Scheduled Maintenance of www.uncg.edu | Thursday, October 23 | 5:30am – 7:30am

Posted on Wednesday, October 22nd, 2014 by ITS Communications under Scheduled Maintenance.

As part of addressing the POODLE/SSL 3.0 vulnerability, Information Technology Services (ITS) is switching to a patched web server for www.uncg.edu on Thursday, October 23, 5:30am – 7:30am.

No downtime is involved. However after this change, you may experience problems if you try to access secure content at https://www.uncg.edu using older, unsupported web browsers. Please report any errors accessing content to 6-TECH at (336) 256-TECH (8324) or 6-TECH@uncg.edu.

Note: Access to the regular UNCG website “www.uncg.edu” will not be affected.

If you have questions, please contact 6-TECH at (336) 256-TECH (8324) or 6-TECH@uncg.edu.

Comments Off

SSL 3.0 POODLE Vulnerability

Posted on Monday, October 20th, 2014 by ITS Communications under General, Security.

A serious vulnerability (nicknamed “POODLE”, or Padding Oracle On Downgraded Legacy Encryption) has been discovered in the communication encryption protocol SSL 3.0. Google released details of the vulnerability on Tuesday, October 14, 2014.

SSL 3.0 is an old (by technology standards) encryption protocol used to provide communication security over the internet. It has largely been replaced by more modern, stronger, encryption standards (TLS); however SSL 3.0 is still commonly supported as a fallback by Web servers and browsers, if more modern encryption protocols fail.

To address this vulnerability, UNCG Information Technology Services (ITS) is patching centrally managed servers that provide web-based content so that they stop using SSL 3.0.

If you are an administrator of a server that provides web-based content, you should take action to mitigate the POODLE vulnerability:

  • If you are using an older, unsupported browser, such as IE 6, you will have issues after ITS completes the server patching to address POODLE. You will need to upgrade to the latest version of your browser (see browser update links under Additional Information below).
  • Current, supported browsers should not be affected by the patching changes, as these will default to using the modern (TLS) protocol.
  • You should configure your server(s) to not use SSL 3.0. If you are unsure if your web service uses SSL 3.0 or if you need assistance to perform this work, please contact 6-TECH (see contact information below) to request a consultation with the ITS Web Services group.

If you have questions or need more information, please contact 6-TECH at (336) 256-TECH (8324) or 6-TECH@uncg.edu.


Additional Information

Browser update links

Technical articles

Comments Off

Starfish Retention Solutions System Integrated Now With Canvas!

Posted on Friday, October 17th, 2014 by ITS Communications under Announcements, Service Enhancements.

As part of UNCG’s Learning Management System (LMS) transition, Information Technology Services (ITS) and the Students First Office successfully completed the integration of the Starfish Retention Solutions System (Early Alert and Connect) with Canvas by Instructure. Starfish is part of a student support and retention initiative that aims to enhance student success.

starfish_small     canvas_small

University Faculty, Students, and Staff are now able to access Starfish from within Canvas by way of the Starfish menu item in their User Profile.

screen-resized

Starfish is now simultaneously integrated with Canvas and Blackboard Learn.  UNCG members can continue to access Starfish from within Blackboard Learn by using the Starfish tab in the navigational menu.

According to Starfish Retention Solutions, UNCG is one of the first universities to successfully integrate the Starfish system with two Learning Management Systems at the same time, allowing access to data from courses managed by both systems.

Enrollment information for courses being managed by either Blackboard Learn or Canvas, is available in the Starfish system, regardless of access method.

For more information about UNCG’s Learning Management System transition from Blackboard Learn to Canvas by Instructure, visit: http://courses.uncg.edu.

For more information about the Students First Office and Starfish, visit the Starfish Overview or contact the Starfish Outreach Team via email at starfish@uncg.edu.

Comments Off

Planned Downtime for Blackboard Learn | Friday, October 17 | 5am-6am

Posted on Thursday, October 16th, 2014 by ITS Communications under Scheduled Maintenance.

Who: Students, faculty, and staff using Blackboard Learn

What: Brief downtime for all Blackboard Learn services

When: Friday, October 17, 5:00am – 6:00am

Why: Maintenance of blackboard.uncg.edu

If you have questions or need more information, please contact 6-TECH at (336) 256-TECH (8324) or 6-TECH@uncg.edu.

Comments Off

Latest Dangerous Phishing Attack to Hit UNCG, 10-16-2014

Posted on Thursday, October 16th, 2014 by Christopher Waters under Security.

Information Technology Services (ITS) has become aware of another dangerous phishing attack targeting campus users. Email comes into a user’s inbox from a UNCG employee’s compromised account, informing them about an “Important message from me to you”, with a request for the person to click on one of several links to sign into their email account. In reality, the links take users to fake sites, asking them to provide their iSpartan password, at which point the user’s account is compromised.

The email will have a message similar to the following:

Subject: Important message from me to you

How are you? I hope this message meets you in good condition.
Please make out time to read the attached message.
Thank you, I await your response.

{file attachment removed for purposes of this notification by UNCG ITS}

The links in the email’s attachment appeared to point to common email services (Yahoo, Gmail etc), but actually pointed to phishing websites. Usually you can tell whether a link is going to the appropriate place by hovering over the link and checking to see if the text of the link is the same as the actual target of the link.

ITS reminds users to never reset their password on any site except the official reset.uncg.edu website. Under no circumstances should you reply to the sender of this email, or to any other suspicious email you may receive.

If you have questions, please contact 6-TECH at (336) 256-TECH (8324) or 6-TECH@uncg.edu.

Comments Off