Welcome to the security advisories page which we have nicknamed "Smoke Signals".
Smoke signals are one of the oldest forms of communication and it is a more visual form of communication used over distance. In our case, these "Smoke Signals" are used as a way send out news, warnings or communicate danger and as such are broken up into three categories.
In an era of increasing cyber threats, maintaining high-standard email security is pivotal. Therefore, ITS recently took proactive steps to fortify its email defence over the Christmas period by implementing an extra layer of email protection called Quarantine. The move was in response to a surge in fraudulent emails targeting Queen Mary University and our staff and students.
We are happy to announce that the Quarantine initiative has now been updated to provide even more comprehensive protection. Previously, users could only retrieve emails that were mistakenly classified as phishing. However, this function has been extended to include emails categorized as spam. This enhancement ensures a more thorough screening process, minimizing the risk of potentially harmful emails reaching users' inboxes.
Here is how this would look like:
The success of the Quarantine campaign is evident as over the past 30 days, this extra layer of email protection has successfully stopped 67,026 phishing emails and 250,715 spam messages. These numbers highlight the significant impact of the initiative in shielding the university's network from malicious activities.
This achievement is not just a testament to the effectiveness of the implemented measures but also a reflection of the vigilant and collaborative efforts of the Queen Mary community. The university acknowledges and appreciates the continuous support of its staff and team members in prioritizing cybersecurity.
As part of the university security strategy, the IT Operational Security team will be making changes to better protect your user accounts. We are introducing tools to allow you to fix any risky user account behaviour using multi-factor authentication (MFA).
This will not interrupt authorised users from accessing university provided applications or systems. However, if an automated alert is sent then you will be prompted to either enter a fresh MFA token, or in higher-risk situations, reset your password.
For example, signing in from a new location, device or app would show:
Whilst suspicious or leaked credentials may prompt you to reset your password:
It has come to our attention from our colleagues at UCISA that an AI tool called Otter.ai used to translate verbal content and record meetings, is acting like a computing virus. Details are limited but there are reports of the application auto installing without permission and capturing minutes of meetings where the user of Otter.ai was unable to attend, but without permission of those who were in attendance. Otter.ai was previously assessed for usage within QM, but not approved, however, it is not currently blocked, so we ask that you do not download or install the software. The information security team is investigating measures to block otter.ai ability to link to Office 365 and working with the wider IT team to remove the client from our environment to eliminate the risk of any conversation being recorded without permissions. We will endeavour to provide updates as they become available but if you have any questions, please contact Tim Passe.