News

Overview

Karl Grose, one of the founding fathers of CalNet, is retiring.

You may have noticed some changes here at security.berkeley.edu. The Information Security and Policy office has taken a new name and undergone a website redesign. We are now The Information Security Office or ISO. Don't worry, all of our great content is still here. The new layout may take some getting used to, but our search function is better than ever and can help you find what you are looking for. 

Overview

Every Windows product has a lifecycle and that lifecycle ends when it no longer receives security updates or fixes, software updates, and/or technical support. On Jan. 14, 2020 Microsoft will discontinue support for the Windows 7 Operating System. Without security, patches these systems will be easy targets for hackers, malware, and viruses.

A couple of recent phishing scams, referred to as a “Business Email Compromise (BEC),” have been targeting universities to steal funds through the purchasing process.

The first phishing scam targets suppliers that do business with campus by using Berkeley emails as the hook. These attacks involve purchase orders and requests for quotes that appear to come from the University, but are in fact fraudulent. 

Be Alert:

We are excited to announce that the Information Security and Policy Office is launching a Security Internship Program for staff. This is a unique opportunity for employees to work alongside the Security Operations and Assessments & Compliance teams. The internship is a chance for current Berkeley employees to develop a professional skill set in the information security domain and achieve breadth and depth of knowledge in the field. Interns will strengthen their career path potential, network with new colleagues, and contribute to the campus mission.

A widely reported spear phishing scam, termed “Business Email Compromise (BEC),” has been targeting universities and other academic institutions. These attacks are spear phishing scams designed to impersonate someone you know in an attempt to gain access to sensitive information or to encourage you to transfer funds or provide gift cards. There has been an increase of these assaults across the University this new year.

To the campus community,

On Wednesday, May 3rd, we learned of a global phishing attack targeting the nearly 1 billion people who use Google email, including members of the campus community. You may have received an email that a Google Doc had been shared with you by a person you know. These were fraudulent emails sent as part of that cyber attack.

The US-CERT (US Computer Emergency Readiness Team) has issued a recent alert concerning ransomware.  Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it.  The alert warns that in early 2016, destructive ransomware variants such as Locky and