News

October 1, 2019

Summary

A vulnerability has been discovered in Exim, which could allow for unauthenticated remote attackers to execute arbitrary system commands on the mail server. Exim is a mail transfer agent used to deploy mail servers on Unix-like systems. Successful exploitation of this vulnerability will enable the attacker to perform command execution as root in the context of the mail server. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

September 27, 2019

Summary

A vulnerability has been discovered in PHP 7.3 (the latest release series) that could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications.  [1]

September 6, 2019

Passwords! What a headache, am I right? Sometimes it seems like that in order to be safe, your password must contain letters, numbers, punctuation, bird noises, and at least one Egyptian hieroglyph.

But the truth is that it’s easier to create a long, strong, safe password than most people think. Let’s take a quick look at a few tips for making a password that will keep your account safe.

(Only those old enough to remember the Wrigley's doublemint gum commercials will get this title.)

“Multi-factor authentication” is a tech industry term for using different types of verification to get into an account. You do this daily with the 2-Step. The idea is that you use multiple things at the same time to really prove that you’re actually you. A password is one example of a factor; a fingerprint is another.

How easy is it to shop online? (Rhetorical question there.) It’s so convenient to be able to order anything you like and have it delivered right to your door. Unfortunately, that also means there’s more risk. Scammers and criminals can try to steal your information and money while you shop online.

The good news is that there are some easy things you can do to protect yourself and safely shop online. Let’s take a quick look at some tips: 

“Phishing” unfortunately, it's still all the rage. Attackers try to fool you into sending them money (or buying gift cards) or revealing your personal information online. The name comes from the idea of fishing: scammers send a message that acts as bait, hoping to “hook” someone.

The good news is that you have the power to throw these phish back! Let’s take a minute to talk about what you can do to avoid phishing:

Software updates are sort of like exercise: Not everyone thinks about it, but everyone needs it, and they can make a big difference in keeping a system healthy. Let’s take a quick minute to talk about updates.

Wi-Fi is great. Think about it, you pretty much carry an entire library and a direct line to anywhere in the world in your pocket. Nowadays many businesses offer Wi-Fi for their customers, so you can stay connected even while eating udon or waiting in line for toast.

But! That doesn’t mean it’s perfect. Using public Wi-Fi is sort of like doing, well, anything else in public: you want to be safe and not accidentally wander into trouble. Let’s talk about what you can do to protect yourself on Wi-Fi.

September 5, 2019

Apps are part of our lives now. Remember that slogan, “There’s an App for That”? Nowadays, it seems like there really is an app for everything — from games to shopping, fitness, beauty, hobbies and more. No wonder that almost 50% of all smartphone users download at least one new app a month.

Just like with any device or program, though, it’s important to choose and use your apps carefully. Some apps may be scams or contain viruses. Here’s what you can do to keep yourself safer:

NCSAM Champion Logo

This October, UC Berkeley is once again joining other universities, the National Cyber Security Alliance, and the U.S. Department of Homeland Security to help raise cyber security awareness during National Cyber Security Awareness Month (NCSAM). 

There are more than four billion people on the internet today, and many of them use social media to communicate. But while social media can be fun and a great way to chat with friends, it can be risky as well. When people share personal information about themselves, they may become targets for scammers and identity thieves.

However, you can take a few simple precautions to keep yourself and your friends and family safe on social media. Here’s how: 

Your privacy means a lot: not just to you, but to the people you care about. If your private accounts and information are breached, other people could be breached too. That’s why it’s important to maintain your privacy online by making good choices with your privacy settings.

August 27, 2019

Instead of finding One-Eyed Willy's treasure at the end of an IRS-spoofed email, victims are tricked into clicking malicious links and giving up their treasure.

The IRS recently issued warnings about new email scams where attachers send unsolicited emails to taxpayers from fake IRS email addresses. The email subject line may vary, but recent examples use the phrase "Automatic Income Tax Reminder" or "Electronic Tax Return Reminder."

August 5, 2019

File-sharing can heighten risks to you and the University. As an Internet Service Provider (under the Digital Millennium Copyright Act), UC Berkeley does not monitor its networks for the purpose of discovering illegal activity. However, we act to make sure that Copyright, especially as it applies to digital assets, is respected within the Campus community.

July 31, 2019

While ransomware is nothing new, it's been popping up more and more in higher ed. Each week brings news of colleges and universities that have fallen victim to ransomware attacks. Some hackers demand payment, while others steal personal data (to sell to identity thieves). Whatever the motives are, school systems around the country have been the targets of recent attacks.

July 21, 2019

Robocalls are on the rise. Be wary of any pre-recorded messages you might receive.

July 17, 2019

"Hey, are you available?"

July 9, 2019

Summary

A vulnerability has been publicly disclosed in the Mac version of Zoom that allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user's permission. [1]

July 8, 2019

June 24, 2019

Beginning August 13, Offsite Hostname requests will move to NetReg.