Notice: Instructure Security Incident & Canvas Updates

Yale ITS is monitoring a reported cybersecurity incident affecting Instructure, the vendor behind Canvas. At this time, there is no known significant impact to Canvas services at Yale, and updates will be shared as more information becomes available.

Read More

Critical vulnerability in all versions of Linux.

Critical vulnerability in all versions of Linux. Please check with your vendor for updates and plan to apply patches as soon as possible. For more information, see: https://xint.io/blog/copy-fail-linux-distributions

Read More

YALE-MSS-5.1.1: Utilize file integrity and configuration checking tools

Standard:
YALE-MSS-5.1: Utilize an industry-standard secure configuration method

YALE-MSS-5.1.1: Utilize file integrity and configuration checking tools

Low Risk Endpoint Not Required Moderate Risk Endpoint Not Required High Risk Endpoint Required for PCI Low Risk Server Not Required Moderate Risk Server Not Required High Risk Server Required for PCI Low Risk Mobile Device Not Required Moderate Risk Mobile Device Not Required High Risk Mobile Device Not Required Low Risk Network Printer Not Required Moderate Risk Network Printer Not Required High Risk Network Printer Not Required

Details

File integrity and configuration‑checking tools are required by PCI‑DSS because they help detect unauthorized changes to critical system files, configurations, and logs—changes that could indicate a security breach or compromise. These tools ensure systems remain in a known, secure state and provide early warning when something deviates from approved configurations, which is essential for protecting cardholder data.

Email information.security@yale.edu for assistance.