IT Notices

Date Posted: 08/23/17 10:29 AM

We are experiencing issues with delivering email to certain domains, and we are working to resolve the issue.  Our email servers are not listed on any blacklists that we have found, but several users have reported non-delivery reports, especially to .edu and .gov domains.  Our testing shows that we can resolve the names and IP addresses of their email servers, but when we try to communicate with those servers, the traffic is blocked.  We are working to contact some of those domains to determine what email hygiene or firewall products they may be using, to see if we can determine an underlying cause.

We will keep you informed about the status of this situation.

 

Date Posted: 08/16/17 2:02 PM

Connectivity to LSUHSC Shreveport is once again unavailable.   We will advise when connectivity has been restored.

 

Date Posted: 08/16/17 12:39 PM

Connectivity to LSUHSC Shreveport has been restored.

 

Date Posted: 08/16/17 12:15 PM

Please be advised that connectivity to LSUHSC Shreveport is currently unavailable.   We suspect this outage is related to LONI fiber outages occurring in Northern Louisiana.   Updates will be provided when additional information becomes available.

 

 

Date Posted: 08/15/17 4:01 PM

We noticed Archive is prompting for credentials and not letting users to login with an error "401 - Unauthorized: Access is denied due to invalid credential", we are going to restart the services. Downtime is about 15 minutes. Will update when Archive is back up running.

 

Date Posted: 08/09/17 10:42 AM

We are repairing NearPoint installation on master node (EXCHNPM server) today starting at 5:00 PM.

Downtime during this maintenance is about 30 minutes.

 

Date Posted: 06/19/17 9:05 AM

New Phishing email - Subject Line: lsuhsc.edu: EMAIL ALERT

The body of the email reads:

Update your lsuhsc.edu account now,

click the link below to update

 Thank you!

Do not respond, or click on any links.  Please delete.

Date Posted: 06/16/17 2:15 PM

Supporters,
This weekend during the regular maintenance window (Saturday morning 3 am to 6 am), we will be applying the monthly Microsoft updates to the New Orleans campus Email and the LSU Health FileS servers.  Below are the affected servers and expected downtimes.
·         Exchange 2010 Mailbox servers (N.O.) – about 1 minute of total downtime as mailbox databases are switched over to alternate servers and back
·         Exchange 2013 Multirole servers (Enterprise) – no anticipated downtime as all current roles are redundant
·         LSU Health FileS server (Enterprise) – about 10 minutes downtime during which users will be unable to send or retrieve attachments
·         Lanfear server (Enterprise) – about 10 minutes downtime during which Listserv services will be unavailable.
 
Please contact Postmaster@lsuhsc.edu if you have any questions.

Date Posted: 06/15/17 12:33 PM

Issues logging into Office 365 using ADFS have been resolved via the Information Security team correcting an issue with one of the ADFS servers. If users encounter issues accessing Office 365 services please contact the Help Desk at  helpdesk@lsuhsc.edu  or 568-HELP (4378).

Date Posted: 06/15/17 10:55 AM

We are seeing intermittent issues logging using ADFS for Office 365 services. Information Security is looking into the issue.

 

Date Posted: 06/05/17 5:05 PM

The Production PeopleSoft Campus Solutions application will be unavailable Tuesday, June 6th, from 5:00pm to 8:00pm for maintenance.  During the maintenance, Academic Self-Service will be unavailable.  An email notification will be sent when the system is available.

 

Date Posted: 06/05/17 5:04 PM

The Production and Reports PeopleSoft HR/Payroll application will be unavailable Tuesday, June 6th starting at 6pm for about 10 minutes for maintenance.  During the maintenance, both databases as well as Employee Self-Service will be unavailable.  An email notification will be sent when the system is available.

Date Posted: 06/03/17 10:46 AM

LSUHSC-NO websites are once again available.

Earlier this morning:

Our public facing websites are currently inaccessible. Internal only sites such as Intranet seem unaffected. Moodle can be accessed through the VPN, but not the proxy also running on our internet servers. We are working with the appropriate support groups to resolve the issue.

Date Posted: 05/18/17 3:22 PM

Supporters,

This weekend during the regular maintenance window (Saturday morning 3 am to 6 am), we will be applying the monthly Microsoft updates to the New Orleans campus Email and the LSU Health FileS servers.  Below are the affected servers and expected downtimes.

