Menu
Log in

OKLAHOMA society for technology in Education

<< First  < Prev   1   2   Next >  Last >> 
  • 05/20/2021 1:42 PM | Troy Rhoads (Administrator)

    The Oklahoma State Department of Education (OSDE)’s annual summer education conference, EngageOK on the Road, has once again been transformed into EngageOK in the Cloud.

    Mark your calendars for June 21-23 and join us for free online professional development. This three-day conference will feature a variety of breakout sessions via Zoom.

    View the conference agenda and other details at http://engage.ok.gov/in-the-cloud/.

    We look forward to spending this summer with you in the cloud!

    If you have questions, contact Amanda Jones at amanda.jones@sde.ok.gov.

    Register today to secure your spot. Registering will allow you to access conference details and receive event-specific communication before, during, and after the eve


  • 05/20/2021 8:35 AM | Dee Benson (Administrator)

    This past year, dining tables became desks. Chat rooms became classrooms. School is no longer just one place – it’s many.

    Now, we have the unique opportunity to turn this new normal into a better normal. And it starts with your invitation to The Anywhere School 2021, a free online event that gives education leaders, IT administrators, and teachers the product updates and tools to prepare for – and rebuild – the future of learning.

    Find out more here!


  • 05/17/2021 8:51 AM | Dee Benson (Administrator)

    Designed for teachers, tech coaches and directors, and librarians and media specialists, ISTE U's Summer Learning Academy 2021 will ensure that you and your team are taking the best of what you’ve learned forward.

    https://summerlearningacademy.iste.org/


  • 04/30/2021 2:23 PM | Dee Benson (Administrator)

    This morning, the FCC announced that on May 12, 2021, eligible households will be able to apply for the Emergency Broadband Benefit.

    Beginning on May 12 households can apply in three ways: 

    1.      Contact your preferred participating broadband provider directly to learn about their application process.  

    2.      Go to GetEmergencyBroadband.org to apply online and to find participating providers near you. 

    3.      Call 833-511-0311 for a mail-in application, and return it along with proof of eligibility to: Emergency Broadband Support Center 

    P.O. Box 7081  

    London, KY 40742 


  • 04/28/2021 11:14 AM | Dee Benson (Administrator)

    The Emergency Broadband Benefit will provide a discount of up to $50 per month towards broadband service for eligible households and up to $75 per month for households on qualifying Tribal lands. Eligible households can also receive a one-time discount of up to $100 to purchase a laptop, desktop computer, or tablet from participating providers if they contribute more than $10 and less than $50 toward the purchase price.

    The Emergency Broadband Benefit is limited to one monthly service discount and one device discount per household.

    https://www.fcc.gov/broadbandbenefit


  • 04/13/2021 9:20 AM | Dee Benson (Administrator)

    OSDE is seeking applicants to serve as content experts for the upcoming subject-cycle review of instructional materials submitted to the Oklahoma State Textbook Committee. Individuals selected to serve on the State Textbook Committee content review teams will receive training and access to all vendor-based materials for the subject area they will be asked to review.
    Individuals can apply to participate in the following content review teams:
    PreK-12 Computer Science
    PreK-12 Technology Education
    Access the application and learn more about the process at https://sde.ok.gov/hqim/review-teams
    Applications are due April 30.


  • 12/17/2020 9:18 AM | Jeffery Herbel (Administrator)

    The Cybersecurity and Infrastructure Security Agency (CISA) has seen an increase in malicious activity with ransomware attacks against K-12 educational institutions. Malicious cyber actors are targeting school computer systems, slowing access, and rendering the systems inaccessible to basic functions, including remote learning. In some instances, ransomware actors stole and threatened to leak confidential student data unless institutions paid a ransom.

    Since March, uninvited users have disrupted live-conferenced classroom settings by verbally harassing students, displaying pornography and violent images, and doxing meeting attendees.

    For detailed information on these threats and actions to take, visit the Joint Cybersecurity Advisory on this topic, jointly developed by CISA, FBI, and the Multi-State Information Sharing and Analysis Center.

    Find more info here

  • 12/14/2020 4:00 PM | Jeffery Herbel (Administrator)

    TLP: WHITE

    MS-ISAC CYBERSECURITY ADVISORY

    MS-ISAC ADVISORY NUMBER:

    2020-166

    DATE(S) ISSUED:

    12/14/2020

    SUBJECT:

    Multiple Vulnerabilities in SolarWinds Orion Could Allow for Arbitrary Code Execution

    OVERVIEW:

    Multiple Vulnerabilities have been discovered in SolarWinds Orion, the most severe of which could allow for arbitrary code execution. SolarWinds Orion is an IT performance monitoring platform that manages and optimizes IT infrastructure. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

    THREAT INTELLIGENCE:

    The Cybersecurity and Infrastructure Security Agency (CISA) released an alert detailing active exploitation of the SolarWinds Orion Platform software versions 2019.4 HF 5 through 2020.2.1 HF 1.

    SYSTEMS AFFECTED:

    ·     SolarWinds Orion Platform versions 2019.4 through 2020.2.1 HF 1

    RISK:

    Government:

    ·     Large and medium government entities: High

    ·     Small government entities: High

    Businesses:

    ·     Large and medium business entities: High

    ·     Small business entities: High

    Home users: Low

    TECHNICAL SUMMARY:

    Multiple Vulnerabilities have been discovered in SolarWinds Orion, the most severe of which could allow for arbitrary code execution. Details of these vulnerabilities are as follows:

    ·     A security vulnerability due to a define visual basic script (CVE-2020-14005)

    ·     An HTML injection vulnerability (CVE-2020-13169)

    Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

    RECOMMENDATIONS:

    We recommend the following actions be taken:

    ·     Apply appropriate updates provided by SolarWinds to vulnerable systems, immediately after appropriate testing.

