Software Store Blog

SAS Remote Code Execution Vulnerability (CVE-2021-44228)

CVE-2021-44228 is a remote code execution vulnerability in Apache Log4j.  SAS 9.4 is vulnerable to CVE-2021-44228. VUMC IT applied the necessary Security Update to address the Log4j vulnerability on the server. End users access the SAS server through SAS Enterprise Guide, the PC interface, and through SAS Studio, the web interface.  Enterprise Guide is not Java based and is not vulnerable to CVE-2021-44228.

Ten strategies for practicing Wi-Fi cybersecurity

October is cyber security awareness month Ten strategies for practicing Wi-Fi cybersecurity The use of public Wi-Fi has become a topic of concern for many people, especially those in the cybersecurity. There are Wi-Fi connections nearly everywhere now. Anyone with a phone, a computer, or other device has used this convenient tool because of its availability and ease-of-use. Our favorite restaurants, coffee shops, airports, and meeting places offer Wi-Fi hotspots.

Vulnerabilities found with Wi-Fi networks

Vulnerabilities found with Wi-Fi networks
 
 The VUMC IT Security Operations team is issuing this communication regarding a vulnerability discovered with secure Wi-Fi networks. The event is related to a weakness exposed in the WPA and WPA2 security protocols. At the current time, Vanderbilt University Medical Center Wi-Fi networks are not affected.

Five ways to spot a phishing attempt

October is Cyber Security Awareness Month
 
 Five ways to spot a phishing attempt
 
 Someone at the Medical Center receives a phishing email nearly every day. An attacker falsely identifies himself or herself as a trustworthy source and tries to exploit someone with an email that directs them to a fake website; usually under the auspices of being from human resources or as an email update.

Protect yourself against cyber threats

Attend the Cyber Security Town Hall October is Cyber Security Awareness Month. The VUMC IT Cyber Security Town Hall on Oct. 5 in Light Hall (Room 208) from 10:00 to 11:30 a.m. will include many topics you can use to stop cyber threats both personally and at work. Agenda items include:

VUMC IT to host Cyber Security Town Hall

VUMC IT to host Cyber Security Town Hall
 
 October is Cyber Security Awareness Month. To help educate the Medical Center workforce regarding the most common cyber threats and simple ways to keep our organization safe, VUMC IT will be hosting a Cyber Security Town Hall on Thursday, October 5 from 10:30 a.m. until noon in Light Hall room 208. Everyone is welcome to attend this informational seminar designed to notify and advise our workforce about current cyber threats the Medical Center faces every day. 

Directory Services receives initial technical inquiries from WWT

Final high-level design expected in late September 2017 Originally posted Monday, September 4 In July, World Wide Technology (WWT) visited Vanderbilt to meet with VUMC IT team members and begin the creation of an overarching plan for the VUMC Directory Services project. WWT has since created an initial project schedule, including a list of technical inquiries to aid in investigating and further formalizing their “high-level design”. VUMC IT is working diligently to provide answers to WWT’s questions to ensure accuracy.