7/9/2008 15:49   Spoofed DNS Vulnerability Recommendations
On July 8, 2008, Microsoft, the Internet Software Consortium, and many other software vendors released a coordinated update to address "new" problems with the DNS (or Domain Name Service) protocol.  The flaw exists due to the implemenation of the the DNS client and server applications which are very predictable.  This predictablity of the query and responses could allow an attacker to spoof an invalid response.  As such, the attacker could inject an IP address of their choice to a common DNS query like www.uark.edu, or google.com.  If a client or server caches the incorrect IP address, a computer could contact a fraudulent website, email server, or file server.
For More Click...Spoofed DNS Vulnerability Recommendations

6/16/2008 14:53   Backscatter Spam Attacks Directed At Campus
University IT Services has been receiving many reports of users finding large amounts of unexplained nondelvery messages in their inboxes.  These nondelivery (or "bounce") messages appear to indicate that the user has been sending spam to external servers, and that the messages have been rejected by the remote servers.
For More Click...Backscatter Spam Attacks Directed At Campus

5/17/2008 14:07   Continued Phishing Scams Directed at University Accounts
Since Thursday May 15, 2008, the University of Arkansas campus has again had fraudulent email messages directed to campus accounts.  The messages purport to being from the university administration and has a subject line of "Confirm Your E-mail Address".  The attacker attempts to pursuade the unsuspecting user to hand over their account password.   As a reminder, the University will NEVER send a message like this.
For More Click...Continued Phishing Scams Directed at University Accounts

5/15/2008 11:17   Ubuntu and Debian Linux Security Issue
Earlier this week, a significant security vulnerability was announced involving Linux distributions derived from Debian and/or Ubuntu. The pseduo-random number generator (PRNG) function in these operating systems contained a flaw which makes these numbers predictable. The net result is that any form of encryption used in applications such as Secure Shell terminal sessions, OpenVPN and SSL certificates used for secure web pages are vulnerable to attack on these operating systems. Windows, MacOSX and other Unix based computers do not appear to be vulnerable to this security flaw.
For More Click...Ubuntu and Debian Linux Security Issue

2/21/2008 14:17   Fraudulent Email Sent to UAF Campus Users
On February 21, 2008, hackers have once again attempted to fool University of Arkansas account holders through an email scam. This attack purports to originate from the administrator of uark.edu accounts, and claims that individual accounts will be removed if the message is not responded to.
For More Click...Fraudulent Email Sent to UAF Campus Users

1/8/2008 16:20   Microsoft Releases Critical Update for TCP/IP

For More Click...Microsoft Releases Critical Update for TCP/IP

12/7/2007 19:35   Fraudulent Account Confirmation Email Messages
On the afternoon of December 7, 2007,  University of Arkansas email account holders started receiving email messages purporting their account will be removed should they not respond to the message or log into the UAMail system.   This message is completely fraudulent and was not sent on behalf of the University.
For More Click...Fraudulent Account Confirmation Email Messages

11/13/2007 10:59   Critical Update Released For Windows XP and 2003
Earlier today, November 13, 2007, Microsoft released a critical update for Windows XP and Server 2003 systems.  This update addresses a flaw in validating and handling URIs (Universal Resource Identifiers) within the shell32.dll file.  This flaw could allow an attacker to run arbitrary code on systems without this patch by crafting a malicious URI and convincing end users to access it via a web browser, email client, or other applications.
For More Click...Critical Update Released For Windows XP and 2003