Skip to Main Content Skip to Main Navigation Skip to Footer
UNG Logo
  • Info For...
    • Accepted Students
    • Current Students
    • Parents & Family
    • Faculty & Staff
    • Alumni
    • Business & Community
    • International Students
  • Quicklinks
    • Directories
    • myUNG
    • Academic Catalogs
    • Athletics
    • Banner
    • Bookstore
    • Calendars
    • Campuses & Maps
    • Continuing Education
    • D2L
    • Employment / HR
    • IT Service Desk
    • Libraries
    • UNG Foundation
  • Admissions
  • Corps of Cadets
  • Academics
  • Cost & Aid
  • Student Life
  • News & Events
  • Athletics
  • About Us

Find the most up-to-date information on the Presidential Search site.

Information Technology
  • Get Started - IT Resources
    IT Success Guide Student Employee Guide Password Management
    Faculty/Staff Remote Work Toolbox Student Remote Work Toolbox
    Connectivity Resources Software Portal
  • Services
  • Security
    Information Security
    Phishing Awareness
    Bulletin
  • FAQ
  • Contact
    1. UNG
    2. About Us
    3. Information Technology
    4. Information Security

    Information Security Bulletin

    Learn about emerging and active digital security concerns and how to protect yourself and organization from them.

    Welcome to Cybersecurity Awareness Month 2022!

    Posted: 10/03/2022

    Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace.

    The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally. While CISA works to increase cybersecurity throughout the government, its regions and critical infrastructure sectors, NCA works with corporations and the general public to raise awareness of action steps we can take to advance digital security.

    This year’s campaign theme — “See Yourself in Cyber” — demonstrates that everyone is responsible for their own online behavior. This October will focus on the “people” part of cybersecurity, providing information and resources to help educate CISA partners and the public, and ensure all individuals and organizations make smart decisions whether on the job, at home or at school – now and in the future.

    The University of North Georgia’s Office of Information Security will continually post helpful Cybersecurity information to this bulletin throughout the month of October, and additionally to our Facebook and Twitter pages below.

    https://www.facebook.com/northgeorgiainfosec

    https://twitter.com/UNG_INFOSEC

    And as always, please do not hesitate to contact us with any questions/concerns by shooting us an email at infosec@ung.edu.

    Happy Cybersecurity Awareness Month!

     

    Additionally, remain vigilant concerning phishing, especially unsolicited MFA logon screens, and if you suspect something suspicious, change your passwords immediately and notify the UNG IT Helpdesk at helpdesk@ung.edu or 706-864-1922.

    Past Bulletins

    • 2022-09-09

      The UNG Office of Information Security would like to bring awareness to a recent issue that has been observed across higher education institutions.

      Posted: 09/09/2022

      Bad actors are utilizing phishing campaigns to obtain credentials of faculty, staff and students. Once they have credentials, they will capitalize on user-error to gain access via a multi-factor authentication message (Duo prompt). After gaining access to the victim’s email, they begin to spam other organizational users with a “job offer” that requires a payment up front and bank information for “equipment”. Or, more frighteningly, they will use the victim’s account credentials to change employment payment information, such as bank routing numbers, so future pay checks are sent to the attacker’s account. 

      This is actually a combination of up to three different attacks or scenarios:

      • The first two is a straightforward attempt to get more credentials.
      • The second is to spam out the false job offers, hope to make money from unsuspecting recipients.
      • The third and last is changing direct deposit information in the payroll system (such as OneUSG Connect).

      While we have many mitigations in place to protect UNG against such attacks, we need your help. Never approve a Duo prompt that you did not initiate. If you’re not actively logging in to an application, you should not receive a Duo prompt. 

      Additionally, remain vigilant concerning phishing, especially unsolicited MFA logon screens, and if you suspect something suspicious, change your passwords immediately and notify the UNG IT Helpdesk at helpdesk@ung.edu or 706-864-1922.