    ·     Run all software as a non-privilege user (one without administrative privileges) to diminish the effects of a successful attack.

    ·     Remind users no to visit un-trusted websites or follow links provided by unknown or un-trusted sources.

    ·     Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from un-trusted sources.

    ·     Apply the Principle of Least Privilege to all systems and services.

    REFERENCES:

    SolarWinds:

    https://www.solarwinds.com/securityadvisory

    US-CERT:

    https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software

    FireEye:

    https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

    GitHub:

    https://github.com/fireeye/sunburst_countermeasures

    https://gist.github.com/alert3/c9dcce5474e55f408c93c086c30cdbb7

    CVE:

    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14005

    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13169            

    TLP: WHITE

    Disclosure is not limited. Subject to standard copyright rules, TLP: WHITE information may be distributed without restriction.

    http://www.us-cert.gov/tlp/

  • 03/02/2020 4:01 PM | Cory Boggs (Administrator)

    A bill introduced in the U.S. Senate on December 16, 2019 would order the Department of Homeland Security to undertake a thorough review of the cybersecurity policies of public school systems across the country and enact a set of guidelines and tools designed to help local education officials protect institutional and student data from ransomware and other online threats.

    https://edscoop.com/k12-cybersecurity-act-2019-dhs/

  • 02/22/2020 3:40 PM | Jeffery Herbel (Administrator)

    School districts in Oklahoma and across the nation may not be aware of the changes to 911 and how those changes must be implemented in their districts. The Oklahoma Technology Association wants to make sure that Oklahoma school districts are ready for this change. Here is what you need to know! 

    Public Safety and Homeland Security Bureau Announces January 6, 2020, Effective Date of New Rules Implementing Kari's Law And Section 506 of RAY BAUM'S Act - 911 Changes: FCC’s Report and Order implementing Kari’s Law and RAY BAUM’s ACT (Vol. XVI, Issue 31)


    Kari's law and RayBaum's Act are laws for the MLTS (Multi Line Telephone Systems). MLTS Operators/Installers have to correctly configure to meet compliance. 

    MLTS are anyone that have more then one phone line in their location, such as hotels, business offices, schools, etc.

    What is Kari's Law :
    1. Requires Multiline Telephone Systems (MLTS) "School Districts" to enable callers to place "911" calls with no prefix
    Manufacturers/importers/sellers/lessors must preconfigure systems to enable direct-to-911, but can optionally allow other call patterns (e.g., 9-911)
    Those installing/managing/operating MLTS must configure direct-to-911. You must be able to pick up a phone anywhere in a building and dial 911 without having to dial 9 to get an outside line and then dial 911.

    2. Requires notification to another location or party of the emergency call.  When 911 is dialed in a school, someone in the bldg. must also be notified. Such at secretary, principal or campus police. 


    What is the RayBaum Act :
    3. Requires MLTS to ensure that dispatchable location is conveyed with a 911 call.  Within one year of the effective date, “dispatchable location” information, such as the street address, floor level, and room number of a 911 caller must be conveyed with 911 calls from fixed MLTS devices.

    The effective date was January 6, 2020, therefore all school districts must be able to provide dispatchable location data when 911 is dialed by January 6, 2021. 

    School districts that do not have the staff to preform these changes to their phone system should take caution and review any company that contacts them about providing this services. As these changes are very important to the safety of schools, making sure you use a company that can do that job and do it right the first time is critical. 


    Below is more information related to the new 911 regulations posted by the FCC recently and will take effect

    Implementing Kari's Law and RAY BAUM'S Act; Inquiry Concerning 911 Access, Routing, and Location in Enterprise Communications Systems; Amending the Definition of Interconnected VoIP Service

    https://www.federalregister.gov/documents/2019/12/05/2019-20137/implementing-karis-law-and-ray-baums-act-inquiry-concerning-911-access-routing-and-location-in

    Shorter version:

    https://www.natlawreview.com/article/telecom-alert-pai-asks-congress-to-revoke-t-band-auction-fcc-maintains-rf-exposure

    The FCC’s Report and Order implementing Kari’s Law and RAY BAUM’s ACT (Vol. XVI, Issue 31) was published in the Federal Register last week, setting the effective date for January 6, 2020.  Kari’s Law requires businesses and institutions that operate multi-line telephone systems (MLTS) to enable users to dial 911 directly without having to dial a prefix to reach an outside line.  The rules also require MLTS to notify a front desk or security office when a 911 call is made to facilitate building entry by first responders.  Within one year of the effective date, “dispatchable location” information, such as the street address, floor level, and room number of a 911 caller must be conveyed with 911 calls from fixed MLTS devices.  For non-fixed MLTS devices (soft phones), MLTS providers must convey automated dispatchable location information when technically feasible but may rely on the MLTS end user to provide location information manually, subject to at least one alternative. This requirement will take effect two years from the effective date.  Finally, the FCC’s 911 rules are now consolidated into a single rule part.


<< First  < Prev   1   2   Next >  Last >> 

Executive Director: Donna Campo

918-779-5530

PO Box 2502

Bartlesville, OK 74005

OKSTE is a 501(c)3 non-profit organization.

Copyright 2024

Powered by Wild Apricot Membership Software