“Phishing” unfortunately, it's still all the rage. Attackers try to fool you into sending them money (or buying gift cards) or revealing your personal information online. The name comes from the idea of fishing: scammers send a message that acts as bait, hoping to “hook” someone.
The good news is that you have the power to throw these phish back! Let’s take a minute to talk about what you can do to avoid phishing:
Software updates are sort of like exercise: Not everyone thinks about it, but everyone needs it, and they can make a big difference in keeping a system healthy. Let’s take a quick minute to talk about updates.
Wi-Fi is great. Think about it, you pretty much carry an entire library and a direct line to anywhere in the world in your pocket. Nowadays many businesses offer Wi-Fi for their customers, so you can stay connected even while eating udon or waiting in line for toast.
But! That doesn’t mean it’s perfect. Using public Wi-Fi is sort of like doing, well, anything else in public: you want to be safe and not accidentally wander into trouble. Let’s talk about what you can do to protect yourself on Wi-Fi.
This October, UC Berkeley is once again joining other universities, the National Cyber Security Alliance, and the U.S. Department of Homeland Security to help raise cyber security awareness during National Cyber Security Awareness Month (NCSAM).
There are more than four billion people on the internet today, and many of them use social media to communicate. But while social media can be fun and a great way to chat with friends, it can be risky as well. When people share personal information about themselves, they may become targets for scammers and identity thieves.
However, you can take a few simple precautions to keep yourself and your friends and family safe on social media. Here’s how:
Apps are part of our lives now. Remember that slogan, “There’s an App for That”? Nowadays, it seems like there really is an app for everything — from games to shopping, fitness, beauty, hobbies and more. No wonder that almost 50% of all smartphone users download at least one new app a month.
Just like with any device or program, though, it’s important to choose and use your apps carefully. Some apps may be scams or contain viruses. Here’s what you can do to keep yourself safer:
Your privacy means a lot: not just to you, but to the people you care about. If your private accounts and information are breached, other people could be breached too. That’s why it’s important to maintain your privacy online by making good choices with your privacy settings.
Instead of finding One-Eyed Willy's treasure at the end of an IRS-spoofed email, victims are tricked into clicking malicious links and giving up their treasure.
The IRS recently issued warnings about new email scams where attachers send unsolicited emails to taxpayers from fake IRS email addresses. The email subject line may vary, but recent examples use the phrase "Automatic Income Tax Reminder" or "Electronic Tax Return Reminder."
File-sharing can heighten risks to you and the University. As an Internet Service Provider (under the Digital Millennium Copyright Act), UC Berkeley does not monitor its networks for the purpose of discovering illegal activity. However, we act to make sure that Copyright, especially as it applies to digital assets, is respected within the Campus community.
Beginning August 13, Offsite Hostname requests will move to NetReg.
Karl Grose, one of the founding fathers of CalNet, is retiring.
You may have noticed some changes here at security.berkeley.edu. The Information Security and Policy office has taken a new name and undergone a website redesign. We are now The Information Security Office or ISO. Don't worry, all of our great content is still here. The new layout may take some getting used to, but our search function is better than ever and can help you find what you are looking for.
*** Vulnerable RDP servers should be patched IMMEDIATELY even where there is a potential business impact (unscheduled maintenance). Notify security@berkeley.edu if you anticipate any delays in patching. ***
A zero-day elevation of privilege vulnerability exists in the way Microsoft Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
While details about the use of the exploit are not available, it has reportedly been used in limited attacks against specific targets. Successful exploitation has been observed in the wild. [2][3]