    • 2022-08-18

      Vulnerability Alert - macOS Monterey, iOS, iPadOS, and Safari.

      Posted: 08/18/2022

      Apple recently announced a significant vulnerability that affects both their computers and phones/tablets. Apple and CISA encourage you to check and apply applicable updates on devices as soon as possible.

      For macOS Monterey, iOS, and iPadOS, this vulnerability allows for an attacker to execute arbitrary code with kernel privileges. With Kernel privileges, this arbitrary code has total access to the hardware the system is running on. It has the ability to run commands at the CPU level, as well as memory, allowing for an attacker to potentially do anything with the machine.

      For Safari, this vulnerability allows for potential attackers to force your browser to process maliciously crafted web content that may lead to arbitrary code execution. This arbitrary code execution may allow for attackers to potentially install programs under your user account for nefarious purposes. Think viruses, botnets, sniffers, etc.

      Vulnerable versions: macOS Monterey 12, iOS 15, iPadOS 15, and Safari 15.

      For those interested, further details can be found at the Cybersecurity and Infrastructure Security Administration’s posting

       

      Contact UNG's IT Service Desk at helpdesk@ung.edu or by phone at 706-864-1922 if you ever have any concerns!

      Have a great week!

    • 2022-08-17

      Cybersecurity: Our Shared Responsibility

      Posted: 08/17/2022

      The modern age of computing has drastically changed the way we work, shop, bank, and live. Any activity we do on a computer, or even with a computer nearby, requires some of our information to be shared and stored. It is important then to be mindful of what information we are sharing, and with who, which is where cybersecurity comes in. This bulletin will serve as a source of information from UNG's Office of Information Security on cybersecurity news, tips, and alerts that we feel our university community should be aware of. With this first bulletin, here's a few basic cybersecurity tips that you can practice to drastically reduce your risk with phishing attacks!

       Phishing attacks use email or malicious websites to infect your machine with malware and viruses in order to collect personal and financial information. Cybercriminals attempt to lure users to click on a link or open an attachment that infects their computer with viruses or malware, creating vulnerability to attacks. Phishing emails may appear to come from a real financial institution, e-commerce site, government agency, or any other service, business, or individual. The email may also request personal information like account numbers, passwords, or Social Security numbers. When users respond with the information or click on a link, attackers use it to access their accounts.

      • When in doubt, throw it out: Links in email and online posts are often the way cybercriminals compromise your computer. If it looks suspicious – even if you know the source – it's best to delete or, if appropriate, mark it as “junk email.” Contact the company directly (via phone) to be sure the email is not legitimate.
      • Think before you act: Be wary of communications that implore you to act immediately, offer something that sounds too good to be true, or ask for personal information.
      • Use stronger authentication: Always opt to enable stronger authentication and enable multi-factor authentication (2FA/MFA) when available, especially for accounts with sensitive information including your email or bank accounts. Multi-factor authentication or 2FA helps verify a user has authorized access to the online account. For example, it could be a one-time code texted to a mobile device, providing an added layer of security beyond the password and username. Visit www.lockdownyourlogin.com for more information on stronger authentication.
      • Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.
    UNG Logo
    • Contact Us
    • Request Information
    • Quick Facts
    • Campus Maps & Directions
    • Student Consumer Information
    • Campus Safety
    • Emergency Information
    • Employment/HR
    • UNG Policies & Procedures
    • UNG Alumni Association
    • UNG Foundation
    • Ethics & Compliance Hotline
    • Human Trafficking Notice
    • Equal Empl. Opportunity

    © 2023 The University System of Georgia and the University of North Georgia.

    UNG follows the section 508 Standards and WCAG 2.0 for web accessibility. If you require this content in another format, please send an email to the ADA Coordinator.

    Use of military-themed imagery does not constitute endorsement by the U.S. Department of Defense.

    • Accreditation
    • Accessibility
    • Privacy Policy
    Establishing Connection...
    AskNigel