information security

Symfony2 Application Security Guidelines

Symfony2 Application Developer Security Guidelines

Author: Ubani Balogun

Phishing for CashPro Passwords

[image of fishing hook]

A new "phishing" attack has targeted Penn. The phishing email claims, "This email is being sent to inform you that you have been granted a new digital certificate for use with Bank of America CashPro. Online." In actuality, the links in the email actually go to! It is an attempt to get you to reveal your Bank of America or American Express credentials. Don't fall for the con game!

Phishing Attempt Claims Library Account Expired

[image of fishing hook]

Doug Smullens of the University Library reports that faculty members are receiving fraudulent emails warning that their Penn Library accounts have expired. The email is an attempt to obtain your password!


Two-Step Verification

Two-step authentication is now available for PennKey users!

Guidelines for Secure Input Filters

As stated in the Drupal configuration pages, "Improper text format configuration is a security risk." 

Enable IPFW on Mac OS X

Apple's OS X includes two firewalls, but only one, the application firewall, is often utilized by end users.  When you examine the firewall settings though the Settings panel, what you see is

Limiting Incoming SSH Connections on Mac

SSH, or the Secure SHell, is an important tool for remote access and administration on a Mac computer.  Unfortunately, SSH is a common target for malicious attackers.  Examination of netw

Drupal JQuery DropDown 6.x-1.2 Approved

We have completed a security review of the jQuery Drop Down module (

Drupal Menu Trails 6.x-1.1 Approved

We have completed a security review of the Menu Trails module (


SAS Computing has licensed Absolute Software's Computrace as an option for all SAS Allocation Computers.

Computrace offers two important services in the event that your laptop is stolen.

Syndicate content