It is a busy month at the Bell Center. Here’s what’s happening:

Sept. 20: Join Drake Rec for a Circus Arts workshop on Sept. 20 at 5 p.m.

Sept. 19: Join the Coalition of Black Students for a fun workout class on Sept. 19 at 4 p.m.

Sept. 27: Join La Fuerza Latina for their dance marathon from 5–8 p.m. on Sept. 27.

As always, check the Drake Rec app for more details and be sure to check out our weekly classes, including Spin, Karate, Dance Fusion, and Ballet Sculpt.

— Gail Witte, Recreational Services

At Cowles Library, we are committed to curating a diverse range of digital and physical materials, available for the entire campus to explore and enjoy. Every month, our librarians spotlight important topics that resonate with the community, supporting both academic and personal interests.

This month, we are proud to feature Banned Books Week and Hispanic Heritage Month.

Celebrate Hispanic Heritage Month
Cowles Library honors Hispanic Heritage Month with a curated collection that celebrates the rich and vibrant history, culture, and contributions of Hispanic communities. Dive into a selection of fiction, nonfiction, and films that showcase this legacy through art, history, and powerful storytelling.

Banned Books Week: September 22–28
Join us in recognizing Banned Books Week, a celebration of the freedom to read. Since 1982, Banned Books Week has highlighted the importance of open access to information. Our collection sheds light on challenged and banned books, inviting you to reflect on the ongoing efforts to protect intellectual freedom.

Stop by Cowles Library or visit our Featured Collections page online to explore these and other highlighted materials. We look forward to sharing these collections with you!

— Joanna Stankiewicz, Cowles Library

 

Join Stories to Tell My Daughter for a powerful storytelling experience that centers the lived experiences of Black women and women of color. This free event is open to all and takes place on Sunday, Sept. 15, at 4 p.m. in the Olmsted Center. This event is supported by the Slay Fund. View more information on Eventbrite.

— Terrance Pendleton, Associate Provost for Campus Equity and Inclusion

THE SPEAKING CENTER OPENS ON MONDAY, SEPT. 16

WHAT WE DO: The Speaking Center’s trained peer tutors can help with:

• Preparing, composing, and delivering speeches and presentations
• Selecting and narrowing down topics for public speaking
• Organizing, outlining, and drafting ideas
• Preparing visual aids and practicing delivery
• Navigating situational anxiety related to public speaking, stereotype threat, and/or impostor syndrome

Tutors can also advise on initiating difficult conversations and participating in interactive discussions.

We can accommodate students who need presentations to be recorded in a private venue for a small audience.

HOW TO SIGN UP TO VISIT: We are now using Starfish for scheduling! Please go here to book an appointment with a tutor.

WHERE WE ARE: The Speaking Center is located in Cowles Library, Room 039. Please follow the signs through the tutoring areas back to the SW corner.

WHAT TO EXPECT: Appointments are 30 minutes each. For the most productive session possible, students should bring information about the assignment or situation, and, if possible, notes on past public speaking experiences and current concerns.

IF YOU HAVE QUESTIONS please contact Prof. Megan Brown, Director of Writing (megan.brown@drake.edu.

–Megan Brown, College of Arts and Science

The Greater Des Moines Partnership announced that it will partner with Drake University and the Association of Latino Professionals for America (ALPFA) Des Moines to host a Multicultural Reception on Thursday, Sept. 26. Multicultural Receptions provide opportunities for those in Greater Des Moines (DSM) to develop new relationships with others who are passionate about building an inclusive community for the region. The event will take place at Drake University – The Olmsted Center Parents Hall from 5:30–8:30 p.m.

“We are grateful to partner with Drake University and ALPFA for our September Multicultural Reception,” said Stacey Robles, Diversity, Equity and Inclusion Manager at The Partnership. “Events like these are vital in fostering connections among people from many different backgrounds. We encourage attendees to learn from each other and build new relationships.”

The event will feature a roundtable discussion focused on the different aspects of mentorship.

“We are looking forward to taking part in this event that celebrates diversity and fosters mentorship, creating opportunities for meaningful connections and growth within our community,” said Manuel Gutierrez, Chapter President of ALPFA Des Moines.

“Drake University is excited to host this Multicultural Reception on our campus, bringing together diverse voices and perspectives that reflect the vibrant community we serve. We believe in the power of education and collaboration to build a more inclusive future,” said Dr. Terrance Pendleton, Associate Provost for Campus Equity and Inclusion with Drake University. “This event is a wonderful opportunity to further that mission.”

Learn more and register for this free event here.

— Terrance Pendleton, Associate Provost for Campus Equity and Inclusion

The library faculty have created a set of guiding principles to consider when using generative AI tools in the research and scholarship process.  This was done in an effort to help educate the students, staff, and faculty of Drake University on the benefits and risks of generative AI, especially with regards to searching, finding, and evaluating information.

