Article Archive

Update: Ransomware In The News

A new ransomware outbreak began early in the morning on June 27th, involving a different variant known as Petya, or PetyaWrap.  Petya takes a different approach to encrypting the victim's files, but as with Wannacry, the best defense is prevention with good security practices that protect computers from mal...

Changes to Hardware Repair Service

Effective immediately, IMSS will no longer offer in-house printer or Mac warranty repair. While we encourage you to continue to contact the Help Desk as a first resource to determine if your issue is a hardware problem, IMSS recommends working with the following local vendors for hardware repair: 

  • For Mac warranty repairs, contact Caltech Wired for authorized service (...

Recent FireFox release does not support Java

The recently released commercial version of FireFox (v52) no longer supports the Java plugin. Java is required for some commonly used Caltech applications, including Oracle and Kronos Timekeeping. If you need to use a Java-supported version of FireFox, please download and install the ESR (Extended Support Release) version from Runaway unauthorized print jobs

Many networked printers here and at other sites are exhibiting problems in which the printer spews out all of its available paper with printed gibberish.  This appears to be an unintended side effect of a network attack tool in recent use, which searches for unsecured FTP services.  Some printers include an FTP service by default, and certain models react badly when they receive im...

Beware fake campus emergency alerts

Caltech and other universities have been receiving phish that claim to come from Campus Security about a situation on campus. They contain a link that will either take you to a fake login page or to a page infected with malware. Since any link in a real Caltech Alert email is optional we recommend never clicking on any link in such an email.

For more inform...

IMSS implementing anti-spoofing measure

On Thursday, November 3 at 10:00AM, IMSS will be making some changes to the main campus email servers to reject incoming mail from off-campus sources where the sender is sending from an @caltech.edu address without logging in (aka spoofing). Most legitimate Caltech mail users already log in when sending mail, so this should have little impact. Exceptions have also been made for authoriz...

EZProxy phishing scam

Many people may have received a message this morning claiming to be from an academic colleague, and referencing a link that looks like a Caltech Library EZProxy link.  The link points to a fraudulent site intended to capture Caltech login credentials.  The site is blocked from campus and we are working to get it taken down.  If you received such a message, do not attempt to lo...

Phisher scam pointing to fake webmail site

Messages titled "Urgent Network Failure" or "Office of Information and Technology" are telling users to login to retrieve queued mail and "reactivate service", but actually point to a fake webmail website. Mousing over the link without clicking will reveal that the link actually points to a non-Caltech website. The fake website is blocked from campus, ...

IMSS Exchange Public Folders Issue

IMSS Exchange Public folders are currently inaccessible. Note that this does not affect Office 365 public folders - only on-premises Exchange public folders are affected. We are working as quickly as possible to resolve the issue and will provide further updates as we receive them. Thank you for your patience.

iOS 9.3.5 Security Update

Apple recently issued a patch to fix a dangerous iOS security vulnerability. The update is available for iPhone 4s and later, iPad 2 and later, and iPod touch (5th gen) and later. Note that IMSS-managed mobile devices will be automatically updated if the end user accepts the update. Others should also be prompted by iOS to update, but can also manually do so by opening Settings > Gen...

Zip files quarantined by Office 365/Exchange

IMSS would like to remind Office 365 and IMSS Exchange users that incoming messages containing .zip files will have the attachment quarantined. This change was made several months ago in response to a marked increase in malicious .zip attachments. If necessary, however, quarantined attachments may be retrieved by contacting the Help Desk (x3500, help@c...

Mail from *.top is no longer accepted

IMSS has updated its servers to silently reject mail from the '.top' domain in an effort to reduce the amount of spam we receive. For questions, please contact us (x3500, help@caltech.edu, https://help.caltech.edu).

Undeliverable Notifications may be due to Email Spoofing

IMSS has received reports of people receiving bounce-back undeliverable notifications that suggest they sent an email containing malware. Some people have been alarmed because they know they did not send the original malicious message. Most likely, the email address was spoofed, which means a spammer forged the “from" email address to mislead the recipient about the orig...

