Users are reporting error messages when attempting to access the UNM Directory from the UNM.edu page. Technicians are aware of the issue and are working on a resolution. 

The Confluence documentation system (confluence.unm.edu) will be unavailable for a two hour period beginning 6:30am March 19, 2019. The outage is to allow the Operations team to perform maintenance on the database to make Confluence compliant with naming conventions for database instances. 

To ensure continued security, vendor support, and resolution of minor issues, the cPanel servers will upgraded from version 70 to version 76 on Tuesday, March 19th from 9:00 AM to 4:00 PM. There are five servers to be updated and configured, with each taking an hour to complete. Each server will be upgraded sequentially.

During this work time, the cPanel administrative web interface (https://<yoursite>.unm.edu/cpanel) will be intermittently unavailable. This DOES NOT affect the availability of actual websites hosted on cPanel - just the cPanel administrative interface itself.

Once the upgrade is completed, the cPanel web interface should appear as before. Announcements will be made to the cPanel List Serv for progress and completion.

If you manage your website entirely through Cascade, WordPress, another CMS, or manually, this change will not impact you.

UNM is seeing higher than normal increase in cyber-attacks. Users may experience being locked out of their email, including LoboMail, Outlook and other email clients for periods of time.

IT technicians are aware of the issue and are working with Microsoft to find a solution.

Recently, many of you have received an SSL certificate expiration notification. This is due to the fact that you currently have a site that is hosted on one of our cPanel servers, which uses the UNM wildcard SSL certificate.

We would like you to know that we are aware of the upcoming expiration and will perform the tasks necessary to renew the SSL certificate. You may receive notifications until the renewal process is completed. However, we would like you to know that you are not required to perform any tasks since the renewal will be done by IT Applications before March 28, 2019.

Thank you for your understanding and we apologize for any inconvenience this may have caused.

Regards,
IT Applications

To promote a healthy support life cycle, several common Microsoft products will reach their end of life/end of support dates in a year or less (January 2020).

The affected products and corresponding dates are show below. The most prominent impacts are to Windows 7, Windows Server 2008 (and 2008 R2), and SQL Server 2008 (and 2008 R2).

If you are using any of these Microsoft products in your organization, please begin the process of upgrading to newer (supported) versions as soon as possible. Continuing to use these products once their end of life passes presents a security risk to the University and prevents students/faculty/staff from leveraging the latest improvements and enhancements.

Windows (desktop/laptop)

Office

Windows (server)

Enterprise Applications

For full details on Microsoft's products and their end of life dates, see https://support.microsoft.com/en-us/lifecycle/search.

The UNM IT Customer Support Service Desk and the UNM Information Security & Privacy Office (ISPO) have received many reports of fraudulent/phishing emails sent to UNM community members.

Extortion Emails

There does not appear to be any evidence of automatic downloads, malware, or other malicious software associated with the email samples provided.  Any credentials (usernames, passwords, etc.) associated with these emails appear to have been the result of high-profile data breaches of parties external to UNM.

For more information regarding extortion email schemes please reference the following PSA from the Federal Bureau of Investigation (FBI):

https://www.ic3.gov/media/2018/180807.aspx

Impersonation Emails

All email accounts associated with the impersonation attempts have been hosted by third-parties external to UNM.  As with the extortion emails referenced above, there does not appear to be any indication of compromised UNM accounts associated with these types phishing/spoofing campaigns.  Additionally, there is no evidence automatic downloads, malware, or other malicious software associated with the email samples provided.

For more information regarding extortion email schemes please reference the following PSA from the Federal Trade Commission (FTC):

https://www.consumer.gov/articles/imposter-scams

What you can do

UNM community members are encouraged to report suspicious activity to the University Information Security & Privacy Office at the address security@unm.edu.  Where possible, ISPO staff encourage users to submit samples ‘as an attachment’ so the full message headers can be analyzed.  For information on providing an email as an attachment please visit the following:

https://ispo.unm.edu/frequently-asked-questions.html

Spam:

These messages typically have one or more of the following attributes/characteristics:

• The messages are unsolicited and are sent from unfamiliar addresses
• Contain ‘[SPAM?? #%]’ in the subject line
• Contain advertising in the message body

What you should do:  Forward the Spam sample (as an attachment) to spamdrop@unm.edu

Phishing:

These messages typically have one or more of the following attributes/characteristics:

• The messages are unsolicited and are sent from unfamiliar addresses
• The message body encourages you to take any action such as responding to the original message or clicking a link, or contains otherwise suspicious text

What you should do:  Forward the Phishing sample (as an attachment) to security@unm.edu

To stay updated with the latest phishing attempts and major security alerts visit the ISPO’s Phish Bowl and Advisories page:

https://ispo.unm.edu/phish-bowl/index.html

https://ispo.unm.edu/advisories/index.html

For more information regarding phishing/spoofing email schemes please reference the following PSA from the Federal Bureau of Investigation (FBI):

https://www.ic3.gov/crimeschemes.aspx#item-14

If you feel you have been the victim of a crime please file a report with UNM PD or visit https://police.unm.edu.

The latest Java update (181) is not compatible with LoboTime/Kronos. The vendor is aware of the issue but there is no scheduled fix. The best solution at present is to revert to the previously used version of Java.

Managers using Macs must avoid Safari 12 as it removes support for the Java NPAPI.
This breaks Lobotime for managers. Remain on Safari 11.

 Technicians are aware of the problem and are working on a solution.

Ad Astra will be unavailable from Wednesday, March 20, 2019 starting at 6 AM until Wednesday, March 20, 2019 ending at 8 AM for a mandatory upgrade. The Ad Astra Scheduling System will be disabled while the system is being updated by the vendor.