News

There has been a recent spate of email messages to campus containing the Locky ransomware virus in file attachments. The format of the message content is very similar.

Highly critical remote code execution vulnerabilities have been announced by the Drupal security team for the third-party modules RESTWS, Coder, and Webform Multiple File Upload. Open Berkeley Drupal sites are NOT affected.

Multiple, critical vulnerabilities have been discovered in Symantec products including Symantec Endpoint Protection (SEP), an anti-virus product previously licensed and distributed on campus. Users are advised to remove or upgrade affected Symantec products.

Apple has announced that it will no longer support Quicktime on Windows. All users are advised to remove Quicktime on Windows machines as there are multiple zero-day, remote code execution vulnerabilities that Apple has announced they will not be patching.

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild. Please refer to APSA16-02 for additional details.

Another targeted phishing message, this one has been spoofed to appear to come from the Office of the Registrar.

Several people on campus reported this targeted phishing message concerning access to bCourses. The message was signed by a fictitious member of the Security department.

ISP has enabled Google Analytics so that we can better learn how people use our website. As a result, our privacy policy has been updated.

Multiple Vulnerabilities have been discovered in ImageMagick, an open-source software library for displaying, converting, and editing a wide range of image types. Attackers may be able to execute arbitrary code remotely by exploiting this vulnerability.

Information Security and Policy has received confirmed reports of recent attempts to deliver the "Locky" family of Ransomware via malicious email attachments. Campus users are advised to be vigilant as Ransomware like Locky can be extremely destructive. Please review the full security alert for guidance.

This is an example of how phishing messages can be made to look like they are from a legitimate business, such as PayPal. However, poor grammar and other indicators make this an easy phish to spot.

A phishing message purporting to be from the International Rescue Committee regarding IT maintenance has been circulating on campus. The message requests that the recipient upgrade their mailbox size by selecting a link that redirects to a malicious website.

An email message purporting to be from Apple Support, requesting that the recipient verify their account information, has been seen in several variations on campus.

Adobe has released security updates for Adobe Flash Player that addresses multiple, critical vulnerabilities that could allow an attacker to take control of an affected system. Microsoft has released an out-of-band patch for Adobe Flash Player when on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.

This phish is an example of how poorly most culprits have taken steps to disguise the message - it is often the case that phishing messages are originally drafted for another school or school district.

The OpenSSL development team published a security advisory regarding high-impact TLS/SSL vulnerabilities, which could allow an attacker to decrypt TLS sessions by using a server supporting legacy ciphers (CVE-2016-0800).

Another example of a common ploy to trick the recipient into clicking a link to a malicious website by claiming access to ITunes has been disabled.