messages which look similar to the image below, or any other messages before verifying the sender, verifying the URL, and ensuring you expect the message and that it is legitimate.

IF YOU HAVE ALREADY CLICKED A LINK IN A MESSAGE SIMILAR TO THE ONE ABOVE, CHANGE YOUR PASSWORD AS SOON AS POSSIBLE and contact the IT Service Desk at (304)696-3200. 

 

IF YOU RECEIVE A FRAUDULENT EMAIL MESSAGE, WE ASK YOU TAKE THE FOLLOWING ACTION(s):

  1. (Optional) Report a suspicious email message sent to your @marshall.edu email address by forwarding the message to phishing@marshall.edu. You will receive an auto-reply confirming receipt of the message as well as additional instructions.
  2. Delete the message from your inbox.
  3. As long as you did not attempt to open the attachment, reply/click on the web link, or provide any personal information, no additional action is needed; however…
  4. If you attempted to open an attachment or visited a website where you submitted your username, password or other sensitive information, you should immediately contact the Marshall IT Service Desk at (304) 696-3200 / itservicedesk@marshall.edu.

 

Security Tip: Use of the ‘Skeptical Hover Technique’ Most email applications allow you to simply hover your mouse – without clicking – over an embedded web link to preview where the hidden link will try to send you if you should click it.

 

ALWAYS be suspicious of any unexpected email messages (regardless of the source) which include file attachments,  web URL’s, or are written with a sense of urgency that you must provide computer passwords or reveal personal financial information.

 

Phishing Scams and Compromised Accounts – What Should I Do?

https://www.marshall.edu/it/departments/information-security/compromise/

 

InfoSec Tips #7: Don’t Be Tricked

http://www.marshall.edu/it/training/infosec-tips-7/

 

Thank you for your continued awareness,

 

 

Notification: Possible Outage

The Division of Information Technology will be performing upgrades on the data center network switches to correct a software defect on Saturday August  25th  from 12:00am – 1:00am.  During this time there will be intermittent outages of all voice, video and data applications.  If you have questions or concerns about the timeline, please contact the IT Service Desk as soon as possible.  You will also be able to follow the progress on our IT Service Status page.

Adobe Creative Cloud licensing update

Marshall University students, faculty and staff who require the Adobe Creative Cloud software as part of their academic program or job function now have new and expanded access to this software suite.

This licensing enhancement expands the use to not only select University-owned computers, but also allows installation on an additional device including a personally-owned computer. This new capability is called ‘named-user-licensing’ and will be accessible via single-sign-on with your MUNet account credentials.

The University is funding this initiative for specific academic programs and business units. Named-user licensing will allow students, faculty, and staff to install and run the complete Adobe Creative Cloud Suite on up to two computers that they use, including their own personal computer, but is limited to one active computer at a time.

Eligible students include those enrolled in a major under the College of Arts and Media (CAM) and other select courses. Students enrolled in an eligible course outside of CAM may receive access for the duration of the approved course’s term.  Check my eligibility.

If a student needs access to Adobe Creative Cloud software for a specific course, please ask your instructor to complete the online request form to Request Access to Adobe Creative Cloud apps.

If your use is not course-related, then you may want to consider purchasing a personal license through Adobe Creative Cloud with an educational discount. Users with active license assignments (personal and enterprise) may use the Adobe Creative Cloud applications in one of our technology labs and designated classrooms across campus.

Students, Faculty and Staff who need access to Adobe Creative Cloud apps for their academic or administrative work should complete the online request form to create their license assignment.

Please visit the following website www.marshall.edu/it/adobe for further information, to check your eligibility, and to request access.

Still have questions or having issues with installing or updating your Creative Cloud license? Please contact the IT Service Desk via chat, phone 304-696-3200, email itservicedesk@marshall.edu, or in person.

SPSS License Renewal Notification

The IBM/SPSS software starts alerting our campus software users about the upcoming expiration 30-days in advance each time the application is launched.  Marshall University users can ignore these alerts regarding our current SPSS license that has a renewal anniversary date of 2/28/2018.  The annual license renewal requisition process started several weeks ago and should be completed very soon.

macOS High Sierra – Critical Security Update

This is an important computer security bulletin from Marshall University Information Technology team directed at Marshall University students, faculty and staff who own or use an Apple Macintosh computer. Apple has released a critical security update which should be applied to all computers which are running macOS High Sierra 10.13. Marshall University IT staff are working to address this issue on University-owned devices; students, faculty and staff need to be aware of this issue needs addressed on personal-owned devices.