 

·          Exchange 2010 Mailbox servers (N.O.) – about 1 minute of total downtime as mailbox databases are switched over to alternate servers and then switched back

·         Exchange 2013 Multirole servers (Enterprise) – no anticipated downtime as all current roles are redundant

·         LSU Health FileS servers (Enterprise) – about 10 minutes downtime during which users will be unable to send or retrieve attachments

·         Listserv servers (Enterprise) – about 10 minutes downtime during which Listserv services will be unavailable.

 

Please contact Postmaster@lsuhsc.edu if you have any questions.

Date Posted: 05/18/17 9:45 AM

New Phishing email - Invoice Information #1ZWNUY3784135 , and email shows picture of UPS Choice.   Do not respond, or click on any links.  Please delete.

Date Posted: 05/08/17 2:04 PM

According to the vendor, this issue has been resolved ahead of schedule. Please report any issues to telecom@lsuhsc.edu .

Date Posted: 05/08/17 12:46 PM

Good afternoon all,

 We have been notified by our paging vendor that there is an outage of paging services affecting users in the New Orleans area. The estimated time of repair is today at 3:30 PM CDT. If we are notified that the time has been changed or extended, a follow-up message will be sent; otherwise, this will serve as your only notice. See the information below for a workaround to reach pagers during the outage.

Please report any issues past the time of restoration to telecom@lsuhsc.edu .  

Outage Description: Callers dialing customers in Houma and New Orleans, LA with telephone numbers in area codes: 504, 985 may experience busy signals/dead air or a telephone company recorded message when dialed due to a telemarketing auto-dialer. Only dialed telephone calls are affected. All other messaging methods are still operational.

Current Status: Callers may use over dial (504) 521-0800 and enter the ten digit pager number to complete calls until service has been restored.

 

 

Date Posted: 05/05/17 10:53 AM

Supporters,

In working with Microsoft to resolve the Search Issues described below, we need to reboot one of the Exchange servers today at noon.  We will be moving the active databases onto another server in order to do the reboot, so users will experience about 30 seconds of downtime as we move the databases over, and again when we move them back.  While the users are on this secondary server, they will all be unable to perform searches, but this should only be for about 10 minutes.  We will notify when all databases are back on the primary server and search functionality is restored.

 

Date Posted: 05/04/17 10:49 AM

Several LSUHSC-NO users have reported issues with searching in Outlook.  The problem pertains to the Content Index on two of the Exchange 2013 databases, and only users with mailboxes in those databases are affected.  We have a case open with Microsoft, and we are working to resolve this.   If anyone encounters any issues with searching, please contact the help desk to report the issue.

Date Posted: 05/01/17 1:45 PM

Dental School Campus:

In order to install the permanent fix to the electrical circuit for the Network and Phone systems, these services will be powered down at 5:30pm today.  Downtime is expected to be 30-60 minutes.  This will not affect any other power in the building.

Below are all of the services that will be affected:

Internet Access

Servers and databases (Axium, Schick Xrays, Terminal Server)

Phone system

 

Date Posted: 04/27/17 9:53 AM

Facility services has installed temporary cabling to by-pass the defective transformer.  Networking and telephone services are now restored to the Dental School.  An after-hours electrical maintenance will be scheduled by Facility Services to replace the faulty transformer.

 

Date Posted: 04/27/17 9:22 AM

Please be advised that Dental School had a transformer in the computer room on 5th floor short out earlier this morning.   As a result, all network connectivity to the Dental School is down.   In addition, since all telephone equipment located in the computer room is without power, telephone services to/from the Dental School is currently unavailable.  

 

Facility Services has advised that a replacement transformer has been located but no estimate time to repair has been provided.   As more information becomes available, updates will be provided.

 

Thank you.

 

Date Posted: 04/25/17 4:24 PM

We will be rebooting our email threat management gateway server tonight after 10 PM. Downtime will be about 15 minutes during which users will unable to access email from off network (including OWA and ActiveSync mobile devices).  Email is still accessible through Citrix and Remote VPN.
Please contact Postmaster if you have any questions on this.
Thank you.

Date Posted: 04/25/17 3:36 PM

Supporters,

Postmaster started receiving emails that users are having issues accessing their mail on their mobile device. Issues reported include excessive automatic refresh of the email listing and mail not synchronizing on their mobile device. We are investigating and please report any mobile device issue to Postmaster, or the Help Desk.

