Uncategorized

LastPass Breach – Password change required

Many faculty, staff, and students utilize LastPass as a password management tool to store passwords in an encrypted environment.  On December 22, LastPass informed its customers of a potential cyber security incident that could compromise the passwords stored in their accounts. LastPass discovered that in November 2022, a copy of the customer password vaults had been stolen. This attack affected a significant portion of the large LastPass customer base, including users at The University of Alabama.

Your LastPass password vault is encrypted with a master password that only you know. Cybercriminals who obtained copies of customer vaults in November 2022 and may be trying to crack these master passwords to access the passwords stored within.

We recommend that you follow these steps, including changing your master password immediately. On January 4, 2023, at 2:00pm, OIT Security will configure LastPass to require all users to change their master passwords if they have not since December 21, 2022.

1) Change your LastPass master password to include at least 14 characters. This should be different from your myBama password. Consider using a pass phrase or at least five randomly selected words. Passwords must include 3 of the 4 character types (uppercase, lowercase, number, symbol).
2) Start changing the passwords for your stored accounts and prioritize your myBama account, email accounts, financial accounts, and other accounts that could cause significant harm to you or the University if stolen.
3) If you store API keys or other similar application credentials, change those as well.
4) If you store credit card numbers in LastPass, we suggest requesting a new card from your financial institution.
5) Continue changing all of your stored passwords.
6) Enable two-factor authentication on all services if possible. If you receive any two-factor prompts that you did not initiate, do not respond to them and contact security@ua.edu.
7) Check your financial accounts regularly for any fraudulent transactions.
8) Be on the lookout for phishing emails trying to steal your LastPass password or personal information!

For personal LastPass accounts, follow a similar course of action.

Additional resources:
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/
https://www.govinfosecurity.com/lastpass-breach-attacker-stole-encrypted-password-vaults-a-20790
https://arstechnica.com/information-technology/2022/12/lastpass-says-hackers-have-obtained-vault-data-and-a-wealth-of-customer-info/

FAQS:
“Won’t DUO two-factor protect my account?”
Not against this type of attack. Your master password is the only factor protecting your stolen vault contents.

“If I change my master password why do I need to change my account passwords?”
The cybercriminals have obtained a copy of your LastPass vault from November 2022, which means that offline copy will not be protected by any future changes you make to your master password. Therefore, changing the stored passwords for each account is crucial to ensure their security.

Even if you change the stored passwords, it is still important to change your master password. If you do not, cybercriminals may try to access your active vault using your master password, giving them access to any newly changed passwords for your individual accounts.

“Will UA continue to use LastPass?”
At this time, UA will continue to use LastPass. OIT Security is evaluating other vendors.

Cybersecurity Town Hall Event

Join the OIT Security Team Thursday, Oct. 20 at 12:00pm for a virtual Town Hall Meeting.

Ransomware is a term you’ve seen a lot in the news lately, but do you know how to protect yourself, your computer and your sensitive information from a ransomware attack? Join the OIT Security Team Thursday, Oct. 20 at 12pm for a virtual Town Hall Meeting to ask questions of the team and learn how to be cyber secure.

UA CISO Taylor Anderson will provide a brief presentation on cybersecurity practices at UA and offer tips on how you can protect sensitive information. The team will then answer questions from the audience! Email victoria.collins@ua.edu to submit a question to the team in advance! More information about the event is available on the UA Events Calendar.

The Town Hall will be held on Microsoft Teams.

Patch Management for OIT Supported Windows Workstations

Effective Monday, October 10, the Office of Information Technology will begin automated patch management for OIT Supported Windows Workstations using PatchMyPC (PMPC). Using PMPC, OIT can update supported applications on UA machines, preventing applications from sitting dormant and possibly leaving vulnerabilities open.

Updates will be automated and will run as computers detect available updates. User’s applications that are closed and not in use will be updated in the background without the user noticing. Any application that a user has open but has not updated will trigger a PMPC “conflict” pop-up on the bottom right corner of the screen that looks like this:

PMPC Patch Conflict Pop-up example

The pop-up will provide clear instructions for updating the opened application. Users will be given the name of the application that is trying to update, how many times the update has been postponed, how long they have until the update is postponed if they do not answer, and two options of “Close All and Update” or “Snooze Update”. If the user does not respond in the time that is given, then the update is automatically postponed. If the user has previously postponed the update three times, and does not respond to the pop-up, PMPC will automatically close the application and update it.

If an update closes a user’s browser and multiple open tabs, the users can press Ctrl+Shift+T simultaneously to open previously opened tabs in the updated browser.

Automated patch management for all UA-net devices will take place later this year. Users will receive further communications prior to that implementation.

Fall 2022 myBama Enhancements

Saturday, Aug. 13, OIT made a few enhancements to the myBama portal. Login to see the following changes.

  • Welcome Back section for quick access to frequently visited links during the first few weeks of classes.
  • New Recently Searched feature that appears when users click in the search bar.
  • New Where Legends Are Made heading.

UA students, faculty and staff can log into myBama at myBama.ua.edu.

OpsGenie Email

Some UA faculty and staff may have received a message on Monday, Aug. 1 from Opsgenie that your session has been terminated.

On Aug. 1, OIT renamed our ticketing system URL from jirauaedu.atlassian.net to bama.atlassian.net. This name change logged all users out of the system. No action is required of you. The email you received was only a notification from Jira that you had been logged out. Below is a screenshot of the email. This is not a phishing email.

ops genie not phishing

myBama 2.0 – Sunday, May 15

OIT will be introducing feature upgrades to myBama on Sunday, May 15! Upgrades include the addition of campus photography, a prominent search bar and quick links to transition to dark mode. Content has also been rearranged to help UA students, faculty and staff quickly find content relevant to you! Visit the myBama User Guide within myBama for more information.

myBama homescreen

Dark Mode Now Available in New myBama

The new myBama is now available in dark mode! After receiving many requests from UA students, OIT developers created a dark mode version of myBama.

The new myBama automatically detects a user’s default device settings and provides a myBama experience consistent with users’ preferred settings. If dark mode is not selected as your default settings but you want to see and use dark mode myBama, log into the new myBama, click your username at the top right, then select User Settings. From there you can select Light, Dark or Default OS settings.

The new myBama will replace the “old” myBama on Sunday, Jan. 23! Learn more about the new myBama and its search features on the OIT website.

New myBama Launches Jan. 23

The new myBama, which has been available for beta testing since Nov. 15, will replace the current myBama portal on Sunday, Jan. 23. The new myBama has a clean, bright and modern design. It also features several new functional elements that make the site user-friendly and mobile-first.

Search

UA students, faculty and staff can search for links.

Pinned Links

Pinned Links provides the opportunity for each user to customize their own myBama homepage. Pin your most frequently visited links to quickly access the content you need.

Popular Links

Popular Links refreshes regularly with the most frequently used links by others in your role. What’s at the top for students may be different than faculty and staff.

Learn more about each of these features in the promo video below!

New Ticketing System

Effective Dec. 15, Jira will replace Kace as OIT’s ticketing system.

Jira Service Management will provide a smoother experience for UA students, faculty and staff, as well as better internal systems for the OIT organization. Jira Service Management will serve as the ticketing solution for OIT, AVS and CIT.

Beginning Dec. 15, users who submit tickets to the IT Service Desk, AVS and CIT will receive new, streamlined communication from Jira. Please note that communications may appear different than previous experiences.