News

All News

January 6, 2020

Celebrate Data Privacy Day 2020

What's Data Privacy Day?

Champion Badge

November 13, 2019

ISO Reorg and Call for Staff Internship Applications

We are excited to announce some organizational developments and opportunities to work with us.

Recently ISO underwent a structural reorganization. This new structure allows us to continue to evolve and respond to challenges in the information security space, to streamline operations, and to create additional efficiencies. Vacant positions will be posted shortly to jobs.berkeley.edu and to our website.

November 12, 2019

Tips to Protect Yourself While Online Shopping

Even outside the traditional "Holiday" season we find ourselves purchasing items online. And so, it's good to remember online shopping best practices year round. In addition to our holiday shopping tips, here are a few others to keep you safe while online shopping: 

November 11, 2019

ISO Graduates First Staff Security Intern

The Information Security Office is proud to graduate Ryan Tran, our first Staff Information Security Intern!

We wanted to mark the occasion by talking with him about what he learned while at ISO. 

Oski thumbs up

November 6, 2019

Upcoming Changes for Information Security Policy

There will be some changes coming to information security policies at Berkeley brought on by a major update to the UC systemwide information security policy (IS-3). The revision brings sweeping changes to the way information security risk is handled on Campus. 

Ho-Ho-Holiday Tips to Keep You Shopping Safe

Animals in lights

I love this time of year; the air gets crisp, the leaves start to turn, and I get to wear sweaters all the time. However, the thought of leaving the house to battle the crowds elicits panic level 12. Perhaps that's why online shopping is gaining even more popularity. An estimated 165.8 million people shopped between Thanksgiving Day and Cyber Monday in 2018!

October 30, 2019

Phishing Example: Part time work assistant needed
Hello RECIPIENT I am urgently seeking for a Clerical/Administrative Assistant to work for me on campus at their own free time while I am away on my work and earn basic wage $250 weekly.This is a flexible job that requires little to no prior experience .Let me know you are interested and I will fill you in. Sincerely *Professor David Card* *Department of Economics* *530 Evans Hall #3880* *University of California Berkeley* *Berkeley, CA*

October 18, 2019

Kubernetes Vulnerabilities Allow Authentication Bypass, DoS (CVE-2019-16276)

Summary

Two dangerous vulnerabilities have recently been discovered in Kubernetes, the open-source container-orchestration system: 
CVE-2019-16276
CVE-2019-11253

Impact

    October 1, 2019

    Vulnerability in Exim Could Allow for Remote Command Execution (CVE-2019-16928)

    Summary

    A vulnerability has been discovered in Exim, which could allow for unauthenticated remote attackers to execute arbitrary system commands on the mail server. Exim is a mail transfer agent used to deploy mail servers on Unix-like systems. Successful exploitation of this vulnerability will enable the attacker to perform command execution as root in the context of the mail server. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

    September 6, 2019

    Don’t pass on strong passwords

    Passwords! What a headache, am I right? Sometimes it seems like that in order to be safe, your password must contain letters, numbers, punctuation, bird noises, and at least one Egyptian hieroglyph.

    But the truth is that it’s easier to create a long, strong, safe password than most people think. Let’s take a quick look at a few tips for making a password that will keep your account safe.

    Double your privacy, double your fun

    (Only those old enough to remember the Wrigley's doublemint gum commercials will get this title.)

    “Multi-factor authentication” is a tech industry term for using different types of verification to get into an account. You do this daily with the 2-Step. The idea is that you use multiple things at the same time to really prove that you’re actually you. A password is one example of a factor; a fingerprint is another.

    Staying safe when shopping online

    How easy is it to shop online? (Rhetorical question there.) It’s so convenient to be able to order anything you like and have it delivered right to your door. Unfortunately, that also means there’s more risk. Scammers and criminals can try to steal your information and money while you shop online.

    The good news is that there are some easy things you can do to protect yourself and safely shop online. Let’s take a quick look at some tips: 

    Up-to-date on updates: Keeping your software fresh

    Software updates are sort of like exercise: Not everyone thinks about it, but everyone needs it, and they can make a big difference in keeping a system healthy. Let’s take a quick minute to talk about updates.

    No peeking! Staying safe and private on Wi-Fi

    Wi-Fi is great. Think about it, you pretty much carry an entire library and a direct line to anywhere in the world in your pocket. Nowadays many businesses offer Wi-Fi for their customers, so you can stay connected even while eating udon or waiting in line for toast.

    But! That doesn’t mean it’s perfect. Using public Wi-Fi is sort of like doing, well, anything else in public: you want to be safe and not accidentally wander into trouble. Let’s talk about what you can do to protect yourself on Wi-Fi.

    September 5, 2019

    October is National Cyber Security Awareness Month!

    NCSAM Champion Logo

    This October, UC Berkeley is once again joining other universities, the National Cyber Security Alliance, and the U.S. Department of Homeland Security to help raise cyber security awareness during National Cyber Security Awareness Month (NCSAM). 

    August 5, 2019

    Updates to implementation plan for combating illegal file-sharing on Campus

    File-sharing can heighten risks to you and the University. As an Internet Service Provider (under the Digital Millennium Copyright Act), UC Berkeley does not monitor its networks for the purpose of discoveringillegal activity. However, we act to make sure that Copyright, especially as it applies to digital assets, is respected within the Campus community.

    July 21, 2019

    Phishing Example: Robocalls
    This call is from the Department of Social Security Administration. The reason you have received this phone call from our department is to inform you that we just suspend your Social Security number because we found some suspicious activity, so if you want to know more about it just press 1, thank you.

    July 17, 2019

    Phishing for Gift Cards
    In the past few months, the campus has seen an increase in these types of phishing attacks. The most common form is a short message that starts with something like, "quick help needed," "are you in the office?", or "available?" from a person of authority. Often the messages appear to come from vice chancellors, deans, and department chairs.

    July 8, 2019

    Microsoft Windows Server 2008 End Of Life

    Overview

    June 3, 2019

    CalNet Founding Father Karl Grose to Retire

    Karl Grose, one of the founding fathers of CalNet, is retiring.