Loyola University Chicago

- Navigation -

Loyola University Chicago

University Information Security Office

Security Articles

Students

DateArticle Title
Nov 2012

Pro-Iranian hackers stole data from UN atomic agency's server

The United Nations' International Atomic Energy Agency has admitted that data from a retired server at its Vienna headquarters was stolen and posted to a hacker website.
<<Read More>>

August 2012

Secure your digital self: auditing your cloud identity

We put more and more of ourselves in the cloud every day. E-mail, device settings, data synchronization between devices, and access to much of our digital selves is tied to a handful of cloud service accounts with Google, Apple, Microsoft, Dropbox, and others. As demonstrated dramatically over the last week, those accounts are easily put at risk if they’re too interconnected—especially since the weakest link in cloud security may be the employees of the providers themselves. <<Read More>>

August 2012

Dropbox confirms it got hacked, will offer two-factor authentication

Dropbox on Tuesday acknowledged that a recent spam attack was likely caused by a stolen password that allowed access to an employee project document.<<Read More>>

July 2012

Skype bug sends messages to to unintended recipients (Updated)

Careful what you say about the boss, your spouse, or anyone else who may be a Skype contact. A four-week-old bug in the popular Voice Over IP application is sending copies of some messages to unintended recipients, Microsoft officials have confirmed.<<Read More>>

June 2012 

Microsoft Update and The Nightmare Scenario

About 900 million Windows computers get their updates from Microsoft Update. In addition to the DNS root servers, this update system has always been considered one of the weak points of the net. Antivirus people have nightmares about a variant of malware spoofing the update mechanism and replicating via it.<<Read More>>

May 2012

Flashback infections not waning after all; 650,000 Macs still hijacked

Analysis declaring the demise of the Flashback Mac backdoor has been greatly exaggerated, said researchers with a Russia-based antivirus firm, who on late Friday estimated there are 650,000 unique OS X machines currently infected by the malware.<<Read More>>

May 2012

Google reaches out to owners of machines infected with DNSChanger malware

Google announced it would be leading a campaign to notify users whose PCs were infected by the DNSChanger malware. The malware was part of a scam that came to light last November when the US Department of Justice accused seven Estonian and Russian men of orchestrating several different kinds of Internet fraud schemes. Users were infected with DNSChanger after they clicked malicious links or downloaded tainted software..<<Read More>> 

May 2012

Hacker Lewys Martin uses Call of Duty virus to sell players' card details

An “evil” genius used his IT expertise to mastermind a computer scam that has netted him thousands of pounds.Hacker Lewys Martin, 20, offered a “patch” to users of the popular video game Call Of Duty - but secretly hid a trojan horse virus inside.<<Read More>> 

May 2012

Seeing ads on Wikipedia? Then you're infected

Surfers who see ads when they visit Wikipedia are likely infected with malware, the online encyclopedia warns.<<Read More>> 

March 2012 

30,000 WordPress blogs infected to distribute rogue antivirus software

Almost 30,000 WordPress blogs have been infected in a new wave of attacks orchestrated by a cybercriminal gang whose primary goal is to distribute rogue antivirus software.The attacks have resulted in over 200,000 infected pages that redirect users to websites displaying fake antivirus scans. The latest compromises are part of a rogue antivirus distribution campaign that has been going on for months, the Websense researchers said. <<Read More>> 

January 2011 

How Apple and Google will kill the password

Imagine sitting down at a public PC, surfing the Web, visiting Facebook, checking your online bank account and buying something on Amazon.com -- all without entering passwords or credit card information. <<Read More>>

January 2011 

Privacy Alert: 10 Biggest Threats of 2010

2010 could go on record as the year the privacy mess hit the proverbial fan. Companies such as Apple, AT&T, Facebook, and Google all got nailed for sharing users' personal data in big ways, accidentally or otherwise. Police officers were caught tracking people's movements via cell phones, while Web advertisers tracked surfers' virtual movements via hard-to-kill cookies. Schools spied on their students, mobile apps spied on their owners, and the feds caught heat for getting a little too personal with their security searches. <<Read More>>

December 2010 

Free vs. Fee: Free and Paid Antivirus Programs Compared

Can free antivirus software protect you? Or is it worth paying for a full-blown A/V app? We look at the benefits--and pitfalls--of free and paid antivirus products. <<Read More>> 

 

Staff and Faculty

DateArticle Title
February 2013

Educause Security Breach

A security breach involving an EDUCAUSE server may have compromised some EDUCAUSE website profile passwords. This does not affect users that log in using their InCommon credentials via Loyola.<<Read More>>

November 2012

Google, Microsoft, PayPal, other Romanian sites hijacked by DNS hackers

Romanian websites for Google, Microsoft, Yahoo, PayPal, and other operators were briefly redirected to a rogue server on Wednesday. The redirect is most likely a result of a decade-old hacking technique that underscores the fragility of the Internet's routing system. <<Read More>> 

