The protection of information resources at McNeese State University is a high priority. The Information Security website is designed to educate the university community about technology policies and information security best practices, and equip students, faculty and staff with the tools needed to protect the information resources of the University, it's members and connected networks. McNeese State University is committed to implementing policies and encouraging best practices that do not impose on the University's established culture of openness, trust, and integrity.
Please read the Policies, Guidelines, and Laws Relating to Information Security.
McNeese will NEVER ask for account information via email. Messages about quotas, upgrades or maintenance are likely Phishing attempts.
Internet Security Shouldn't Be A Volunteer Project
The opinions expressed here are not endorsed by McNeese State University.
Heartbleed reveals our neglect of Internet security
The U.S. Government: Paying to Undermine Internet Security, Not to Fix It
by Julia Angwin ProPublica, April 15, 2014, 12:50 p.m.XKCD
The Heartbleed computer security bug is many things: a catastrophic tech failure, an open invitation to criminal hackers and yet another reason to upgrade our passwords on dozens of websites. But more than anything else, Heartbleed reveals our neglect of Internet security.
The United States spends more than ... more
OpenSSL TLS 'Heartbleed' Vulnerability
CIS Cyber Security Advisory 2014 - 028
A vulnerability has been discovered in OpenSSL’s implementation of the TLS ‘heartbeat’ extension that could allow for the disclosure of sensitive information. OpenSSL is an open-source implementation of the SSL protocol used by a number of other projects. SSL (Secure Sockets Layer) is a protocol that ensures secure communication over the Internet via encryption. This issue could allow an attacker to compromise the private key and other sensitive data stored in memory.
Proof-of-concept code has been released. This vulnerability was first included in OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the issue. Software products known to be using OpenSSL are the open source web servers Apache and nginx.According to Netcraft's April 2014 Web Server Survey ( http://news.netcraft.com/archives/2014/04/02/april-2014-web-server-survey.html
) of 958,919,78
ALERT: Microsoft Security Bulletins - March 2014
"Office of Information Technology Security Alert List" - MAR 11, 2014
Microsoft has just released five security bulletins for the month of March. Exploitation of vulnerabilities range from remote code execution, elevation of privilege, and security feature bypass. It is recommend that the updates be applied as soon as possible after appropriate testing.
MS14-012 Cumulative Security Update for Internet Explorer (2925418)https://technet.microsoft.com/en-us/security/bulletin/ms14-012
MS14-013 Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2929961)https://technet.microsoft.com/en-us/security/bulletin/ms14-013
MS14-015 Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275) ... more