Check your Junk Mailbox Regularly

IMSS would like to remind you to regularly check your Junk mailbox for messages that may have been incorrectly tagged as Spam. While we do our best to ensure that legitimate messages arrive in your Inbox, the recent increase in malware has resulted in the likelihood of more valid messages ending up in Junk. For questions or concerns, please contact us (x3500, help@caltech.edu, http...

New Login Page for Box, software.caltech.edu, CardQuest, and Blackboard

Effective August 2, the login pages for Box, software.caltech.edu, CardQuest, and Blackboard will have a new look. Note that the login process will remain the same, but the login page will also include helpful links and a look that coordinates with access.caltech. The new login page will appear, as below. For questions, please contact the Help Desk (x3500, help@caltech.edu, https://help...

Don't let ransomware disrupt or destroy your work

Ransomware is a category of malicious software that is becoming increasingly widespread.  It differs from other kinds of malicious software in that its primary purpose is to render the victim's data files unusable (typically by encrypting them) until a "ransom" in difficult-to-trace virtual currency such as Bitcoin is paid. Organizations all over the world, including ...

"IMSS Help Desk" email message is a phisher scam

Many people received a scam message this morning that looks like it came from the IMSS Help Desk, indicating that two e-mails have been placed on hold. This message is a fake, and points to a fake Caltech login page. However, if you look at the address bar in your browser, or hover over the URL before clicking, you will see the website is not a Caltech website address at all. It has been blo...

Removal of Flash from Managed Computing systems

IMSS is currently working with Managed Computing customer groups to coordinate the removal of Adobe Flash Player from all Managed Computing systems. We are doing this because of numerous ongoing and severe security vulnerabilities from using Flash. While Flash was previously a popular plugin, many websites, such as YouTube and Pandora, have since moved away from Flash and transitioned to usi...

OneDrive for Business sync client issue

After a recent Microsoft update, the OneDrive for Business sync client is experiencing issues. Users that have mounted OneDrive for Business on their local computers will be unable to create or save changes to the documents stored there. Until the issue is resolved by Microsoft, a temporary workaround is to create and edit Office documents in a web browser. To do this, log in with your Calte...

Phisher scam pointing to fake access.caltech site

A message titled "New Message Notification" telling users to log into access.caltech "for immediate update" points to a fake website that is an exact duplicate of https://access.caltech.edu. Mousing over the link without clicking will reveal that the link actually points to a .com site, which has been notified. The fake website is blocked from campus, but off-campus recip...

Fake "Notice to Appear in Court" message

An email message with the subject line "Notice to Appear in Court" has been received by some campus users. Not all antivirus software can currently detect the included .zip attachment. If you receive such a message, please delete it. Do not attempt to open the .zip attachment, which contains a malicious javascript file intended to look like a Word document. For questions, please co...

Oracle Issues with Firefox v37 and Newer

If you are running Firefox v37 or a newer version, you may be experiencing issues connecting to Oracle. These new versions of Firefox do not support the security certificate that is currently supported by Oracle, Exeter and Famis. We are currently working with Oracle to resolve this issue. Below is a temporary workaround.

Workaround

  1. Use a differen...

Microsoft Windows 10 Release

Microsoft has released Windows 10, which is available as a free upgrade for users of Windows 7 and Windows 8.1. Windows 10 is also available to Caltech students through the Microsoft DreamSpark program (http://msdnaa.caltech.edu). Faculty and staff may download Windows 10 from the http://software.caltech.edu webstore.

Please note that Windows 10 is a major product release that includ...

Online W2 Maintenance Schedule

IMSS will perform maintenance on the Online W2 system on the dates listed below. During these times, Onliine W2 will be intermittently available. If you encounter any problems, please try your transaction again at a later time. For questions or concerns, please contact the Help Desk (x3500, help@caltech.edu, https://help.caltech.edu).

  • Saturday, July 25 from 4:00AM to 1...

Updates to Data Network Refresh Schedule

The campus network refresh project is well underway and will continue into 2016. IMSS has recently completed upgrades to Keck Lab, Sherman Fairchild Library, and Spalding Lab. For more information about the network refresh project and schedule, please visit http://www.imss.caltech.edu/content/data-network-refresh-schedule.