November 2012 

Pro-Iranian hackers stole data from UN atomic agency's server

The United Nations' International Atomic Energy Agency has admitted that data from a retired server at its Vienna headquarters was stolen and posted to a hacker website. <<Read More>> 

August 2012

Secure your digital self: auditing your cloud identity

We put more and more of ourselves in the cloud every day. E-mail, device settings, data synchronization between devices, and access to much of our digital selves is tied to a handful of cloud service accounts with Google, Apple, Microsoft, Dropbox, and others. As demonstrated dramatically over the last week, those accounts are easily put at risk if they’re too interconnected—especially since the weakest link in cloud security may be the employees of the providers themselves. <<Read More>> 

January 2011

Privacy Alert: 10 Biggest Threats of 2010

2010 could go on record as the year the privacy mess hit the proverbial fan. Companies such as Apple, AT&T, Facebook, and Google all got nailed for sharing users' personal data in big ways, accidentally or otherwise. Police officers were caught tracking people's movements via cell phones, while Web advertisers tracked surfers' virtual movements via hard-to-kill cookies. Schools spied on their students, mobile apps spied on their owners, and the feds caught heat for getting a little too personal with their security searches. <<Read More>>

December 2010

Free vs. Fee: Free and Paid Antivirus Programs Compared

Can free antivirus software protect you? Or is it worth paying for a full-blown A/V app? We look at the benefits--and pitfalls--of free and paid antivirus products. <<Read More>>

September 2010

The 17 Most Dangerous Places on the Web

The scariest sites on the Net? They're not the only ones you might suspect. Here's what to watch out for and how to stay safe. <<Read More>>

June 2010 

How VPN (Virtual Private Networks) Work ?

VPN is a private network that uses a public network (usually the Internet) to connect remote sites or users together. Instead of using a dedicated, real-world connection such as leased line, a VPN uses "virtual" connections routed through the Internet from the company's private network to the remote site or employee. <<Read More>>

 

Network Administrators

DateArticle Title
August 2012

Secure your digital self: auditing your cloud identity

We put more and more of ourselves in the cloud every day. E-mail, device settings, data synchronization between devices, and access to much of our digital selves is tied to a handful of cloud service accounts with Google, Apple, Microsoft, Dropbox, and others. As demonstrated dramatically over the last week, those accounts are easily put at risk if they’re too interconnected—especially since the weakest link in cloud security may be the employees of the providers themselves.
<Read More>

July 2012

Dropbox confirms it got hacked, will offer two-factor authentication

Dropbox on Tuesday acknowledged that a recent spam attack was likely caused by a stolen password that allowed access to an employee project document..
<Read More>

July 2012

Skype bug sends messages to to unintended recipients (Updated)

Careful what you say about the boss, your spouse, or anyone else who may be a Skype contact. A four-week-old bug in the popular Voice Over IP application is sending copies of some messages to unintended recipients, Microsoft officials have confirmed.
<Read More>

June 2012

Microsoft Update and The Nightmare Scenario

About 900 million Windows computers get their updates from Microsoft Update. In addition to the DNS root servers, this update system has always been considered one of the weak points of the net. Antivirus people have nightmares about a variant of malware spoofing the update mechanism and replicating via it.
<Read More>

July 2010

Virtual Desktop

As government strives to grant employees access to internal information resources when and where it’s needed while simultaneously reducing costs, desktop virtualization offers help in meeting those goals, in addition to providing both greater control over PC resources and stronger IT security.
<Read More>

June 2010

Investigating Cyber Crime/Hacking and Intrusions

Proficient hacker ( he doesn't have to be a computer genius, but merely follow a few simple instructions!) telnets from his current hacked account into another of his pirated accounts, then telnets from that location to yet another account that he has hacked, remotely logging on to it in preparation to run port scans looking for targetable systems. This process forces investigating law enforcement to obtain search warrants in a number of different jurisdictions, immensely complicating the investigation.
<Read More>

April 2008

Analyzing a Hack from A to Z

What we shall cover is the actual hack itself, from the reconnaissance stage, through to enumeration, network service exploitation, and ending with post-exploitation strategies. All of these steps will then be viewed at the packet level, and then explained. Being able to view, and understand an attack at the packet level is critically important for both system administrators (sys admin) and network security personnel. The output of firewalls, Intrusion Detection Systems (IDS) and other security devices will always in turn lead you to look at the actual network traffic. If you don’t understand what you are looking at, at the packet level, then all of the network security technology you have is utterly useless. This will then be followed by how to write a Snort signature based off of the attack traffic.Tools Used ?
<Read More>

Loyola

Information Technology Services
1032 W. Sheridan Ave. · Chicago, IL 60660 · 773.508-7373
DataSecurity@luc.edu

Notice of Non-discriminatory Policy