Date Posted: 04/23/17 3:07 PM

To resolve remaining concerns with the Exchange Virtual Machines, at 5:00 pm today the email group will take the Exchange servers offline so the server group can shutdown the servers and reboot the VMWare ESX hosts.  This will create approximately 30 minutes of downtime impacting the services below.

Impacted Services:

  • N.O. - All mailbox services
  • HCSD – internet mail, inter-site mail, and off network client access
  • SHV – internet mail and inter-site mail

 

Date Posted: 04/22/17 2:12 PM

Supporters,

We are again having issues with the Virtual Machines hosting our Email servers.  Some users will be unable to access their mailboxes, and there will be some delays in message delivery.  We are working with the Server Group to resolve.

 

Date Posted: 04/17/17 5:12 PM

Please beware of the phishing email below. Please delete.

_______________________________________________

From: "Nevils, Bobby" <BNevi1@lsuhsc.edu>

Date: April 17, 2017 at 4:06:11 PM CDT

Subject: email alert

Your lsuhsc.edu e-mail has Exceeded its Limit and Needs Verification.

Click the Below Link to Verify your Email Account Now

 

Click here to Update

 

Than you.

Date Posted: 04/13/17 10:37 AM

Beware of phishing email shown below. Please delete.

 

___________________________________________________________

From: "Mercado, John C."
Date: Thursday, April 13, 2017 at 9:50 AM
Subject: Email alert

 

Update your lsuhsc.edu account now,

click the link below to update.

 

Click here  to update.

 

Thank you!

Date Posted: 04/10/17 10:43 AM

https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

 

Booby-trapped Word documents in the wild exploit critical Microsoft 0day

There’s currently no patch for the bug, which affects most or all versions of Word.

Dan Goodin  -  

Ars Technica | 4/8/2017, 3:00 PM 

There's a new zeroday attack in the wild that's surreptitiously installing malware on fully-patched computers. It does so by exploiting a vulnerability in most or all versions of Microsoft Word.

The attack starts with an e-mail that attaches a malicious Word document, according to a blog post published Saturday by researchers from security firm FireEye. Once opened, exploit code concealed inside the document connects to an attacker-controlled server. It downloads a malicious HTML application file that's disguised to look like a document created in Microsoft's Rich Text Format. Behind the scenes, the .hta file downloads additional payloads from "different well-known malware families."

The attack is notable for several reasons. First, it bypasses most exploit mitigations: This capability allows it to work even against Windows 10, which security experts widely agree is Microsoft's most secure operating system to date. Second, unlike the vast majority of the Word exploits seen in the wild over the past few years, this new attack doesn't require targets to enable macros. Last, before terminating, the exploit opens a decoy Word document in an attempt to hide any sign of the attack that just happened.

The zeroday attacks were first reported Friday evening by researchers from security firm McAfee. In a blog post, they wrote:

The exploit connects to a remote server (controlled by the attacker), downloads a file that contains HTML application content, and executes it as an .hta file. Because .hta is executable, the attacker gains full code execution on the victim's machine. Thus, this is a logical bug [that] gives the attackers the power to bypass any memory-based mitigations developed by Microsoft. The following is a part of the communications we captured:

The successful exploit closes the bait Word document and pops up a fake one to show the victim. In the background, the malware has already been stealthily installed on the victim's system.

The root cause of the zeroday vulnerability is related to the Windows Object Linking and Embedding (OLE), an important feature of Office. (Check our Black Hat USA 2015 presentation in which we examine the attack surface of this feature.)

FireEye researchers said they have been communicating with Microsoft about the vulnerability for several weeks and had agreed not to publicly disclose it pending the release of a patch. FireEye later decided to publish Saturday's blog post after McAfee disclosed vulnerability details. McAfee, meanwhile, said the earliest attack its researchers are aware of dates back to January. Microsoft's next scheduled release of security updates is this Tuesday.

Zeroday attacks are typically served only on select individuals, such as those who work for a government contractor, a government agency, or a similar organization that's attractive to nation-sponsored hackers. Still, it's not uncommon for such attacks to be visited on larger populations once the underlying zeroday vulnerability becomes public knowledge.

People should be highly suspicious of any Word document that arrives in an e-mail, even if the sender is well known. The attacks observed by McAfee are unable to work when a booby-trapped document is viewed in an Office feature known as Protected View. Those who choose to open an attached Word document should exercise extreme caution before disabling Protected View. There's no word yet if use of Microsoft's Enhanced Mitigation Experience Toolkit prevents the exploit from working.

