Web Server Registration Beginning on November 1, 2008, web servers must be registered in order to be visible from the Internet.
By default, web servers that are not registered have the common web ports, 80/tcp and 443/tcp, denied from the Internet.
If your web server does not need to be visible from the Internet, it does not need to register.
To register a web server visit the Web Server Registration site. More>>
Recent Targeted Phishing Attacks Cyber criminals are using sophisticated targeted phishing in an attempt to infiltrate computers at Berkeley Lab, as well as other educational and government institutes. These attacks come via seemingly well intentioned emails.
The emails may refer to things that seem relevant to your work or research. However, the emails contain malware and/or links to malware posted on websites.
In most cases, this malware is too new to be detected by Anti-virus software. More>>
Dangerous Links
Berkeley Lab is receiving malicious emails with links to .exe files. The .exe files are viruses and malware. The email's are commonly disguised as greeting cards. The attacks are expected to evolve to use Valentine's Day greeting cards, Super Bowl information, and Presidential Primaries information. Berkeley Lab employees must be diligent and use discretion when clicking on links sent in email. More>>
Make Your System Safer: Get a CPP Assessment To better understand and improve the security of your system(s), you can request a vulnerability assessment from the Computer Protection Program (CPP). CPP sends a confirmation e-mail before the scan begins and an email with detailed results and suggested improvements for ensuring system security after the scan is completed. While security scans in no way represents a CPP guarantee of system security or integrity, they are helpful in identifying your system's vulnerabilities. You can request Go here to request an assessment.
Don’t Be Tricked Into Compromising Your
Computer Fraudulent phishing emails from banks and credit
card companies asking information are commonplace, but did you know
the same techniques may be used against you as an employee of Berkeley
Lab? Think twice if you receive a phone call, email, or see
a suspicious website asking for your private LBNL information, such
as your LDAP or system password. Attackers who target you based
on your connection to the Lab may use convincing LBNL logos and
terminology to give you a sense of security. Many DOE sites, including
other Laboratories, have been targeted by these techniques during
the past year. If you're not sure it's real, send an email
to cppm@lbl.gov. Most likely,
you weren't the only person targeted, so report it—don’t
just delete it or ignore it. Learn
more about social engineering>>
Computer Security Annual
Refresher Training Available The 2007 edition of Computer
Security User Training is now available. The course takes 10-15
minutes to complete online and covers important cyber security topics
applicable to all users. The course is mandatory for all LBNL employees
with computer access and is encouraged for all Participating Guests.
Take the course>>
Minimum Security Requirements
Computer systems connected to the LBNL network must meet minimum
security requirements or they will not be allowed on the network.
Minimum security requirements establish a baseline of security for
all systems on the LBNL network. More>>
|
|
Getting Started at the Lab
• Take online computer security training SEC 0201 Computer Security Annual Refresher
• Contact
Your Computer Security Liaison about security
policies or guidelines.
• Employee
Guidelines for Safe & Appropriate Computer Use
• Learn about
Viruses, Spam, Phishing, Hoaxes, Scams, and Social Engineering
Recent Messages from CPP/CIO
• Level 1/TABL Special on Phishing Attacks 5.21.08 (email warning of ongoing targeted phishing against LBL and other National Labs)
• Privacy Training Announcement
Downloads & Updates
• Symantec
AntiVirus
• Microsoft
AntiSpyware
• Windows
Patches/Service Packs
• IT Division
Computing Resources
Contact CPP
CPP can be contact via the mailing list cppm@lbl.gov,
or many common issues, such as blocked computers, can be handled
by the IT Division help desk at help@lbl.gov
or x4357. The CPP after hours emergency pager number is 510-486-7770.
|
|