HelpDesk

15 Lippitt Road, Kingston, RI 02881

helpdesk@uri.edu – (401)874-HELP

URI
Think Big, We Do.
Rhode Island Seal

Summer 2017 Hours

M - F 8am to 5pm

Please check the calendar for any changes to the regular schedule.

Contact Us

Walk-In: Kingston Library Rm LL19
Phone: (401)874-HELP
  (401)874-4357
General URI Help: 401-874-1000
E-mail: helpdesk@uri.edu

Problems with wireless?

If you are experiencing problems with wireless connectivity on any of the University of Rhode Island campuses please email wirelessfeedback@uri.edu

Server Status Monitor

Sakai Status

Phishing

The University of Rhode Island will never ask for your account passwords. If you have received a message asking for your username and password please forward that message to abuse@uri.edu

Back Office

Twitter Facebook Google+

The University of Rhode Island Computer and Networking HelpDesk is the one-stop center for all tech-related issues at the university.  We provide support for any issue related to eCampus, Sakai, E-mail, Internet connections, wireless, smartphones and tablets, laptops, desktops, and more.

search search

Follow us on Facebook or Twitter for updates and urgent alerts.

Petya Ransomware Warning!

The MS-ISAC is aware of new ransomware activity similar to WannaCry using the Petya ransomware. Petya encrypts the Master File Table (MFT) for NTFS partitions and overwrites the Master Boot Record (MBR) with a custom bootloader. The ransomware demands an average payment of $300 in bitcoins. According to reporting by security researchers, Petya leverages the EternalBlue exploit that was made public in April by The ShadowBrokers and used by WannaCry to spread between systems on a network. EternalBlue utilizes a known SMB 1.0 vulnerability affecting most versions of Windows. Systems that have already had Microsoft’s MS17-010 security patch applied are not vulnerable to the EternalBlue exploit used by Petya. The MS-ISAC originally released a cyber security advisory on March 14, 2017, detailing the specifics of this vulnerability and recommending that MS17-010 be applied. Patches that mitigate the vulnerabilities have been made available through manual download for end-of-life Microsoft Windows operating systems that no longer receive mainstream support.

The initial propagation vector for Petya remains undetermined. The MS-ISAC monitoring service deploys multiple signatures for detecting the EternalBlue exploit.

The MS-ISAC has received no reporting indicating a successful Petya infection against an SLTT government entity.

 

According to the email provider Posteo, the cyber criminals were using a Posteo address for decryption key delivery, and this address has been disabled.

 

SYSTEMS AFFECTED:

  • Microsoft Windows Vista, 7, 8.1, RT 8.1, 10
  • Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016
  • Microsoft Windows Server Core Installations 2008, 2008 R2, 2012, 2012 R2, 2016
  • Microsoft Windows; XP SP2/SP3, Embedded SP3, 8 RT
  • Microsoft Windows Server 2003 SP 2

 

RECOMMENDATIONS:

MS-ISAC recommends organizations work to determine if older versions of the identified software are currently running on systems and develop a proper migration plan to ensure software is upgraded appropriately.

  • Blacklist the execution of perfc.dat as well as the PSExec utility from Sysinternals Suite.
  • Apply appropriate patches provided by Microsoft to vulnerable systems immediately after appropriate testing.
  • Block ingress and egress traffic to TCP and UDP ports 139, 445, and 3389 at your demarcation point.
  • It is advised to immediately remove un-patchable hosts from the network
  • Disable SMBv1 on all systems and utilize SMBv2 or SMBv3 after appropriate testing.
  • Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
  • Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
  • Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments, especially those from un-trusted sources.
  • Apply the Principle of Least Privilege to all systems and services.

 

REFERENCES:

US-CERT:

https://www.us-cert.gov/ncas/current-activity/2017/06/27/Multiple-Petya-Ransomware-Infections-Reported

 

Microsoft:

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

DIRECT LINK TO MANUAL PATCHES: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

 

MS-ISAC:

https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-microsoft-windows-smb-server-could-allow-for-remote-code-execution/

 

Posteo:

hps://posteo.de/en/blog/info-on-the-petrwrappetya-ransomware-email-account-in-question-already-blocked-since-midday

 

Kaspersky:

https://blog.kaspersky.com/new-ransomware-epidemics/17314/

Supported Anti-Virus Software!

