Skip over navigation

News

At least one department on campus has reported sightings of a phishing scam that has been circulating elsewhere for a while enticing recipients to enter their credentials into a false Dropbox login page.
It was recently discovered that OpenSSL versions released in the past two years have a flaw that enables an attacker to discover the secret encryption key for any server running the software, and to capture and decrypt any data being transmitted to and from the system. This can potentially expose netIDs and passwords used to log into the site, or any other personal, sensitive information that was shared.
As you are aware, OpenSSL versions from 1.0.1 through 1.0.1f have a serious vulnerability that could expose server encryption keys used for SSL and TLS protected communications, as well as any confidential data, including passwords, being communicated to and from vulnerable servers.

This article describes the actions that anyone who manages a web server that uses the OpenSSL library needs to take.
It has recently been announced that over the past two years, the Open SSL library, used by a number of web server software products, has been vulnerable to attacks that exploit a flaw in the software that permits an attacker to view up to 64K of memory on systems running the software. This article describes the flaw and describes actions that can reduce the risk of compromise.
Most are pretty familiar with e-mail phishing.  But there are other techniques used by individuals to obtain your personal information.
As of April 8, 2014, Microsoft will no longer support the Windows XP operating system.  With that in mind, we strongly recommend that all computers, both Princeton-provided AND personally owned, that currently have Windows XP installed, be upgraded to supported Windows versions (i.e., Windows 7, Windows 8).
We have developed a web page, entitled "Technology Guidelines for International Travel," that provides you with things you should consider and do before, during and after your travels to help you improve your defenses against compromise.