Date Posted: 04/03/17 10:29 AM

We continue to work with Veritas Enterprise Vault Technical Support to make sure this problem is fully resolved.   With their guidance, we have implemented some steps we believe may resolve the issue.  At this time archive file Recalls are again enabled, and the system appears to be stable.  We continue to monitor the situation.  Please report any new issues to the Help Desk.

 

Date Posted: 03/31/17 10:59 AM

Unfortunately, in order to stabilize the responsiveness of ENTFILESRVR and of Citrix, we have had to stop and disable the Enterprise Vault File System Archiving Services on ENTFILESRVR.    The result is that for the time being it is not possible recall any archived file (one with a gray icon overlay in the lower left corner) simply by double-clicking it).    Users who have an urgent need to recall a file should contact Enterprise Server Support or the Help Desk, and we will do our best to assist with the request, while we are also working the primary issue.

 

While it is possible that tonight’s scheduled reboot of ENTFILESRVR may help resolve this issue, we will go ahead and open a case with Symantec in case it does not.

Date Posted: 03/30/17 11:44 AM

It has come to our attention that some LSUHSC-NO employees have been victimized by a sophisticated phishing scam that resulted in fraudulent IRS tax returns being filed under their names.  More information about these scams can be found on the following IRS web page:

https://www.irs.gov/uac/newsroom/irs-states-and-tax-industry-warn-of-last-minute-email-scams

If you believe you may have been a victim of such a scam, additional information and resources can be found on this IRS web page:

https://www.irs.gov/individuals/identity-protection

To address the serious problem of identity theft, LSUHSC-NO IT is planning to implement multi-factor authentication (MFA).  MFA is used by online websites that seek a second level of authentication to verify your identity and prevent hackers from gaining access to your personal information, even if hackers have acquired your user ID and password through a scam.  In the meantime, LSUHSC-NO reminds all employees that phishing scams are at an all-time high and every email should be treated with a healthy degree of skepticism, especially emails that come from outside the lsuhsc.edu network. Questions to ask oneself when evaluating an email include but are not limited to the following:

  • Was the email unexpected? (i.e. There was no earlier email or other announcement letting you know to expect this message or the message is not part of the normal business routine.)
  • Is the sender a title rather than an individual’s name? (e.g. from "HR Department" instead of the name of the HR director) Does the message start with "*EXTERNAL EMAIL: EVALUATE*"?
  • Does it ask you to take an action such as clicking on a link or an attachment, or transferring funds?
  • Does it ask for your username and password?
  • Does it create a sense of fear or urgency by stating or implying dire consequences for failing to act (e.g. access will be suspended, important document attached, etc.)?

 

If the answer to any of these questions is "Yes", send the email as an attachment (CTRL+ALT+F) to SPAM@lsuhsc.edu or contact your IT supporter for investigation.  Do not, under any circumstances, use any of the links or rely on any information from an email you feel may be suspicious.

More information about phishing emails is available in your HIPAA Security – Social Engineering training on KDS. If you have completed the training and would like to review the lesson’s content, you can do so at the following link:

http://www.lsuhsc.edu/administration/ocp/docs/HIPS-SE.pdf

Remember:

  • We don’t know your password and don’t need to know it to get our job done. We, or any legitimate site, would never ask for it, especially in response to an email.
  • Be very suspicious of requests to verify your account or mailbox for any reason, particularly due to exceeding limits or preventing deactivation. LSUHSC IT knows owner and access information and does not need to ask you this in an email.
  • Never divulge your SSN, bank account, or other such sensitive information via an email. LSUHSC-NO already has all the information needed for administrative purposes. Legitimate sites will not ask for this information via email.
  • Be suspicious of any email asking you to click on a link. Clicking on a link could install malware on your computer to be used by the perpetrator to gain access to the LSUHSC network.
  • Hover your cursor over all links in the email to determine if any of the URLs go to a web address other than the proposed sender’s site before clicking on the link.

 

Your user ID and password contain the keys to your identity. Keep your password confidential.

Date Posted: 03/29/17 3:44 PM

We are receiving emails about two major issues, with Office 365, today from supporters and students

1. Students in Office 365 that are not appearing in the GAL

2. Students unable to access their email.

We are presently working on this issue. We will send out updates as they occur.