What computers are at risk?

If you have an Apple Macintosh computer which is running the current release of macOS High Sierra 10.13 or 10.13.1, you are at risk and need to apply this update ASAP. If you are still running macOS Sierra 10.12.6 or earlier, this update is not needed.

How do I check which version of macOS in on my computer?

Click on the ‘Apple’ icon menu (in the upper left corner of your computer), and select ‘About This Mac’. You should see a pop-up window which will list the operating system name and version (see below):


 

How do I check for and apply needed software updates?

If your computer shows ‘macOS High Sierra Version 10.13 or 10.13.1’, click on the ‘Software Update…’ button in the lower-right of the pop-up. This will launch the Apple ‘App Store’ utility. Click on the ‘Updates’ menu and apply any needed updates. If the App Store shows ‘No Updates Available’, be sure to confirm that these 2 critical updates ‘MacOS 10.13.1 Update’ and ‘Security Update 2017-001’ are listed as being installed:

Please review the links below for further information and assistance

  • Apple Security Update 2017-001

https://support.apple.com/en-us/HT208315

  • Apple releases macOS High Sierra Security Updates

https://9to5mac.com/2017/11/29/macos-root-fix/

  • Marshall University IT Service Desk

https://www.marshall.edu/it/departments/it-service-desk/

  • Marshall University IT Information Security Team

https://www.marshall.edu/infosec

Protecting Your Marshall MUNet/Email Account from Phishing Attacks

Recent Phishing Attacks

Over the past several months, the Office of Information Technology has seen an influx of fraudulent “phishing” messages, many which appear urgent, and are designed to trick account holders into clicking a link (or in some cases, replying to an email) and providing a username and password.

In most cases, these emails have been sent from other Marshall University account holders who have already been victims of these fraudulent messages and thus have had their accounts compromised. Once an account is compromised, it is then being used by a cyber-criminal to distribute more phishing messages to other MUNet/Office365 account holders.

Since the messages are coming from @marshall.edu or @live.marshall.edu addresses, the recipient is more likely to trust the sender and be tricked into clicking a link and logging in to what they think is a legitimate web page. Many of these web pages are designed to look like authentic Marshall University, Microsoft, or financial institution login pages, but are actually capturing credentials.

Prevention and Education

The IT department is doing their best to catch compromised accounts before more phishing messages can be distributed, however, the best way to protect yourself and others is to use caution when checking your email.

ALWAYS be suspicious of any unexpected email messages, regardless of the source, which include file attachments, web URLs, or are written with a sense of urgency and require you to provide credentials or other personal information.

Phishing Examples

Below are a few examples of recent phishing messages. Notice that each includes hyperlinked text which, when the mouse is hovered over, reveals a web address that is NOT a marshall.edu or microsoft.com address. Also, these messages have a sense of urgency and ask that the recipient verify information. Marshall University will never send you unsolicited email asking you to verify your password or personal information, nor will any other trusted organization.

If You Receive A Fraudulent Email

  1. (Optional) Report a suspicious email sent to your @marshall.edu or @live.marshall.edu email address by forwarding the message to phishing@marshall.edu. YOu will receive an auto-reply confirming receipt of the message as well as additional instructions.
  2. Delete the message from your inbox
  3. As long as you did not attempt to open the attachment, reply/click on the web link, or provide any personal information, no additional action is needed; however…
  4. If you attempted to open an attachment or visited a website where you submitted your username, password or other sensitive information, you should immediately contact the Marshall IT Service Desk at (304)-696-3200 / itservicedesk@marshall.edu.

Protecting Yourself From Email Fraud(AKA Phishing)

Phishing Scams


InfoSec Tips #7: Don’t Be Tricked

Tip 7: Don’t Be Tricked

 
 

This alert was also sent to the Marshall community via e-mail

WiFi Update 9:15 am

As of 9:15 this morning all scheduled maintenance on the WiFi network has been completed. Please report any problems you encounter to the IT Service Desk immediately.