News

All News

May 6, 2022

PHISHING EXAMPLE: Email Account Removal
Dear recipient We have received your cancellation request and you are no longer subscribed to security.berkeley.edu If you did not request cancellation, kindly click below to reactivate your account.
PHISHING EXAMPLE: CAUTION : eMail Account Block
Attention recipient , We have received your request to terminate your email account below, and the request will be concluded within 12hours from now.

April 21, 2022

Psychic Signatures Vulnerability in Java (CVE-2022-21449)
A significant vulnerability has been discovered in Oracle Java SE, Oracle GraalVM Enterprise Edition, and OpenJDK. Due to a flaw in Java’s ECDSA cryptographic library, unauthenticated adversaries can compromise Java deployments over the network using multiple protocols. This is possible because adversaries can forge a wide range of credentials, certificates, signatures, and other authentication messages due to the cryptographic flaw. [1] [2] This vulnerability applies to Java deployments, typically in clients running Java Web Start applications and sandboxed Java applets. The vulnerability can also be exploited using APIs through web services that utilize the vulnerable component. [4]

March 31, 2022

Vulnerability in the Spring Framework (CVE-2022-22965)
A critical vulnerability has been found in the widely used Java framework Spring Core. While Remote Code Execution (RCE) is possible and a Proof-of-Concept has already been released, how to exploit the vulnerability can vary based on system configuration and research on it is still evolving.

March 30, 2022

Make managing your identity easier at Berkeley!

April 12th is Identity Management Day, a day focused on learning about the impacts of casually, or improperly, managing and securing your digital identity. At Berkeley we manage our identity through our CalNet IDs, Student IDs, UCPath IDs, etc., so making sure your information is correct is super important.

March 8, 2022

Highlighting Changes to the Departmental Security Contact Policy

Overview

February 15, 2022

PHISHING EXAMPLE: Norton
Welcome Subscriber; Your Annual membership for NORTON 360 TOTAL PROTECTION has been renewed and updated successfully. The amount charged will be reflected within the next 24 to 48 hrs on your profile of account. Product Information: INVOICE NO. @ GGH1644259106OV ITEM NAME @ NORTON 360 TOTAL PROTECTION START DATE @ 2022 Feb 07 END DATE @ 1 year from START DATE GRAND TOTAL @ $240.42 USD PAYMENT METHOD @ Debit from account If you wish to not to continue subscription and claim a REFUND then please feel free to call our Billing Department as soon as possible. You can Reach us on : +1 – ( 803 ) – ( 598 ) – 4473 Regards, Billing Department SP

January 19, 2022

PHISHING EXAMPLE: English Dept. (Prof. Duncan) Job Offers
Using several different emails to send from and various subject lines, this attacker used the name of an actual Berkeley professor to send out a call for remote assistant work.
Fake Cal Store on Instagram
Beware of fake Cal Stores on Instagram or other social media platforms.

December 14, 2021

Severe Software Vulnerability in Apache's Java Logging Library

The UC Berkeley Information Security Office is responding to a newly revealed severe software vulnerability in Apache's Java Logging library, Log4J.

December 10, 2021

Critical Vulnerability in log4j (CVE-2021-44228)
A critical vulnerability has been found in the widely used Java logging library log4j. This vulnerability can allow remote code execution by an unauthenticated attacker, is easy to exploit, and proof of concept code is publicly available.

October 11, 2021

Financial Phishing Attacks

Watch out for financial "spear phishing" emails.

These may look like they come from a supervisor or manager and request that you send funds, transfer money, provide banking information, buy gift cards, or provide something of value to the sender. 

October 8, 2021

Claim Your Subnets

Why Claim Your Subnets?

Because then you will get those fun and cheerful security notices! Yay!

Seriously, ISO monitors all campus IP address space.  When we find a problem we notify the Security Contact that claims the subnet so they can fix the problem.  If we cannot contact anyone, and the problem is serious, we will block the IP Address.  Now you have to troubleshoot a connectivity issue without knowing the underlying reason and you still have a serious security issue.  

October 4, 2021

Watch out for suspicious solicitations for new bank account

UC has learned that names, Social Security numbers, and other personal information of some members of the UC community may have been used in attempts to open unauthorized bank accounts at financial institutions such as Chime and Go2Bank. Some of these UC community members are receiving emails from these institutions asking them to confirm a new account by clicking on a link in the email. It is unclear how personal information was obtained to open unauthorized accounts.

September 22, 2021

Recognizing & Avoiding Job Scams

Are you on the lookout for flexible, part-time employment to help cover school expenses? If so, watch out for scams.

Between the COVID-19 pandemic and high unemployment rates, the pressure to find a job may create more pressure for you to find work quickly. UC Berkeley has received numerous reports of employment scams where the sender impersonates Berkeley professors, researchers, and/or university departments. Some scams are easy to spot but how do you know who to trust?

September 14, 2021

Critical vulnerability in Apple products
Apple released a security update for macOS, watchOS, iOS, iPadOS, and Safari. Apple is aware of a report of potential exploits in the wild.

September 10, 2021

PHISHING EXAMPLE: WORK FROM HOME / BERKELEY PAID JOB OFFER
Dear Student, We got your contact through your school database and I'm happy to inform you that our reputable company Cisco Systems Inc® is currently running a student empowerment program. This program is to help devoted and hardworking students secure a part time job which does not deter them from doing any other, you just need a few hours to do this weekly and with an attractive weekly wages. KINDLY EMAIL BACK WITH YOUR PERSONAL EMAIL ADDRESS IF INTERESTED IN THIS JOB POSITION.
PHISHING EXAMPLE: WORK AFTER CLASSES OFFER ($500 WEEKLY SALARY)
Hello, Are you currently in the US? Here is an opportunity for you to work part time after classes and earn $500 weekly. The job is completely done online and can be completed anytime in the evening/night at home and won't take much of your time daily, you don't have to be online all day and don't need any professional skill to do the job, all you need is just come online before going to bed to forward all order of the day made by agents to the supplier and you are done for the day.
PHISHING EXAMPLE: student email directly
Hi Student, I am Dr Ralph Abraham, I feel comfortable discussing this WORK- STUDY opening with you since you were referred by the university chamber of commerce. I am very busy, that is why I have asked for your help as my temporary personal assistant. I provide individual and group therapy, coaching, assessment and many University students with academic difficulties and no prior diagnosis are seen and assessed through the academic screening and assessment process.

September 9, 2021

WEX/Discovery Benefits Email

The UC Office of the President has notified us that UC employees received an email yesterday from WEX Health (formerly Discovery Benefits) alerting them to a change in the profile information in their online WEX account. You do not need to respond to their message. This change was made in error and is being corrected. Please note that the error is not the result of a security breach and UC employee data has not been compromised.