|Title||Start Date & Time||End Date & Time|
|Service Issue Updated: Campus Wireless||Monday, February 12, 2018 - 10:05am|
|Service Issue Updated: Northstar||Thursday, May 24, 2018 - 11:28am|
|Service Maintenance Scheduled: Wi-Fi in Benson & Math||Wednesday, June 20, 2018 - 7:00am||Wednesday, June 20, 2018 - 7:30am|
|Service Maintenance Scheduled: Networks in Andrews, Buckingham, Smith||Monday, June 18, 2018 - 8:00am||Thursday, June 21, 2018 - 5:00pm|
|Service Maintenance Scheduled: Campus Solutions & Portals||Sunday, June 24, 2018 - 6:00am||Sunday, June 24, 2018 - 6:00pm|
|Service Maintenance Scheduled: Networks in Farrand, Cockerell, Sewall, Brackett, Aden||Monday, June 25, 2018 - 8:00am||Thursday, June 28, 2018 - 5:00pm|
A new web browser flaw is being used in phishing attacks to make malicious phishing websites appear to have the same web address as known and trusted websites. In the past, OIT encouraged individuals to check URL addresses in the address bar or pop-up text when a mouse hovers over a URL. However, this new flaw allows attackers to craft a URL which will trick the web browser into displaying a trusted URL rather than the address of the malicious website. Attackers are even able to forge websites which are HTTPS protected.
The IT Security Office advises users of Chrome, Firefox, and Opera to manually type URLs for sensitive sites (e.g., your bank or financial institution, Mycuinfo, and sites which require a login) rather than clicking links in emails or on untrusted websites. Within Firefox, one can mitigate this threat by disabling support for Punycode by navigating to about:config and setting “network.IDN_show_punycode” to "true".
Additional information about these vulnerabilities can be viewed at:
If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or firstname.lastname@example.org. IT Service Center Hours: https://oit.colorado.edu/support/it-service-center.
OIT has defined the following categories to describe the severity of security risks:
URGENT severity represents a broad threat to the entire campus community.
SEVERE severity included remote exploits and worms.
IMPORTANT severity includes virus and local exploits for commonly used services.