Protect Your Online Accounts – Change Your Personal Passwords Today
We want to inform you about a recent security alert that highlights the importance of safeguarding your online accounts. Cybersecurity experts have identified a significant increase in compromised passwords, with billions of common passwords being leaked and reused across various platforms. Taking a few minutes now to update your passwords can save you from potential security issues later. Stay safe and secure!
In light of recent national news regarding vulnerabilities discovered in various internet browser extensions, we want to ensure that your online safety remains a top priority. To protect yourself, it's essential to regularly review and manage the extensions you have installed. Linked here, you'll find step-by-step instructions on how to remove extensions from Chrome, Edge, and Firefox internet browsers.
In our effort to continuously enhance our security measures and stay up to date with the latest cybersecurity technology trends, we introduced Duo Risk-Based Authentication (RBA) in February 2024. Duo RBA helps improve cybersecurity across all University of Miami campuses by assessing the risk of each login attempt to University of Miami systems beyond just passwords, considering factors like location, device, and login history.
As of January 11, 2024, if you use any UM Single Sign-On (UMSSO)-enabled applications like email, Blackboard, CaneLink, myUM, or Workday, you'll now encounter the Duo multi-factor authentication (MFA) prompt in a different way.
Help us beat FSU, UF, and other rival schools by playing in Cyber Bowl! As part of Cybersecurity Awareness Month, the University of Miami is challenging rival Florida schools in Cyber Bowl, an online cybersecurity awareness game taking place on the virtual playing field.
New Threat to Microsoft Teams – Criminals Using "External" Contact to Attach Malicious Files in Messages
A new tool, dubbed "TeamsPhisher," gives cybercriminals a way to leverage a security vulnerability in Microsoft Teams and automatically deliver malicious files to targeted Teams users in an organization. By impersonating legitimate external contacts or creating fake accounts, cybercriminals are sending messages containing infected attachments, aiming to deceive users into opening them—potentially leading to malware infections and data breaches. At this time, we highly discourage communications with external users/tenants, if not expected and/or required.
Changes to Default Sharing Options in Microsoft 365 Cloud Services – OneDrive, SharePoint, Teams
In August 2023, University of Miami Information Technology (IT) changed the default sharing option in Microsoft 365 cloud services—OneDrive, SharePoint, Teams—to "Specific people" to ensure the security of our digital information. When choosing to share a file or folder, you can manage the share settings as needed; however, IT highly recommends NOT using "Anyone with the link" as the sharing option. Instead, limit sharing to either "Specific people" or "People in your organization."
You can help safeguard against cyber-threats by creating strong passwords and changing your password frequently. To change your CaneID password, visit: caneid.miami.edu.
Update Your Chrome Browser to Address High Severity Vulnerabilities
Google released an updated Chrome browser in response to various, new high severity vulnerabilities. If you're a Chrome user on Windows, Mac, or Linux, please update your Chrome browser to version 99.0.4844.84 as soon as possible.
Duo Implemented Restrictions on Authentications in OFAC-regulated Countries
To comply with U.S. regulations, Duo implemented a change in their company policy. On May 5, 2022, Duo began blocking authentications from users whose IP address originates in a country or region subject to economic and trade sanctions by the U.S. Office of Foreign Assets Control (OFAC), including Cuba, North Korea, Iran, Sudan, Syria, and regions in Russia and Ukraine.
Access UM's Network via UMIT's Approved Remote Access Tools
In an effort to reduce potential security risks, UMIT has turned off the ability to log in to the UM network through the use of unsupported remote access tools.
New Email Security Feature: File Attachments Commonly Used to Transmit Viruses or Malicious Software have been Blocked
Please be advised that a new email security feature has been implemented to block file attachments that are commonly used to transmit viruses or malicious software in an effort to further protects the University's email system and individual mailboxes.
Enroll in Multi-Factor Authentication (MFA) Today!
Multi-Factor Authentication (MFA) is now required for all University of Miami faculty, staff, and student employees. MFA uses a second factor, e.g., mobile phone or tablet, to authenticate your login—in addition to your credentials. Since hackers don't have physical access to these devices while attempting to compromise your account, your information is secure.