The library faculty have also created a concise version of those guiding principles.

Please contact Priya Shenoy at priya.shenoy@drake.edu or Dan Chibnall at dan.chibnall@drake.edu if you have any questions.

–Teri Koch, Cowles Library

Cody Dolinsek, adjunct professor of philosophy at Drake, will deliver a lecture titled “Disability and Religion: A Dialogue of Dissonance in Search of Harmony” on Sept. 12 at 6 p.m. in Sussman Theater, Olmsted Center. The event will be accessible via Zoom. The lecture is part of The Comparison Project’s Lecture and Dialogue Series.

— Catalina Samaniego, senior, College of Arts & Sciences

On Thursday, September 19 at 4:30pm, ITS staff will be updating an SSO security certificate related to Blackboard logins. The update will not make Blackboard unavailable, but it may cause your course materials to appear unavailable. If you experience issues accessing your course materials, fully quit your browser, restart it, and log back in to Blackboard. 

If you have any access issues with Blackboard after this update, contact us by submitting a ticket though the ITS service portal or by calling the Support Center at 515-271-3001.

–Becky Klein, ITS

Claire, an IT technician on a beautiful college campus, handles cybersecurity for faculty and staff. One fall afternoon, she receives a frantic call from a professor who suddenly can’t login to their email account. Claire quickly realizes something is wrong when the system logs show multiple unauthorized login attempts, including from overseas. She asks, and the professor recalls approving a strange MFA notification earlier that day, assuming it was a routine verification. Within minutes, the attacker hijacked the account, gaining access to sensitive student records and research files. The breach sends ripples through the campus, shaking the college’s reputation and causing panic among faculty and students alike. Claire knows that a single MFA hijack has put years of work and trust at risk, reminding her how crucial it is to stay vigilant. 

Understanding MFA 

Multi-factor authentication (MFA) provides an extra layer of protection beyond a password. By requiring a second form of verification, MFA aims to make it significantly harder for attackers to gain unauthorized access to accounts. However, as security measures evolve, so do cybercriminals’ tactics. One of the latest threats in this ongoing battle is MFA hijacking. Drake ITS staff have seen recent instances of MFA hijacking that’s allowed attackers to compromise accounts. 

What is MFA Hijacking? 

MFA hijacking refers to compromising the multi-factor authentication process to gain unauthorized access to accounts or systems. This includes stealing authentication tokens, intercepting one-time passwords (OTPs) such as those sent via text message (SMS), or exploiting vulnerabilities in the MFA implementation itself. 

How MFA Hijacking Works 

1. Phishing Attacks: One of the most common methods used in MFA hijacking is phishing. Attackers trick users into revealing their credentials and the second authentication factor, often by creating fake login pages that mimic legitimate websites. Once the user enters their username and password, the attacker can capture them in real-time and use them to gain access. 
2. Man-in-the-Middle (MitM) Attacks: In a MitM attack, cybercriminals intercept the communication between the user and the authentication service to capture the authentication token or OTP and use it to log in as the legitimate user. 
3. SIM Swapping: In this attack, the criminal convinces a mobile carrier to transfer the victim’s phone number to a SIM card controlled by the attacker. Once they have control of the victim’s phone number, they can receive the SMS-based OTPs and complete the MFA process. 
4. Session Hijacking: Attackers may hijack an active session if they gain access to the cookies or tokens stored in a browser. This method bypasses the need for MFA entirely because the attacker can impersonate the user without re-authentication. 

Protecting Yourself Against MFA Hijacking 

While MFA remains a crucial security measure, it’s essential to understand that it’s not foolproof. Here are some strategies to help protect yourself against MFA hijacking: 

1. Use Stronger MFA Methods: Use authentication methods less susceptible to hijacking, such as mobile applications using number matching. Avoid using SMS-based OTPs whenever possible, as they are particularly vulnerable to SIM swapping and interception. 
2. Monitor for Anomalies: Regularly check the MFA options configured in your accounts to remove old devices and ensure unrecognized MFA methods have not been added. Hijackers will often add MFA authentications methods to an account to maintain the ability to login in the future.  
3. Report Suspicious Account Activity: As soon as you notice, tell ITS about any suspicious activity on your accounts, such as unexpected login attempts, changes to account settings, or notifications about unauthorized access. Early detection and reporting help mitigate potential damage and prevent further unauthorized access. 

While MFA hijacking is a growing threat in the cybersecurity landscape, it doesn’t render MFA obsolete. It simply highlights the importance of staying informed about the latest threats. By understanding and remaining aware of the risks, you can reduce the likelihood of falling victim to MFA hijacking. 

–Chris Mielke, ITS