News

All News

May 22, 2019

ISP is now The Information Security Office

You may have noticed some changes here at security.berkeley.edu. The Information Security and Policy office has taken a new name and undergone a website redesign. We are now The Information Security Office or ISO. Don't worry, all of our great content is still here. The new layout may take some getting used to, but our search function is better than ever and can help you find what you are looking for. 

May 21, 2019

Securing Your Devices While Traveling
Stay safe while traveling by following this simple tips

May 14, 2019

MS Windows Error Reporting Local Privilege Escalation Vulnerability (CVE-2019-0863)

Summary

A zero-day elevation of privilege vulnerability exists in the way Microsoft Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

While details about the use of the exploit are not available, it has reportedly been used in limited attacks against specific targets. Successful exploitation has been observed in the wild. [2][3]

Patch IMMEDIATELY! - Microsoft Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708)

Summary

*** Vulnerable RDP servers should be patched IMMEDIATELY even where there is a potential business impact (unscheduled maintenance). Notify security@berkeley.edu if you anticipate any delays in patching. ***

April 10, 2019

Microsoft Windows 7 End Of Life

Overview

Every Windows product has a lifecycle and that lifecycle ends when it no longer receives security updates or fixes, software updates, and/or technical support. On Jan. 14, 2020 Microsoft will discontinue support for the Windows 7 Operating System. Without security, patches these systems will be easy targets for hackers, malware, and viruses.

March 14, 2019

Email Fraud Schemes Targeting Universities

A couple of recent phishing scams, referred to as a “Business Email Compromise (BEC),” have been targeting universities to steal funds through the purchasing process.

The first phishing scam targets suppliers that do business with campus by using Berkeley emails as the hook. These attacks involve purchase orders and requests for quotes that appear to come from the University, but are in fact fraudulent. 

Be Alert:

February 20, 2019

Information Security & Policy Staff Internship Opportunity

We are excited to announce that the Information Security and Policy Office is launching a Security Internship Program for staff. This is a unique opportunity for employees to work alongside the Security Operations and Assessments & Compliance teams. The internship is a chance for current Berkeley employees to develop a professional skill set in the information security domain and achieve breadth and depth of knowledge in the field. Interns will strengthen their career path potential, network with new colleagues, and contribute to the campus mission.

January 11, 2019

Email Impersonation Attacks Are on the Rise

A widely reported spear phishing scam, termed “Business Email Compromise (BEC),” has been targeting universities and other academic institutions. These attacks are spear phishing scams designed to impersonate someone you know in an attempt to gain access to sensitive information or to encourage you to transfer funds or provide gift cards. There has been an increase of these assaults across the University this new year.

December 27, 2018

Phishing Example: Business Email Compromise
Are you around? I need to pay a vendor with the blucard. University of California, Berkeley

June 12, 2018

Increasing Reports of Unencrypted Stolen Laptops
In the last few months, our office has received an increasing number of laptop theft reports. These incidents occurred both on and off campus, and in varying circumstances, however, in all the recent cases the laptops involved were not configured for Full Disk Encryption (FDE). In a few of these cases, the laptops were used to access sensitive data as part of campus business processes, and the Security team is concerned about possible data exposure due to lost and stolen devices with access to campus protected data. 

March 14, 2018

Change to Campus Remote Access VPN IP Address Ranges

The IST-Telecommunications networking group will begin piloting the new bSecure Campus VPN service in the coming weeks. Eventually, this service will become the replacement for the existing Cisco AnyConnect based Campus Remote Access VPN service.

May 3, 2017

Global Google Phishing Alert

To the campus community,

On Wednesday, May 3rd, we learned of a global phishing attack targeting the nearly 1 billion people who use Google email, including members of the campus community. You may have received an email that a Google Doc had been shared with you by a person you know. These were fraudulent emails sent as part of that cyber attack.

Phishing Example: Google Doc Phishing Message
XXX has invited you to view the following document: Open in Docs

April 13, 2017

Phishing Example: Message from human resources
This message, appearing to come from the HR department, was successful at convincing several campus recipients to click on the link provided and enter their Calnet credentials. The link was directed to a fake Calnet login page, the account name and password entered on this page would be compromised.

April 1, 2017

Phishing Example: Library Account
Dear Student, Your access to your library account is expiring soon due to inactivity. To continue to have access to the library services, you must reactivate your account. For this purpose, click the web address below or copy and paste it into your web browser. A successful login will activate your account and you will be redirected to your library profile. https://auth.berkeley.edu/cas/login?service=https%3a%2f% If you are not able to login, please contact at xxxxx@berkeley.edu for immediate assistance.

January 30, 2017

Phishing Example: Your Dropbox File
Hello, You just received a file through Dropbox Share Application. Please click below and log in to view file. View file Every time a friend installs Dropbox, we'll give both of you 1 GB of space for free! Need even more space? Upgrade your Dropbox and get 1 TB (1,000 GB) of space. Happy Dropboxing. - The Dropbox Team

January 25, 2017

Phishing Example: bCourses Expiration Notice
A targeted phishing message was received on campus appearing as an expiration notice for access to bCourses. The message attempted to trick recipients to login with CalNet credentials to prevent access expiration

January 24, 2017

Phishing Example: First 2017 Tax Season Phish
The Human Resources/Payroll Department has completed the final paystub changes for 2017 tax year. To view the changes to your paystub information and view/download your W-2 forms (2014 - 2016 tax years), go to: Adp Portal We hope you find the changes to your paystub information useful and welcome any comments you may have. Yours Sincerely, Danielle Carrel.

January 3, 2017

Phishing Example: FedEx Shipment Update
Dear Customer, We could not deliver your item. You can review and print complete details of shipping duty on your order. Thanks

December 14, 2016

Phishing Example: Important Announcement from Chancellor Dirks
Good Morning Berkeley Family, Please read attached for an important announcement from Chancellor Nicholas B. Dirks Thanks, Nicholas B. Dirks Chancellor 1 attachment: shared Document.pdf