Student Phishing Alert – April 6, 2022

Wednesday, April 6 many UA students received a phishing email with the subject “Crimson email Portal Login”. Below is a screenshot of the message.

student phishing email posing as Microsoft

This phishing email used urgent language to trick students to steal login credentials. If you did click on the link and provide credentials, please change your myBama password immediately.

Remember to notice the red flags of phishing emails. Watch for grammar and spelling errors, review the sender’s email address, and hover over links before you click to see the web address.  If you are not a DUO two-factor authentication user, please activate your account today. DUO can help protect sensitive information in your UA accounts.

If you received one of these emails, mark it as spam and delete it. If you have any questions or concerns, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

OIT Hosts Microsoft Meetups

OIT has planned a week of Microsoft Meetups to prepare and equip UA students to migrate content from Google to Microsoft. Sessions will showcase how to migrate content as well as tips and tricks for using the Microsoft 365 suite of tools.

Join OIT and UA’s Microsoft reps the week of April 11 – 13 to learn more, ask questions and get comfortable with using OneDrive and other Microsoft 365 apps. Learn more about Microsoft Meetups and see a full lineup of events on the OIT Events website.

Microsoft Meetups April 11-13

Spring Upgrades – March 27, 2022

OIT will be implementing a Banner bundle upgrade on Sunday, March 27 from 5am – 10 am.  myBama and channels that connect to Banner will not be accessible, including self-service and administrative systems. Visit the OIT Status Page for more information.

Tech Services – Restricted Countries and Regions

This week, Duo and Zoom have published that they no longer, or will soon no longer, offer service in certain countries and regions to comply with U.S. regulations. Duo and Zoom are both restricting service from users whose IP addresses originate in a country or region subject to economic and trade sanctions enforced by the U.S. Office of Foreign Assets Control.

OFAC restrictions relevant to Zoom currently apply to the following countries or regions:

  • Cuba
  • Iran
  • North Korea
  • Syria
  • Ukraine (Crimea, Donetsk and Luhansk regions)

For more information on Zoom restrictions, visit the Zoom Support website.

OFAC restrictions relevant to Duo currently apply to the following countries or regions:

  • Cuba
  • North Korea
  • Iran
  • Sudan
  • Syria
  • Crimea region
  • Sevastopol region
  • Donetsk region
  • Luhansk region

Beginning May 5, 2022, users attempting to authenticate to a Duo-protected application from an access device with an IP address originating in an OFAC-regulated country or region will be blocked from completing their login and receive an error message. For more information on Duo restrictions, visit the Duo Support website.

Update Apple OS

Apple has recently released updates to its various operating systems. These updates address multiple vulnerabilities, the most severe of which could lead to code execution that could resulting in installing malicious software or even viewing, changing or deleting data.

OIT recommends all Apple users install updates as soon as possible.

SYSTEMS AFFECTED:

  • iOS and iPadOS prior to 15.3.1
  • macOS Monterey prior to 12.2.1
  • Safari prior to 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8)

For Mac OS, users are often prompted to the latest version. However, users should not upgrade to Monterey without the latest version of McAfee antivirus software. If you’re not sure, please upgrade to the latest version of your current operating system. This is Big Sur for many users. Click More info to see upgrade options, then select to upgrade Big Sur and Safari. See the screenshots attached for further guidance.

Update Adobe Creative Cloud Applications

Adobe has recently released security updates for Adobe Creative Cloud apps for both Windows and Mac. These updates address multiple vulnerabilities, the most severe of which could lead to arbitrary code execution. Please update Adobe Creative Cloud apps on your devices as soon as possible.

SYSTEMS AFFECTED:

  • Adobe Premiere Rush 2.0 and earlier versions for Windows.
  • Illustrator 2022 26.0.2 and earlier versions for Windows and macOS.
  • Illustrator 2021 25.4.3 and earlier versions for Windows and macOS.
  • Photoshop 2021 22.5.4 and earlier versions for Windows and macOS.
  • Photoshop 2022 23.1 and earlier versions for Windows and macOS.
  • Adobe After Effects 22.1.1 and earlier versions for Windows and macOS.
  • Adobe After Effects 18.4.3 and earlier versions for Windows and macOS.
  • Creative Cloud Desktop Application (Installer) 2.7.0.13 and earlier versions for Windows.

To update, open the Adobe Creative Cloud application, Click “Updates” in the left panel menu bar, then “Update all” at the top.