With our new SafeConnect security software, many of you are getting warnings about installing Anti-Virus software.  Our Security department has compiled a list of the supported programs, which can be found here.

New Wireless Authentication!

As many of you know, Information Security will be going live with a new version of SafeConnect as of Wednesday, May 31, 2017 (@ Time TBD).  For users that are on a SafeConnect managed subnet, the system will prompt all existing users to re-authenticate before being allowed to access the internet.  It is important to note that this only affects a small amount of the user base and the majority of users will not be impacted.
For those users who are on a SafeConnect managed subnet, they will be redirected to an authentication page (see below) and required to enter their eCampus username & Sakai password.  Users will only be prompted to enter their credentials one time.
Screen Shot 2017-05-25 at 11.50.51 AM
If any issues do occur, please contact us at 401-874-HELP.

Student Workers Needed for Helpdesk!

The URI Help Desk is actively seeking additional student workers for a variety of positions this summer. We have several full time positions both here at the HD as well as several other locations on campus including the DATA Center, Memorial Union, and remote on campus locations.  Good starting pay and a chance to develop computer and customer service skills.
If you know of any current students looking for employment please encourage them to apply.

E-Campus Emergency Reset!

Due to system overload, the E-Campus system is going to be reset at 1 p.m today.  We expect it to be down for fifteen to twenty minutes.  Please call the helpdesk at 874-HELP with any questions.  We apologize for any inconvenience and will report back here when the system is back up and running.
UPDATE – 1:26 p.m. – E-Campus is back up and running!  Please call us with any problems.

Multiple Ransomware Infections Reported!

Original release date: May 12, 2017

US-CERT has received multiple reports of ransomware infections in several countries around the world. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Individuals and organizations are discouraged from paying the ransom, as this does not guarantee access will be restored.Users and administrators are encouraged to review the US-CERT Alert TA16-091A to learn how to best protect against ransomware. Please report any ransomware incidents to the Internet Crime Complaint Center (IC3).!

Three Ways To Improve Google Chrome Performance On The Mac!

Check it out here!

URI Founders Day on the Quad Live Streaming Event!

A brief speaking program will begin at 3:15 p.m. on the Quad, followed by festivities including hayrides to Watson House tours, zip-lines, animals from Peckham Farm, games, historic clothing exhibit, music by Roger Ceresi’s All Starz, and complimentary food including hot dogs, kettle corn and Del’s lemonade! Live broadcast by WRIU.
First 125 guests will receive a free T-shirt! Free and open to the public.  Join South County’s own 8-piece horn-driven band, Roger Ceresi’s All Starz, that will be on the Quad for this big event. High-energy R&B and rock ‘n roll for your soul!

Watch the live stream at stream.uri.edu.

Yikes!  Time for Final Exams!

As we head into Finals, remember that the URI Helpdesk is open M – Th 8am to 9pm, Fri 8am to 5pm, Sat 10am to 4pm and Sun Noon to 6pm. Please come see us or call us. If not, send us an email or contact us here!  Good luck everyone!

ITS Training Sessions!

ITS offers a wide array of training sessions (formerly called Short Courses) throughout the year.  Our next wave has recently been announced and can be found here.

Team Drive for Google Suite Available Monday, April 17!

On Monday, 4/17, Team Drive for Google Apps for Education will become active for users with @uri.edu and @my.uri.edu Google accounts.  Team Drive is an easier way to use Google Drive in a team environment.  It allows all members of a designated team to have greater control over files.  If you are interested, please watch the linked video for more information.

User Self-Service Password Recovery for Google Apps!

User Self-Service Password Recovery is now live for Google Apps, both @uri.edu and @my.uri.edu. This new feature allows users to save a recovery phone number and/or email and use them when they can not remember their password.

