These are targeted and simple forms of phishing emails designed to get victims to interact, establish a rapport, and steal money. The messages start out as basic greetings - or job opportunities - and then progress into requests for money or data.
June 22, 2020
June 18, 2020
June 8, 2020
The Information Security Office currently has two policies in Campus review until mid-June. We invite comments on the proposed new Roles and Responsibilities Policy and our Minimum Security Standards for Networked Devices (MSSND) Draft.
June 5, 2020
These are targeted and simple forms of phishing emails designed to get victims to interact, establish a rapport, and steal money. The messages start out as basic greetings - or job opportunities - and then progress into requests for money or data.
June 3, 2020
These are targeted and simple forms of phishing emails designed to get victims to interact and establish a rapport. The messages start out as basic greetings or job opportunities and then progress into requests for money or data.
May 21, 2020
Ransomware is not new; but, it's been popping up more and more in higher ed. Each week brings news of colleges and universities that have fallen victim to ransomware attacks. Some hackers demand payment, while others steal personal data (to sell to identity thieves). Whatever the motives are, school systems around the country have been the targets of recent attacks.
May 12, 2020
The CalNet AD team has created several Group Policy Objects (GPOs) templates for system administrators to utilize. These templates, or Build Kits, are based on the Center for Internet Security’s (CIS) benchmarks and allow for quick and easy implementation of CIS Benchmark configurations.
May 8, 2020
The Information Security Office recently updated the Miminum Security Standards for Networked Devices and the Draft of that Standard is currently under Campus review. The update incorporates elements from UC’s systemwide Electronic Information Security Policy, IS-3, and brings the Standard into alignment with current industry best practices.
April 30, 2020
Zoom V. 5 is available for download
The newest version further addresses issues related to security and privacy
Specific changes include these user experience/controls
- Security icon: Zoom’s security features are now grouped together and located in the "Security" icon in the host's meeting menu bar.
April 2, 2020
Zoom has released new version updates that resolve issues related to security and privacy: Windows ver. 4.6.19253.0401 and MacOS ver. 4.6.19273.0402.
We recommend that users patch immediately. Both updates are accessible for manual download through the desktop-client:
-
Open the Zoom application on your system and select “Check for Updates...” from the zoom.us drop-down menu
March 24, 2020
March 13, 2020
Summary
*** Patch Windows 10 and affected Windows Server 2019 systems IMMEDIATELY, even where there is a potential business impact (unscheduled maintenance). Notify security@berkeley.edu if you anticipate delays in patching. ***
March 9, 2020
Attackers have been sending emails that feed on concerns about COVID-19 to spread malware, trick them into sharing account credentials, or opening malicious attachments.
January 28, 2020
On Mar. 23 CalNet fully depreciated TLS 1.0/1.1.
On Mar. 23, CalNet disabled TLS 1.0 and 1.1 protocols from being used to access CAS, Shibboleth, CalGroups, CalNet Account Manager, and LDAP.
TLS 1.0 and 1.1 are insecure and vulnerable to attacks which risk the integrity and authentication of data sent between client and destination. Disabling these protocols will mitigate these issues, adhere to campus policy, and to protect institutional data and IT resources.
January 27, 2020
We have become aware that identity thieves are calling individuals on campus via landline or cellular devices asking for personal information. Remember to be vigilant and careful about protecting your personal information.
We work very hard to protect our voice network; however, attackers may try to use a technology called spoofing to trick you into giving up information. Spoofing is the practice of deliberately falsifying the information transmitted to your caller ID to pretend to be someone else.
January 20, 2020
With the California Consumer Privacy Act taking effect this year, data privacy will become a central issue for businesses in 2020. Consumers conduct much of their lives on the internet, yet few understand the critical issue of privacy and how their personal information is used, collected and shared by businesses. Your data can be stored indefinitely and used in both beneficial and unwelcome ways.
January 15, 2020
You and Your W-2
Every year phishing messages are crafted by tax scammers to trick victims into giving out personal information. Taxpayers should continue to watch out for fake emails and/or websites looking to steal personal information. Be wary of any message asking for W-2 or other tax information. Additionally, because of the UCPath conversion attackers may send emails with fraudulent links. Do not open any attachments or click on any email links.
January 14, 2020
Summary
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. This vulnerability affects the Microsoft Windows 10 desktop operating system, as well as Windows Server 2016 and 2019.
Microsoft has released a security update that addresses the vulnerability by ensuring that Windows CryptoAPI completely validates ECC certificates.
Summary
*** Vulnerable RD Gateway servers should be patched IMMEDIATELY even where there is a potential business impact (unscheduled maintenance). Notify security@berkeley.edu if you anticipate any delays in patching. ***
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway).
January 13, 2020
Summary
Mozilla has published an out-of-band patch for Mozilla Firefox and Firefox Extended Support Release (ESR). It fixes a type confusion vulnerability in Mozilla’s Javascript compiler, IonMonkey. This vulnerability is identified as CVE-2019-17026. [1]
Mozilla’s advisory states they are “aware of targeted attacks in the wild abusing this flaw.” Based on this note in the advisory, it appears the vulnerability was exploited in the wild as a zero-day. [2]