Sample of Phishing Email

Dear Users,

You may have received email similar to the above phishing email, which seems to be sent by ICTO.

Please DO NOT RESPOND to this kind of emails which purposely asking for your user name and password. ICTO will NOT ask you for these information through email or web page. If you have responded to the suspicious email accidentally, you are advised to reset your password at once.

If you have any further queries, please feel free to contact our Help Desk.

Help Desk Contact
Location : Room 2085, 2/F, Central Teaching Building (E5)
eMap : Desktop Version, Mobile Version
Telephone : 8822 8600
email : @

Thanks for your attention.

Information and Communication Technology Office

To: All Users

Many users reported that they received a suspicious email with password protected attachment named “A letter of complaint on University of Macau.rar”. Please DO NOT OPEN this attachment. This attachment contains a suspected Trojan. Usually, to compress an attachment with password can be used to bypass Anti-virus system. If you open it, your computer may be infected.

If you have any further queries, please feel free to contact our Help Desk (Ext. 8600, Email: @)

Thank your your attention.

Information and Communication Technology Office

To All Users,

The US Computer Emergency Readiness Team (US-CERT) have issued warnings on the vulnerability that found in OpenSSL versions 1.0.1 through 1.0.1f, and version 1.0.2-beta including version 1.0.2-beta1.

Original release date

8 April 2014

Description

This vulnerability allows remote hackers to retrieve sensitive information without authentication through incorrect memory handling in the TLS heartbeat extension. User authentication credentials and secret keys may then be disclosed to hackers.

The sensitive information that may be retrieved using this vulnerability include:

• Primary key material (secret keys)
• Secondary key material (user names and passwords used by vulnerable services)
• Protected content (sensitive data used by vulnerable services)
• Collateral (memory addresses and content that can be leveraged to bypass exploit mitigations)

Systems Affected

• OpenSSL 1.0.1 through 1.0.1f
• OpenSSL 1.0.2-beta (including 1.0.2-beta1)

Solution

Step 1: You can check if your web server is affected by this vulnerability through https://www.ssllabs.com/ssltest/.  A warning as show below will be displayed if the webserver is affected:

Step 2: OpenSSL has released the latest patches to address this vulnerability, you can download the patched update fromhttps://www.openssl.org/source/.

• For OpenSSL version 1.0.1 (including 1.0.1f): Update to version 1.0.1g
• For OpenSSL version 1.0.2-beta (including 1.0.2-beta1) : To be fixed in version 1.0.2-beta2.  Users unable to immediately upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS .
• Details: https://www.openssl.org/news/secadv/20140407.txt

Step 3: Any keys generated with a vulnerable version of OpenSSL should be considered compromised, they should be regenerated and deployed after the patch has been applied.

References

• US-CERT – OpenSSL ‘Heartbleed’ vulnerability

Thank you for your attention. For further inquiries, please feel free to contact our Help Desk (Ext. 8600, Email: @).

Information and Communication Technology Office