Attackers have been sending emails that feed on concerns about COVID-19 to spread malware, trick them into sharing account credentials, or opening malicious attachments.
Announcements
March 9, 2020
January 28, 2020
On Mar. 23 CalNet fully depreciated TLS 1.0/1.1.
On Mar. 23, CalNet disabled TLS 1.0 and 1.1 protocols from being used to access CAS, Shibboleth, CalGroups, CalNet Account Manager, and LDAP.
TLS 1.0 and 1.1 are insecure and vulnerable to attacks which risk the integrity and authentication of data sent between client and destination. Disabling these protocols will mitigate these issues, adhere to campus policy, and to protect institutional data and IT resources.
January 27, 2020
We have become aware that identity thieves are calling individuals on campus via landline or cellular devices asking for personal information. Remember to be vigilant and careful about protecting your personal information.
We work very hard to protect our voice network; however, attackers may try to use a technology called spoofing to trick you into giving up information. Spoofing is the practice of deliberately falsifying the information transmitted to your caller ID to pretend to be someone else.
January 20, 2020
With the California Consumer Privacy Act taking effect this year, data privacy will become a central issue for businesses in 2020. Consumers conduct much of their lives on the internet, yet few understand the critical issue of privacy and how their personal information is used, collected and shared by businesses. Your data can be stored indefinitely and used in both beneficial and unwelcome ways.
January 15, 2020
You and Your W-2
Every year phishing messages are crafted by tax scammers to trick victims into giving out personal information. Taxpayers should continue to watch out for fake emails and/or websites looking to steal personal information. Be wary of any message asking for W-2 or other tax information. Additionally, because of the UCPath conversion attackers may send emails with fraudulent links. Do not open any attachments or click on any email links.
January 6, 2020
November 13, 2019
We are excited to announce some organizational developments and opportunities to work with us.
Recently ISO underwent a structural reorganization. This new structure allows us to continue to evolve and respond to challenges in the information security space, to streamline operations, and to create additional efficiencies. Vacant positions will be posted shortly to jobs.berkeley.edu and to our website.
November 12, 2019
Even outside the traditional "Holiday" season we find ourselves purchasing items online. And so, it's good to remember online shopping best practices year round. In addition to our holiday shopping tips, here are a few others to keep you safe while online shopping:
November 6, 2019
There will be some changes coming to information security policies at Berkeley brought on by a major update to the UC systemwide information security policy (IS-3). The revision brings sweeping changes to the way information security risk is handled on Campus.
September 5, 2019
This October, UC Berkeley is once again joining other universities, the National Cyber Security Alliance, and the U.S. Department of Homeland Security to help raise cyber security awareness during National Cyber Security Awareness Month (NCSAM).
August 27, 2019
Instead of finding One-Eyed Willy's treasure at the end of an IRS-spoofed email, victims are tricked into clicking malicious links and giving up their treasure.
The IRS recently issued warnings about new email scams where attachers send unsolicited emails to taxpayers from fake IRS email addresses. The email subject line may vary, but recent examples use the phrase "Automatic Income Tax Reminder" or "Electronic Tax Return Reminder."
August 5, 2019
File-sharing can heighten risks to you and the University. As an Internet Service Provider (under the Digital Millennium Copyright Act), UC Berkeley does not monitor its networks for the purpose of discovering illegal activity. However, we act to make sure that Copyright, especially as it applies to digital assets, is respected within the Campus community.
July 17, 2019
July 8, 2019
June 24, 2019
Beginning August 13, Offsite Hostname requests will move to NetReg.
June 3, 2019
Karl Grose, one of the founding fathers of CalNet, is retiring.
May 22, 2019
You may have noticed some changes here at security.berkeley.edu. The Information Security and Policy office has taken a new name and undergone a website redesign. We are now The Information Security Office or ISO. Don't worry, all of our great content is still here. The new layout may take some getting used to, but our search function is better than ever and can help you find what you are looking for.
April 10, 2019
Overview
Every Windows product has a lifecycle and that lifecycle ends when it no longer receives security updates or fixes, software updates, and/or technical support. On Jan. 14, 2020 Microsoft will discontinue support for the Windows 7 Operating System. Without security, patches these systems will be easy targets for hackers, malware, and viruses.
March 14, 2019
A couple of recent phishing scams, referred to as a “Business Email Compromise (BEC),” have been targeting universities to steal funds through the purchasing process.
The first phishing scam targets suppliers that do business with campus by using Berkeley emails as the hook. These attacks involve purchase orders and requests for quotes that appear to come from the University, but are in fact fraudulent.
Be Alert:
March 8, 2019
Starting March 11th services that use Active Directory Federation Services (ADFS) will require CalNet 2-Step Authentication.
Examples of software include CalShare and Microsoft 365.