 

Date Posted: 03/28/17 9:56 AM

We need to complete an additional upgrade to our Enterprise Vault File System Archiving software, this time from version 10.0.4, to version 11.0.1.  We are proposing Thursday, March 30th, at 5:00 pm to begin the upgrade process, which we expect will require about 2 - 3 hours of downtime.   During the proposed maintenance, it will not be possible to recall individual files from the archive, and we will not be able to process any requests for completing "bulk recalls" of all files within a particular folder tree.   

By design, the only files that have ever been eligible to be archived are those files that no one has accessed in at least 6 months, so any files that you have viewed or modified in the recent past should remain accessible throughout this maintenance.    Only those files that have not been accessed in more than 6 months, and then were archived, will become unavailable for the duration of the maintenance.

Once the maintenance has completed, you will again be able to retrieve individual archived files simply by double-clicking their icons, without any need to take any additional steps on your workstation.   There will be no change to the end user experience as result of this upgrade.

If you anticipate any upcoming needs for bulk recalls, we will be happy to work with you in advance of March 30th to complete them.

 

Date Posted: 03/14/17 11:14 AM

New Phishing/Spam email - Do not Respond, Just delete.  Subject of email is "Important Security Warning"

Date: March 14, 2017 at 9:57:29 AM CDT
To: undisclosed-recipients:;
Subject:Important Security Warning

*EXTERNAL EMAIL: EVALUATE*

Dear LSU Health New Orleans E-mail User,

 

This message is from LSU Health New Orleans:   LSUHSC.EDU   Support Help Desk,We are currently upgrading our   LSUHSC.EDU   database and e-mail account center i.e homepage view, enhance security installations of new 2017 anti-spam and anti-virus software, large mailbox space.

 

Kindly verify your e-mail within 24 hours or your e-mail will be temporarily  suspended.  Click Verify   to verify your e-mail.

 

Thanks for your co-operation,

 

LSUHSC.EDU   IT Helpdesk,

LSUHSC.EDU   Support Help Desk,

© 2017 Regents of the LSU Health New Orleans.

 

Date Posted: 03/09/17 2:23 PM

Information Security will be updating the SSL VPN firmware at 6:00 AM on Friday March 10, 2017. There is no expected downtime. Please contact Information Security if you have any questions or concerns.

Date Posted: 03/09/17 2:00 PM

This weekend during the regular maintenance window (Saturday morning 3 am to 6 am), we will be applying the monthly Microsoft updates to the New Orleans campus Email and the LSU Health FileS servers.  Below are the affected servers and expected downtimes.

  • Exchange 2010 Mailbox servers (N.O.) – about 1 minute of total downtime as mailbox databases are switched over to alternate servers and back
  • Exchange 2013 Multirole servers (Enterprise) – no anticipated downtime as all current roles are redundant
  • LSU Health FileS server (Enterprise) – about 10 minutes downtime during which users will be unable to send or retrieve attachments
  • Lanfear server (Enterprise) – about 10 minutes downtime during which Listserv services will be unavailable.

 

Date Posted: 03/07/17 9:38 AM

In order to remain supported by the vendor, the “File System Archiving” software that is used on all home shares and department shares that are hosted by LSUHSC must be upgraded.    This process will begin Tuesday, March 14th, at 5:00 pm and is expected to require about 4 hours of downtime.   During the maintenance, it will not be possible to recall individual files from the archive, or to process requests for “bulk recalls” of all files within a particular folder tree.    As a reminder, you can identify which (if any) of your files have been archived, by way of the gray-colored “X” found in the lower left of the file icon.

By design, the only files that have ever been eligible to be archived are those files that no one has accessed in at least 6 months, so any files that you have viewed or modified in the recent past should remain accessible throughout this maintenance.    Only those files that have not been accessed in more than 6 months, and then were archived, will become unavailable for the duration of the maintenance.

Once the maintenance has completed, you will again be able to retrieve individual archived files simply by double-clicking their icons, without any need to take any additional steps on your workstation.

If you anticipate any upcoming needs for bulk recalls, we will be happy to work with you in advance of March 14th to complete them.  Contact the help desk at helpdesk@lsuhsc.edu or 504-568-4357.

 

Date Posted: 02/07/17 1:39 PM

The PeopleSoft Financials Production application will be down for maintenance on Thursday, February 9 from 6:00 P.M. to midnight.  The application will be unavailable for use during that time.   

 

Date Posted: 02/07/17 12:37 PM

New Phishing/Spam email - Do not Respond, Just delete.  Subject of email is 'Important Message From HR Department'