IT Security at Münster University

The IT Security Department provides advice and tips on how to protect yourself and your devices (e. g. computers, latops, smartphones) from IT security (often called cybersecurity) dangers. We provide recommendations for endusers as well as resources for administrators and news about currently present dangers.

The IT Security Department and the IT Security Management Team support the Chief Information Security Officer (CISO) in their daily work. The CISO is also the team lead for the IT Security Department. The WWU-CERT (Computer Emergency Response Team) is a part of the department as well and provides a central instance for coordination of information, problems and incidents regarding IT security. The organisational structure is defined in the Informationsecurity-Guideline of the Münster University.

26-01-2023

Warning about the new Version of Microsoft Outlook for macOS

Due to current information, we would like to warn you about the new version of Microsoft Outlook for MacOS, because the option "Synchronize with Microsoft Cloud" is activated by default when setting up IMAP accounts. As with the Microsoft Outlook app for Android and iOS, this option means a redirection of access data (e.g. passwords) as well as content via the Microsoft Cloud. Apart from the data protection issues involved, sharing access data in this way is prohibited by IT usage regulations.

28-11-2022

SIEM at WWU: Information about logging and analysis of data

The WWU-CERT operates a central logging infrastructure for the evaluation of security-relevant events, a so-called Security Information and Event Management System (SIEM). It is used to detect and resolve security incidents and thus to protect the WWU. For this purpose, security-relevant information (e.g., logs) is compiled in the system and analyzed by the WWU-CERT for anomalies with regard to IT security.
Various personal data are processed in the process, which is why it was decided to introduce the SIEM with the participation of the staff councils.
The deployment and use of the SIEM is governed by a service agreement.
Information on data being processed, storage periods, the technical structure and security measures, among other things, can be found in Appendix 1 of the service agreement.

13-12-2021

Extremely critical vulnerability "Log4Shell"

In the past few days information about a new vulnerability called "Log4Shell" (CVE-2021-44228) in the "log4j" component of many Java-based applications has been released. Every administrator has to check, if the vulnerable component is used by their service or system. In case a vulnerable version of log4j is used, it has to be updated immediately or a workaround has to be used.
Further information

20-01-2022

Update

New deputy CISO

Due to the longer absence of the current Chief Information Security Officer (CISO) Dustin Gawron from the IT Security department has been appointed deputy CISO.

More information about the role of the CISO can be found here.

20-01-2022 | Update

Warning about current scam e-mails

Several attempts of targeted scam via e-mail have been observed over the past few weeks. In those cases directors of different departments have been impersonated to send out e-mails with requests for assistance ("Are you available?"). The necessary information for impersonation as well as the e-mail addresses for the recipients usually have been extracted from public websites. If the recipient answers, the scammers ask the recipient to buy prepaid cards, e.g. Paysafe cards, and promise to reimburse them for the spent amount of money. As soon as the codes for redeeming those prepaid cards are transferred towards the criminals the money will, in most cases, be lost irretrievable since they will be redeemed immediately.

Read on