Info (in a) Sec: Mar 2022

In our newsletters, we share a little bit about the projects we are working on, the services we provide, and things we think you’ll be interested in. Add yourself to our Newsletter list to receive future installments.


Now Hiring!

​​Are you looking to grow in your career? Do you like solving puzzles and having variety in your day? Want to work with an amazing team of colleagues (cough, if I do say so myself)? Well, look no further! We are hiring for several positions: 

General Updates

New CalNet 2-Step Look for Browsers

On Apr. 5 you will see some new screens when completing the Calnet 2-Step on a browser. You don’t need to do anything to get the new browser experience. However, I recommend watching this short one-minute video so you know what’s changing, and also because I want to see how many people I can get to watch it - validate my work, folks! ;)

Oh and our amazing Systems Admin, Jonathon Taylor, created this testing site, so you can see what your experience will be like! Try it out by first opening a private or incognito window in a browser and go to: https://2step-test.calnet.berkeley.edu/

In March, we launched Socreg

You did, what now? Socreg (pronounced “Sock” and the first part of registration) is the new and improved user interface for our asset registration portal.So, do I register my socks there? Ha, no, it’s where you register computers or devices that are connected to the campus network. “Soc” actually stands for Security Operations Center and it’s what we use to monitor campus assets and if we find anything weird, we reach out to the Security Contact for the device or system. That sounds confusing… Do you have more resources to help me? Indeed we do! We created new Socreg documentation and every page inside of the Socreg application has “Help” in the top bar. Oh, and we wrote this handy guide: You’re a Security Contact, Now What?

Zoombombing attacks increasing on campus

As someone who has recently been Zoombombed, it’s no fun. If there is one thing you can remember in the moment it’s to stop Zoom by going to "Security" then select "Suspend Participant Activities” in the menu - that way you can boot those unwelcome parties and get back to business. 

What can you do to avoid Zoombombing?

Do not publish Zoom join links online. Follow the recommendedsettings for securing Zoom, especially the following:

  • Allow only signed-in users to join, and require an @berkeley account, if possible.
  • When using a waiting room, leave it on for the entire meeting and have at least one person monitoring the door who can act quickly if anything suspicious occurs.
  • Watch this video to learn more.

April 12th is Identity Management Day

Whoo hoo! Do we get the day off? Sadly, no, but you should take a few minutes that day (or before) to:

Image of Identity Flyer

Ask ASCII:

What’s the one thing I should look out for when it comes to phishing emails?

-GiveMeAPhish

Well, unfortunately it’s not just one thing, so how about a weird analogy to get you thinking…or rather to TeachYouToPhish.

Imagine you have a job as a bouncer at a 21+ venue. Your shift consists of reviewing lots of different IDs and deciding who gets past you. Now, there are fake IDs, people who use other people’s real IDs, there are people who try to bribe you to get in, and sometimes people who are under 21 and hoping you are too busy to notice. Deciding who gets in isn’t cut and dry, but you get to a point where you recognize regulars, you see really bad IDs and know what to look for - and in a pinch you can ask your bouncer friend (or check an ID book) if the ID is legit.

Guess what? You are the bouncer of your emails and evaluating them is very similar - you have to ask, Is this really from the person who is sending it? Is it offering me a bribe or something that is too good to be true? Has this email been listed as a phish already? Is it plausible that Chancellor Christ has shown up at my club asking me for gift cards? Probably not. 

Okay, you get the gist, it’s more about taking a second to think about all the factors involved instead of just one telltale sign. Check out the Fight the Phish campaign, there are lots of great tips to help you be a better bouncer. And remember, we are always here to help you - if you get an email that makes your spidey senses tingle, report it. Either forward the message to phishing@berkeley.edu or better still report it in bMail:

  • To the right of 'Reply' arrow
  • Select 'More' (typically denoted with three vertical dots.
  • Then 'Report phishing'

What keeps us busy?

These charts may help explain. The first chart shows the number of alerts processed by our threat detection systems and the second chart shows detected compromises and vulnerabilities for this quarter.

If you get a security notice from our office be sure to follow the instructions to remedy the situation immediately. 

Q1 2022 Threats detected graph
Q1 of 2022 Vulnerabilities and Compromises Graph