Quick Links

IT security news

Check it before you click it!

With holidays fast approaching, cybercriminals are taking advantage of people's vacation planning, online shopping, and expected package deliveries. Millions of phishing scam emails are being sent out daily, spoofing trusted brands, retailers, postal services, banks, stores, and more. Many of these emails look legitimate, and it gets harder to tell what's a real email, and what's a scam.

Category :
Published on : 05 Dec 2014

Warning: CryptoLocker Virus is back again - don't open attachments

There is currently a virus infecting computers via email attachments.  In the latest fraud reported at McGill, the subject of the email is You have received a voice mail, and the attachment contains the virus. If you receive any emails containing .ZIP file attachments, DO NOT open them.

Category :
Published on : 14 Oct 2014

Bash security vulnerability

Yesterday, a new security vulnerability, affecting Bash, was announced. The Bash shell, commonly accessed through Command Prompt or the Terminal application, is a part of many Linux, Unix, and Mac systems. Since it has been around for more than two decades, older devices are also vulnerable. If used maliciously, Bash allows an attacker to take over an operating system, access confidential information, make changes, etc..  McGill’s IT Services is devoting their full attention to addressing any potential threat this may cause to centrally-managed IT systems.

Category :
Published on : 25 Sep 2014

Faculty and Staff: McGill will double your password if you don’t do it first

If you haven’t yet changed your McGill Password, it’s time to get to it. In October, all faculty and staff members who did not change their password when prompted to earlier this year will have their McGill Password doubled.

Category :
Published on : 11 Sep 2014

TrueCrypt users: migrate your data

The development of TrueCrypt ended in May after Microsoft terminated support of Windows XP. If you currently use TrueCrypt, you should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform. Please note that IT Services can only support TrueCrypt and other encryption tools on a best-efforts basis.

Category :
Published on : 28 Aug 2014

Alumni: reset your McGill Password

Back in April, you may have heard of the Heartbleed vulnerability and its potential impact on McGill. All of McGill’s central IT systems have been evaluated, and updates were applied where needed. Since it is always a good practice to periodically change passwords, we encourage you to reset your McGill Password at this time. 

Category :
Published on : 14 May 2014

Heartbleed: reset your McGill Password

In April, we emailed you about the Heartbleed vulnerability and its potential impact on McGill. All of McGill’s central IT systems have been evaluated, and updates were applied where needed. As a final precaution, we strongly encourage you to change your McGill Password without delay.  If you are a McGill staff member, you are required to change your password.

Published on : 14 May 2014

Update: Security vulnerability in Internet Explorer could allow remote code execution

Update: May 5, 2014Last week Microsoft released a Windows update to address the security vulnerability in Internet Explorer.  This update was remotely deployed to McGill's centrally-supported computers on Friday, May 2 via the Campus Windows Server Update System (WSUS). Note that Microsoft made the decision to also offer the update for Windows XP. You may be prompted to restart your computer. Please be sure to run Windows Update on all computers that are not configured to automatically install updates from the WSUS, including your

Category :
Published on : 28 Apr 2014

Heartbleed vulnerability

You may have become aware, through media or other means, of a computer security vulnerability called Heartbleed that is affecting networks around the world. This bug, which has existed since late 2011 but was only widely recognized this week, makes password and other sensitive data vulnerable to theft.

Category :
Published on : 10 Apr 2014

Phishing email targeting McGill Faculty, subject: "New Library Resources for Faculty Members"

A phishing attempt is circulating with the Subject line: "New Library Resources for Faculty Members ", and Sender: "library@mcgill.ca". A sample email is shown below.   Please delete this email immediately! It does NOT come from a McGill source.

Category :
Published on : 10 Dec 2013

Warning: Phishing email targeting McGill Library users

A phishing attempt is circulating with the Subject line: "New Library System", and Sender: "McGill University Library". A sample email is shown below.  

Category :
Published on : 14 Nov 2013

Warning: Phishing email with password protected zip file circulating

An email is currently circulating with a password-protected .ZIP file as an attachment. A sample of this email is shown below. Please delete this email immediately! It does NOT come from a McGill source.

Category :
Published on : 12 Nov 2013

Warning: Phishing email with subject "WEBMAIL ACCOUNT UPDATE"

An email is currently circulating with the subject: "WEBMAIL ACCOUNT UPDATE". A sample of this email is shown below.   Please delete this email immediately! It does NOT come from a McGill source.

Category :
Published on : 29 Oct 2013

Warning: CryptoLocker Virus infecting computers

Update - Friday, Oct 11, 2013:To prevent the spread of CryptoLocker virus and other malware, McGill IT is quarantining all .ZIP attachments that contain .EXE files.

Category :
Published on : 10 Oct 2013

Warning: Scam email entitled "Annual Form ..." contains virus attachment

An email is currently circulating with the subject: "Annual Form - Authorization to Use Privately Owned Vehicle on State Business" .  This message contains an attached .ZIP file that contains a virus.  If you receive this message, please delete it immediately.  DO NOT open the attachment!

Category :
Published on : 10 Oct 2013