Security Alerts and Recommendations

IT General Cybersecurity Recommendations

The Mines IT Department recommends that you take steps to protect yourself and your computer from cyber-attacks.

  • Viruses: Download and use an antivirus product and update your antivirus software regularly.
  • Updates: Update and patch your operating system and programs frequently. Remember to update third-party browsers, Flash, Acrobat, and other programs that aren’t part of the operating system itself. Patches ensure that you are relatively protected from the latest cyber-attacks.
  • Trojan horses and other email exploits: Remember that legitimate vendors do not send patches via email; these types of communications are usually generated by viruses or criminals. Do not download or install an email attachment unless you are expecting it, even if it appears to come from someone you know and trust.  (You can always call that person and ask them if they did, indeed, send you an email with a file attached.) Some emails may be crafted by third parties to persuade you to click on a link or install a bit of software. In so doing, you may unknowingly give them access to your passwords, account information, and the computer itself. While antivirus software may catch some of these exploits, your best defense is to be smart and not click on unknown links or files within email. (Obviously, if you have subscribed to an email service that sends notices of new updates available from a specific vendor or security service, those emails would be legitimate.)
  • Spoofing and Phishing: Remember that Mines — or any other legitimate holders of personally identifiable information, Social Security numbers, credit and bank account numbers, or birth date — will never request that you reveal such information via the Internet, an email, or by telephone. Such requests are generated by criminals with the objective of stealing the information and an individual’s identity. Guard your online information as you would your credit card or Social Security Card.
  • Check IT security-related knowledge base and FAQ links regularly. Search the knowledge base for security or antivirus.
Antivirus and Security Related Links

CERT:  CERT Coordination Center (http://www.cert.org/) at Carnegie-Mellon University.

CVE:  Common Vulnerabilities and exposures (http://cve.mitre.org/).

McAfee:  Current threats tracked by McAfee, maker of antivirus software and virus-removal tools (http://us.mcafee.com/virusInfo/default.asp?WWW_URL=www.mcafee.com/anti-virus/default.asp) .

MSRC:   Microsoft Security Response Center catalogs Windows security issues and responses.

National Vulnerability Database from the Department of Homeland Security and National Institute of Standards and Technology (http://nvd.nist.gov/).

SANS:  Software and Network Security (http://www.sans.org/). See the organization’s Top 20 Vulnerabilities database as well (http://www.sans.org/top20/).