REN-ISAC communications are normally conducted within the private membership. On occasion we issue public Alerts and Advisories, archived here. As a rule, we do not repeat alerts or advisories that one would normally see elsewhere. We craft alerts and advisories specifically for the research and education community.
2023-02-28 Case Study
Case Study: Research & Higher Education Incident #001: Ransomware - 2022
2022-06-07 ADVISORY
API Authentication Bypass in The Housing Director
2022-05-02 ADVISORY
Upcoming Cloud Service Authentication Changes
2022-02-22 ADVISORY
Tension in Ukraine: Mitigating Effects on Higher Education
2021-11-22 ADVISORY
Authenticated Remote Code Execution and Privilege Escalation in iDor iDM Server
2021-09-23 ADVISORY
iCloud Private Relay
2020-07-10 ADVISORY
Subdomain Takeover
2020-02-12 ADVISORY
Maintaining IT Services During a Health Incident
2020-02-07 ADVISORY
Microsoft Update to Enable LDAP Signing / Channel Binding – 2020H2
2019-09-20 ADVISORY:
Upcoming Browser DNS Changes and Impact to University IT Operations
2019-08-28 ADVISORY:
Multiple SSL VPN Vulnerabilities
2019-01-29 ADVISORY:
DNS Flag Day February 1, 2019
2018-01-05 ADVISORY:
Oracle WebLogic Vulnerability Being Exploited by Bitcoin Miners
2017-05-05 Public Service Announcement:
FBI PSA: Recent Fraud Schemes Targeting Universities and Their Students
2015-05-28 ADVISORY:
Logjam Vulnerability, and Hardening Your Cryptography
2015-02-09 ADVISORY:
Tax Fraud
2014-11-12 ADVISORY:
University Payroll Theft Scheme
2014-10-22 ALERT:
Muzzling the POODLE (While Cleaning Up Other Related Vulnerabilities, Too)
2014-09-25 ALERT:
CRITICAL vulnerability in bash (shellshock)
2014-04-10 ALERT:
CRITICAL Vulnerability In OpenSSL: HeartBleed
2014-03-10 ALERT:
NTP-Based Distributed Denial of Service Attacks -
Prevent your institution from being an unwitting partner in these attacks
Threat to institutional computer accounts by the Adobe breach
2013-05-08 ALERT:
Prevent your institution from being an unwitting partner in denial of service attacks