SAS Remote Code Execution Vulnerability (CVE-2021-44228)
CVE-2021-44228 is a remote code execution vulnerability in Apache Log4j.
SAS 9.4 is vulnerable to CVE-2021-44228.
VUMC IT applied the necessary Security Update to address the Log4j vulnerability on the server.
End users access the SAS server through SAS Enterprise Guide, the PC interface, and through SAS Studio, the web interface. Enterprise Guide is not Java based and is not vulnerable to CVE-2021-44228.
Apache Log4j CVE-2021-44228 vulnerability in IBM SPSS Statistics
IBM released Interim Fixes to address the Apache Log4j vulnerability in SPSS Statistics Premium versions 25, 26, 27 and 28.
See IBM's support article for more information.
Contact software.store@vumc.org if you have questions.
Tableau Security Update 5
Tableau Software, LLC has released a product update for all impacted versions of Tableau products to address the Apache Log4j2 security vulnerabilities in CVE-2021-44228 and CVE-2021-45046.
Ten strategies for practicing Wi-Fi cybersecurity
October is cyber security awareness month
Ten strategies for practicing Wi-Fi cybersecurity
The use of public Wi-Fi has become a topic of concern for many people, especially those in the cybersecurity. There are Wi-Fi connections nearly everywhere now. Anyone with a phone, a computer, or other device has used this convenient tool because of its availability and ease-of-use. Our favorite restaurants, coffee shops, airports, and meeting places offer Wi-Fi hotspots.
Vulnerabilities found with Wi-Fi networks
Vulnerabilities found with Wi-Fi networks
The VUMC IT Security Operations team is issuing this communication regarding a vulnerability discovered with secure Wi-Fi networks. The event is related to a weakness exposed in the WPA and WPA2 security protocols. At the current time, Vanderbilt University Medical Center Wi-Fi networks are not affected.
Five ways to spot a phishing attempt
October is Cyber Security Awareness Month
Five ways to spot a phishing attempt
Someone at the Medical Center receives a phishing email nearly every day. An attacker falsely identifies himself or herself as a trustworthy source and tries to exploit someone with an email that directs them to a fake website; usually under the auspices of being from human resources or as an email update.
Five tips for better password security
Five tips for better password security
Protect yourself against cyber threats
Attend the Cyber Security Town Hall
October is Cyber Security Awareness Month. The VUMC IT Cyber Security Town Hall on Oct. 5 in Light Hall (Room 208) from 10:00 to 11:30 a.m. will include many topics you can use to stop cyber threats both personally and at work.
Agenda items include:
VUMC IT to host Cyber Security Town Hall
VUMC IT to host Cyber Security Town Hall
October is Cyber Security Awareness Month. To help educate the Medical Center workforce regarding the most common cyber threats and simple ways to keep our organization safe, VUMC IT will be hosting a Cyber Security Town Hall on Thursday, October 5 from 10:30 a.m. until noon in Light Hall room 208. Everyone is welcome to attend this informational seminar designed to notify and advise our workforce about current cyber threats the Medical Center faces every day.