Turning this on will not change the login experience.
To activate User Self-Service Password Recovery, click the following link: https://support.google.com/accounts/answer/183723?visit_id=0-636215709461103227-622048391&rd=1&pli=1
Please let us know if you have any problems or concerns.

Are you a Technology Professional working on campus?

Do you support end user students, faculty or staff on computer systems, networking or applications?

Come join the URI University Technology Network (UTN).

Interact with central IT and distributed technologists to share knowledge, ask questions, and improve our service to the community.  

To get started simply fill out the form here.

Google Suite Account Suspensions!

There have been an increased number of suspended Google accounts this morning.  The team is looking into how to fix it on an Administrative level, but in the meantime please call 874-HELP and we can reactivate them for you.  Sorry for the inconvenience.

 Top Issues!

• Usernames and Passwords – call 874-HELP

• Wireless set-up

• Sakai Access

• Email set-up

• Stay Informed

• Check to see the status of Google Apps

Phishing Advisory!

The following is sent on behalf of Michael Khalfayan, Associate Director, Information Security.

January 23, 2017

Phishing Attempt Advisory

In recent days, we’ve learned of a new phishing attack that attempts to draw the attention of recipients with the subject line: “Document”

If you receive a message fitting this description, do not click on the link to validate your account, or open the attachment, close the message immediately and report it as spam. Using the Google Mail Web Interface within the message, click on the down arrow to the right of the ‘reply’ button and select ‘Report phishing’. The message will be sent to the Google Gmail Team immediately for analysis and filtering.” If you did open the attachment or entered your credentials please change your password immediately. Also, if you use the same password for any other accounts here at URI or at home please change those as well.

Our email traffic is filtered by the Google Message Security service, which provides you with protection against dangerous viruses and spam. However, some spam may occasionally get through to your inbox, so please use caution.

Phishing was a term originally used to describe email attacks that were designed to steal your online banking username and password. However, the term has evolved and now refers to almost any email-based attack. Phishing uses social engineering, a technique where cyber attackers attempt to fool you into taking an action. These attacks begin with a cyber criminal sending you an email pretending to be from someone or something you know or trust, such as a friend, your bank or your favorite online store. Their goal is to trick you into taking an action, such as clicking on a malicious link, opening an infected attachment or responding to a scam. Cyber criminals craft these emails to look convincing, sending them out to literally millions of people around the world. These attackers do not have a specific target in mind, nor do they know exactly who will fall victim. They simply know the more emails they send out, the more people they may be able to fool.

As a reminder, Free Security Awareness Training is available for all faculty and staff. This Security Awareness Training will not only help us better identify these types of Phishing Emails but also will provide us with information on how to protect our families from Cyber Security threats. To request a free account please contact Michael Khalfayan.

 

Need help setting up a Sakai course?!

Take a look at this video!

Think a server may be down?

You can check our monitoring page by clicking here, or scrolling to the bottom of this page.

Scanner/Printer mail errors

If you are receiving errors on your networked scanners or printers that send e-mails, please note that the outgoing mail server in the printer settings must be changed to smtpserv.uri.edu.  Also, the printer needs to be added to a list of allowed devices.  If you are using the correct smtpserver, and you are still having trouble, please call 874-HELP.

Phishing Attempt Advisory!

In recent days, we’ve learned of a new phishing attack that attempts to draw the attention of recipients with the subject line: “URI Help Desk Center”.

If you receive a message fitting this description, do not click on the link to validate your account, close the message immediately and report it as spam. Using the Google Mail Web Interface within the message, click on the down arrow to the right of the ‘reply’ button and select ‘Report phishing’. The message will be sent to the Google Gmail Team immediately for analysis and filtering.”

Our email traffic is filtered by the Google Message Security service, which provides you with protection against dangerous viruses and spam. However, some spam may occasionally get through to your inbox, so please use caution.

