Wednesday, November 26, 2014


There is an issue with MATLAB that we are aware of and working to resolve with the vendor.

Happy Thanksgiving

Happy Thanksgiving from Manhattan College ITS!

Thursday, November 13, 2014

Updates to Banner Login Page Coming Soon.....

An updated Banner login page will be released to the campus community on Monday 11/24.  Enhancements to the login page will include an updated design, easier navigation, and the option of using you JasperNet ID for login (SSO).

The login page for Banner Self-Service ( was upgraded in spring 2013 to include a number of design and navigation enhancements as well as the integration of JasperNet Single-SignOn (SSO) allowing faculty, students, and administrators to access Self-Service with their JasperNet ID and password - eliminating the need to remember a separate Login ID and PIN.  Today, the same enhancements have been applied to the Banner login page.

Although the existing login page will still be available through 11/23, a "Sneak Peak" option is available to anyone who'd like to try the new page before it launches on Monday 11/24.  The temporary link to the new login page can be found on the current Banner menu at

The new login page consists of a completely updated design to better match the College website and other JasperNet services.  Prominent links will be available to login with both your JasperNet ID (SSO) or your Banner ID (Legacy).

Thursday, November 6, 2014

Phishing attacks on the Rise

Manhattan College ITS has seen a rising trend in the number and complexity of phishing attacks reported.  To raise awareness of this alarming trend, the following information is being reposted from the Google Online Security Blog.

recent poll in the U.S. showed that more people are concerned about being hacked than having their house robbed. That’s why we continue to work hard to keep Google accounts secure. Our defenses keep most bad actors out, and we’ve reduced hijackings by more than 99% over the last few years.

We monitor many potential threats, from mass hijackings (typically used to send lots of spam) to state-sponsored attacks (highly targeted, often with political motivations).

This week, we’re releasing a study of another kind of threat we’ve dubbed “manual hijacking,” in which professional attackers spend considerable time exploiting a single victim’s account, often causing financial losses. Even though they’re rare—9 incidents per million users per day—they’re often severe, and studying this type of hijacker has helped us improve our defenses against all types of hijacking.

Manual hijackers often get into accounts through phishing: sending deceptive messages meant to trick you into handing over your username, password, and other personal info. For this study, we analyzed several sources of phishing messages and websites, observing both how hijackers operate and what sensitive information they seek out once they gain control of an account. Here are some of our findings:

  • Simple but dangerous: Most of us think we’re too smart to fall for phishing, but our research found some fake websites worked a whopping 45% of the time. On average, people visiting the fake pages submitted their info 14% of the time, and even the most obviously fake sites still managed to deceive 3% of people. Considering that an attacker can send out millions of messages, these success rates are nothing to sneeze at.
  • Quick and thorough: Around 20% of hijacked accounts are accessed within 30 minutes of a hacker obtaining the login info. Once they’ve broken into an account they want to exploit, hijackers spend more than 20 minutes inside, often changing the password to lock out the true owner, searching for other account details (like your bank, or social media accounts), and scamming new victims.
  • Personalized and targeted: Hijackers then send phishing emails from the victim’s account to everyone in his or her address book. Since your friends and family think the email comes from you, these emails can be very effective. People in the contact list of hijacked accounts are 36 times more likely to be hijacked themselves. 
  • Learning fast: Hijackers quickly change their tactics to adapt to new security measures. For example, after we started asking people to answer questions (like “which city do you login from most often?”) when logging in from a suspicious location or device, hijackers almost immediately started phishing for the answers.

We’ve used the findings from this study, along with our ongoing research efforts, to improve the many account security systems we have in place. But we can use your help too.

  • Stay vigilant: Gmail blocks the vast majority of spam and phishing emails, but be wary of messages asking for login information or other personal data. Never reply to these messages; instead, report them to us. When in doubt, visit websites directly (not through a link in an email) to review or update account information.
  • Get your account back fast: If your account is ever at risk, it’s important that we have a way to get in touch with you and confirm your ownership. That’s why we strongly recommend you provide a backup phone number or a secondary email address (but make sure that email account uses a strong password and is kept up to date so it’s not released due to inactivity).
  • 2-step verification: Our free 2-step verification service provides an extra layer of security against all types of account hijacking. In addition to your password, you’ll use your phone to prove you’re really you. We also recently added an option to log in with a physical USB device.

Take a few minutes and visit the Secure Your Account page, where you can make sure we’ve got backup contact info for you and confirm that your other security settings are up to date.

Posted by Elie Bursztein, Anti-Abuse Research Lead

Reposted from the Google Online Security Blog:

Wednesday, November 5, 2014

A/V Upgrades in RLC 102, 104, 105, and 107

Over the summer, the IT department upgraded the A/V equipment in RLC 102, 104, 105, and 107.  The addition of speakers, an AirPlay device, and a Pixie control unit in each room make the rooms more versatile than ever before.

The Pixie control unit sits on the top of the teacher's desk (see images below).  It allows for a laptop (or other personal device with an appropriate adaptor) to be connected to the projector via a VGA cable. It also allows for audio to be played over the new speakers via a standard 1/8" audio jack.

The AirPlay device also allows for the transfer of audio and visual data to the projector, except it does so wirelessly!  That's right, no more tangled wires.  Just a couple clicks of the mouse and your device is seamlessly connected to the projector.