YALE-MSS-10: Network Exposure

Notice: Instructure Security Incident & Canvas Updates

Yale ITS is monitoring a reported cybersecurity incident affecting Instructure, the vendor behind Canvas. At this time, there is no known significant impact to Canvas services at Yale, and updates will be shared as more information becomes available.

Critical vulnerability in all versions of Linux.

Critical vulnerability in all versions of Linux. Please check with your vendor for updates and plan to apply patches as soon as possible. For more information, see: https://xint.io/blog/copy-fail-linux-distributions

See all Minimum Security Standards >>

YALE-MSS-10: Network Exposure

Standards

YALE-MSS-10.1: Disable unneeded ports, protocols, and services
YALE-MSS-10.2: Configure host firewalls to deny all unsolicited inbound traffic by default
YALE-MSS-10.3: Use a private IP address if direct internet access is not required