News

April 16, 2021

"I have a really great passphrase, it's long and easy to remember, so I use it on all my accounts."

Sound familiar? Why is it so hard for us to abandon this idea that reusing passphrases is a bad idea? Well, we're humans and humans tend to rationalize to confirm our decisions. "What are the chances that someone will get my password and compromise my account, I mean, will that really happen to me?" Well, it turns out it does - and more frequently that you might imagine.

April 5, 2021

Updated Apr. 15, 2021:

On Thursday, April 15 at 11 a.m. we hosted a town hall for the campus community on how to protect yourself against identity theft.  The recording and slides are available here: https://technology.berkeley.edu/town-hall


Updated Apr. 5, 2021:

Updates from UCOP on the Accellion Breach and FAQs (English and Spanish Translations): 

March 31, 2021

Mar. 31st - The Internal Revenue Service issued a warning of an ongoing IRS-impersonation scam that appears to primarily target educational institutions, including students and staff who have ".edu" email addresses. The phishing emails appear to target university and college students from both public and private, profit and non-profit institutions.

The fraudulent email displays the IRS logo and uses various subject lines such as "Tax Refund Payment" or "Recalculation of your tax refund payment." It asks people to click a link and submit a form to claim their refund. 

February 19, 2021

These are targeted and simple forms of phishing emails designed to get victims to click on a link that contains malicious content or steals your credentials.

February 11, 2021

This month Microsoft released patches for multiple serious vulnerabilities in the Windows TCP/IP network stack (including CVE-2021-24074, CVE-2021-24094)[1,2]. These vulnerabilities can allow for remote code execution. Additionally, Microsoft appears to have released patches for Windows 7 and Windows Server 2008 which are officially no longer supported.

January 27, 2021

You and Your W-2

Every year phishing messages are crafted by tax scammers to trick victims into giving out personal information. Taxpayers should continue to watch out for fake emails and/or websites looking to steal personal information. Be wary of any message asking for W-2 or other tax information. Additionally, because of the UCPath conversion attackers may send emails with fraudulent links. Do not open any attachments or click on any email links.

January 26, 2021

A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. The flaw can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is not required to exploit the flaw. Researchers have developed working exploits against Ubuntu, Debian, and Fedora Linux distributions. Other UNIX-based operating systems and distributions are also likely to be exploitable. [1] [2]

November 30, 2020

These are targeted and simple forms of phishing emails designed to get victims to click on a fake Google Docs link that contains malicious content.
These are targeted and simple forms of phishing emails designed to get victims to click on a fake Google Forms link that contains malicious content.
These are targeted and simple forms of phishing emails designed to get victims to click on a fake Google Forms link that contains malicious content.
These are targeted and simple forms of phishing emails designed to get victims to click on a fake Google Forms link that contains malicious content.

November 4, 2020

Multiple vulnerabilities have been discovered in the Google Chrome browser, the most severe of which could allow for arbitrary code execution. We recommend immediately updating your Google Chrome browser to Version 86.0.4240.183

October 21, 2020

Google has released Chrome version 86.0.4240.111 to apply security fixes, including a patch for an actively exploited zero-day vulnerability. We recommend that users patch immediately. Normally updates happen in the background, but if you haven't closed your browser in a while, you might see a pending update

October 15, 2020

A serious vulnerability exists in the Windows TCP/IP network stack [1,2]. Currently, it is known that this vulnerability can be used to trigger a Denial of Service (DoS) event, however, Microsoft and others are warning that it may also be possible to remotely execute code. An attacker can exploit this vulnerability by sending a crafted ICMPv6 Router Advertisement to the target system. The vulnerability does not require authentication or user-interaction.
The second round of our Security Internship Program has ended and we are pleased to congratulate Ilona Ozmon and Kris Beltran for graduating from the program.

October 5, 2020

These are targeted and simple forms of phishing emails designed to get victims to interact and establish a rapport. The messages start out as basic greetings or job opportunities and then progress into requests for money or data.

September 4, 2020

These attacks are a sophisticated, targeted form of phishing emails spoofing the security office with the intention of scaring the victim to get them to click on a nefarious link. The Information Security Office will never ask for you to "validate" your information via a link in an email.

September 3, 2020

These attacks are a sophisticated, targeted form of phishing emails designed to look like legitimate UC Berkeley IT Client Services emails with the intention of scaring the victim to get them to provide personal information. Legitimate UC Berkeley IT departments will NEVER ask for your passphrase over email.

August 27, 2020

The FBI has reported an increase in suspicious websites popping up that look like official election websites but are in fact fraudulent. These sites have multiple purposes:

August 18, 2020

Social Engineering criminals focus their attention at attacking people as opposed to infrastructure. Social engineering begins with research; an attacker may look for publicly available information that they can use against you. These attacks can come in a variety of formats: email, voicemail, SMS messages, DMs, or via social media and attempt to prey on your respect for authority, courtesy, or trust.