Phishing was a term originally used to describe email attacks that were designed to steal your online banking username and password. However, the term has evolved and now refers to almost any email-based attack. Phishing uses social engineering, a technique where cyber attackers attempt to fool you into taking an action. These attacks begin with a cyber criminal sending you an email pretending to be from someone or something you know or trust, such as a friend, your bank or your favorite online store. Their goal is to trick you into taking an action, such as clicking on a malicious link, opening an infected attachment or responding to a scam. Cyber criminals craft these emails to look convincing, sending them out to literally millions of people around the world. These attackers do not have a specific target in mind, nor do they know exactly who will fall victim. They simply know the more emails they send out, the more people they may be able to fool.

As a reminder, Free Security Awareness Training is available for all faculty and staff. This Security Awareness Training will not only help us better identify these types of Phishing Emails but also will provide us with information on how to protect our families from Cyber Security threats. To request a free account please contact Michael Khalfayan.

The following link will show you phishing messages we have received:  http://security.uri.edu/thetank/

e-Campus Password Hint Change!

In the near future you will be receiving an email that says the following:

Our e-Campus system has detected that your password hint needs to be reset.  Knowing your password hint allows you to reset your e-campus password without contacting the Help Desk.  Please logon to e-Campus Student/ Faculty-Staff and use the following navigation to reset your password hint:  Main Menu > Change Password Hint  This is not SPAM.  If you have any questions please call the URI Help Desk at 874-help.  Thank you.

Please follow the instructions and update your password hint.

Spear Phishing Warning!

If you receive an email that looks like the following please delete it immediately and don’t click on any of the links:

From: Unversiity Of Rhode Budget and Financial Planning. 

Date: Mon, Oct 10, 2016 at 1:40 AM

Subject: Important Info; Faculty/Staff

To:

Dear Staff,

This is to notify you of our latest Financial Behaviors Before and After the Financial Crisis: Evidence from an Online Survey 

Download the attachment, login  and view the last senate resolve on staff salary cut down.

Thank you and kind regards.

——————————————————————————————————

The Budget & Financial Planning Office at the University of Rhode …STAFF. Linda Barrett, Director; Cheryl Hinkson, Assoc.

web.uri.edu/budget/  Tel: 401 874-5992 University of Rhode Island, Kingston, RI 02881, USA 1.401.874.1000

Turning Point and MacOS Sierra Warning!

Via Turning Technologies:

Dear Valued Client,

With the upcoming release of Mac OS Sierra, we want to make you aware that some third-party software applications for Mac may experience short-term issues until future updates can be released. Along these lines, our development teams are preparing an update to TurningPoint Cloud Mac that will work seamlessly with the latest version of Apple’s OS. However, our future release of TurningPoint Cloud Mac is dependent upon the release of Sierra and cannot be finalized until the new OS is available.

We anticipate the TurningPoint Cloud Mac update will be available within 60 days of the OS release. In the meantime, to ensure proper TurningPoint Cloud functionality, we strongly recommend that Mac users wait to update their OS until our update to TurningPoint Cloud Mac is available.

Please contact Turning Technologies’ support team for any additional information at 866-746-3015.

Sincerely,

Turning Technologies

Refreshing Your Browser Cache!

Now and again, you may encounter a problem in your browser where a page won’t load properly, or a password you think you know isn’t working, etc.  Often times, refreshing the browser cache does the trick to fix normal everyday issues.  This page explains step by step how to do it!

Google Tips and Tricks!

The Google Gooru tweets some of the best ideas and how-to videos for Google Apps.

Everything else!

For a full list of our services, please click here.

Check to see if a server is down!

(Only works on the URI Network.)


wireless maintenance 1/5/2017

wireless maintenance 1/5/2017

Wireless Network Maintenance: XpressConnect System Maintenance Thursday, 1/5/2017 6:00 AM – 7:00 AM   This outage should only affect people connecting new devices to the network.

Copyright © 2017 University of Rhode Island.

The University of Rhode Island
Think Big, We Do.
A-ZDirectoryContact UsJump to top