Microsoft Windows SMB server Eternalblue/WannaCry remote code execution vulnerability (MS17-010) Effective Date: May 15, 2017 Product: Microsoft Server Message Block 1.0 (SMBv1) in many Microsoft Windows operating systems Platform: Microsoft Windows XP, Vista, 2003, 2008, 7, 2008 R2, 2012, 8, 8.1, RT 8.1, 2012 R2, 10, and 2016 There is a vulnerability in SMBv1 on many Microsoft operating systems that allows remote code execution due to improper handling of certain requests. This allows an unauthenticated, remote attacker to exploit these…

There are more mobile devices than people on Earth, and people are increasingly using these devices for business, email, games and apps. Unsurprisingly, then, the mobile device threat and vulnerability trend is on the rise.

The use of ransomware has increased exponentially in the past year, particularly because it results in the best bang for the buck for an attacker.

More and more devices are being built with network capability: refrigerators, televisions, cameras, even toys. We should enjoy the convenience this brings but do so cautiously.

Shiny new things

Many holiday gifts this year will tech gadgets and devices. But be careful. Just because a new technology appears sleek and fun, doesn’t mean there are no cybersecurity risks.

Fermilab’s Computer Security Awareness and Tech Day will be on Wednesday, Dec. 7, from 9 a.m. to 2:30 p.m. in Wilson Hall. This is an excellent opportunity to view and demo the latest technology, products and services and learn about best practices and strategies. There will be presentations all day in Wilson Hall, along with exhibits in the Wilson Hall atrium. All Fermilab employees and users are invited to attend. There will also be security-related courses that meet ITNA requirements:…

Some of you at Fermilab will soon be required to use two different forms of identification to log in to certain systems. But don’t worry — we’re making the process as simple as possible.

The game of cybersecurity is changing. No longer are threats strictly from those looking to mine passwords and credit card numbers for financial gain. In this new order, cyber espionage is being undertaken to gather intelligence of all types.

We provide policies, procedures and guidelines for operating lab computing systems in a secure manner to avoid interruptions caused by attacks by unauthorized users.