Security & Identity Management

Information about viruses, malware, and computer security for the Penn community.

Recommended Articles

All Security & Identity Management Articles

Posted on: April 15, 2014

Many University constituents are concerned about which applications and services they use that might be affected by the "Heartbleed”/OpenSSL vulnerability that was discovered on April 7th. This message gives some context and advice on how to determine...

Posted on: April 9, 2014

A vulnerability in OpenSSL, a cryptographic protocol used by many websites to secure web traffic, was disclosed in the evening on Monday, April 7, 2014.

The so-called "Heartbleed" vulnerability is likely to affect a large number of systems...

Posted on: February 25, 2014

On February 25, 2014, Apple released OS X Mavericks version 10.9.2 to address a serious SSL vulnerability uncovered the previous week. This update is related to another update released February 21, 2014 for a serious SSL vulnerability in iOS versions...

Posted on: February 24, 2014

On February 21, 2014, Apple released software patches for a serious SSL bug in iOS 6, iOS 7, and Apple TV 6. Information Systems & Computing (ISC) strongly recommends that:

All iOS 7 users update to iOS 7.0.6 immediately All iOS 6 users except...
Posted on: February 21, 2014

An exploit has been circulating that takes advantage of vulnerabilities in the default Android browser on Android  4.1 and older. Though there have been no reported exploits of the vulnerability in the wild, an exploit has been demonstrated by the...

Posted on: February 21, 2014

A current and unpatched zero day exploit is circulating that takes advantage of vulnerabilities in Internet Explorer versions 9 and 10. There are reports (and Microsoft has acknowledged) that this vulnerability is already being exploited in the wild...

Posted on: February 5, 2014

On Tuesday, February 4, 2014, Adobe issued updates to Adobe Flash Player to fix multiple security vulnerabilities. These updated versions are strongly recommended for all previous versions of Adobe Flash Player on both Windows and OS X.

Adobe...

Posted on: November 5, 2013

A current and unpatched zero day exploit is circulating that takes advantage of TIFF vulnerabilities in Windows graphics components. There are reports, and Microsoft has acknowledged, that this vulnerability is already being exploited in the wild via...

Posted on: October 29, 2013

From Penn's Office of Information Security, October 29, 2013:

"ISC Information Security has confirmed at least one case of 'ransomware' infection at Penn, and recently has heard from a number of peer institutions about an increase in these...

Posted on: June 28, 2013

Important Note: Some Schools and Centers manage firewalls via their own network servers. Faculty and staff should speak with their Local Support Provider (LSP) to determine if and how their firewall is being managed.

Both Apple's OS X and...