A hacking group called the Turkish Crime Family informed Business Insider that it possesses approximately 600 million iCloud passwords, and that they plan to reset user accounts on April 7th. Please note that Apple denies that there has been a breach of their their systems including iCloud and Apple ID. It appears the information may have been obtained from previously compromised third party services. If an Apple account holder uses the same password across multiple services, there’s a likelihood that their iCloud password is already publicly available.
Confirm that all passwords in use are unique. Do not reuse passwords. Use long (12+ characters) and strong (letters, numbers & special characters) passwords. For password best practices recommendations, click here.
Due to a vulnerability, all Mac OSX users should update their Pharos Uniprint software to version 9.0.8 asap. Pharos software is used to manage remote printing, and if you run Mac OSX and print to NYU IT facilities or other facilities which utilize Pharos, you will need to update. If in doubt, please see the following KBase article on Print Station locations.
The vulnerability addressed by the update allows a hacker to send a malicious packet to a machine running the software and the malicious packet could result in buffer overflow and thereby give root access to the hacker. In other words, the hacker could remotely attack your machine and take control of it.
Pharos software may be updated directly from the NYU IT Licensed Software page (see the “NYU Print Service” section) or from the vendor support page. For first time installers, please install from the NYU IT Licensed Software page as an initial install from this location installs the needed components and the printer object. A version update can be successfully accomplished via the NYU IT Licensed Software page or the vendor support page.
Please be advised that the following email, purporting to come from NYU HR, is a phishing attempt. Please do not click on the embedded link or reply to the message.
Please note the following:
HR@nyu.edu is not a legitimate NYU email address.
Even though the embedded link contains a recognizable element “shibboleth.nyu”, please be reminded that you are looking for https://shibboleth.nyu.edu. Other variants indicate a malicious link.
With email that does appear to come from a legitimate email address, you can always confirm the sender’s actual email address by hovering over the email address in the received message. If there is a discrepancy, the email is forged.
If you received this message and clicked on the embedded link and supplied your credentials at the spoofed login prompt, please take the following steps:
We have noted a recent uptick in Technical Support scams with scammers posing as MicroSoft or Apple Support. Users are either contacted directly by scammers, or receive a web pop-up or an onscreen recorded message asking them to “phone-in”, and are offered “assistance” (usually for a fee) with virus removal.
The following is an example of a Mac web pop-up scam that may appear as users search the internet. These pop-ups are often not easy to close, and it’s not advisable to click pop-up elements. To close a suspicious pop-up, we recommend that you exit the browser. It may be necessary to use Ctrl+Alt+Delete to force quit your browser or restart your computer.
The following is an example an Apple browser scam:
Please note that Microsoft states that their error and warning messages never include a phone number, and both MicroSoft and Apple will never proactively reach out to you to provide unsolicited support.
The goals of support scammers may include:
Obtaining credit card information in connection with phony services, which may involve directing you to fraudulent websites.
An attempt to gain access to your device remotely by asking you to visit legitimate websites, such as www.ammyy.com and download software that will allow a scammer to take control of your device. Once control of your device has been obtained, a scammer may seek confidential information or adjust your settings to leave your computer vulnerable.
Tricking you into installing malware (a/k/a malicious software) to capture keystrokes and other sensitive data.
Never give your credit card information or other sensitive information to anyone claiming to be from Apple or MicroSoft support. Instead, note the caller’s name, and any other identifying information so that you may report it to the local authorities.
Never allow another party to take control of your device unless you can confirm that the caller is a legitimate representative of a support team with whom you are a customer or supported user.
Be wary of installing software based on the recommendation of purported Tech Support, as the software will likely come with malware.
Scan your computer with Symantec antivirus software, which will protect you by screening out known malware. You can find the link to download antivirus software (Symantec Endpoint Protection) on Global Home’s Antivirus and Malware Protection card. On classic NYU Home, click the Ask NYU IT button. A link to download Symantec Endpoint Protection is located in the “Software” section.
If you provided account credentials or suspect that your credentials may have been compromised, please immediately reset your passwords using long/strong, and unique passwords of 12+ characters for all accounts. For instructions on changing your NYU credentials, please see Changing your NetId/NYU Home password.
If working on campus, you can report the incident to the NYU IT Service Desk at 212.998.3333 or firstname.lastname@example.org. The ITSD will work with the OIS to ensure all necessary steps have been taken to protect/secure your device.
If working off campus, scan your device using Symantec antivirus software (see user recommendations above).
Our mobile devices are rich with our personal information – contacts, photos, videos, location data, and other sensitive information. The following are tips and recommendations to safeguard your devices and information when you’re “on the go”!
Consider using temporary devices such as a prepaid cell phone. If traveling on business, consider using a clean inexpensive laptop or a ”loaner” laptop. If you opt to take your personal devices with you, remove confidential, restricted and protected data.
If traveling to a U.S.-sanctioned country or taking university-owned equipment abroad, please view NYU’s Export Compliance site for guidance.
Make sure that your mobile phone has a device finder/manager, and that it has remote wipe capabilities and you know how to perform a remote wipe.
Ensure that all devices with and operating system and applications are fully updated and patched prior to your departure.
Make copies of travel documents and credit cards you plan to use. Leave copies with a family member or friend in case the items get lost or stolen.
Wait until you’re home to post details about your trip on social media. Announcements made beforehand or while traveling can make you a target for theft.
Access NYU-NET via VPN whenever possible for a secure encrypted connection. For more information about VPN, including locations in which it is offered, click here. Please note that VPN usage is prohibited in Sudan, Syria and North Korea, absent authorization from the U.S. Government.
Protect all devices and identity documents. If possible, keep your devices with you at all times. Don’t assume they’ll be protected in a hotel safe or in your hotel room.
Only use an ATM if you have no other option. Instead, work with a teller during bank operating hours. If you must use an ATM, check for skimming devices, and attempt to securely enter your PIN, by covering or shielding the keypad as you type.
Protect your devices with strong passwords/passcodes or touch id. For password tips and recommendations, please click here.
Disable Wi-Fi and bluetooth when not in use to prevent auto-connection to open networks or other devices.
Be wary of OTA (“over-the-air”) updating of mobile devices, as updates may come with malware.
Be wary of computers in public areas, such as hotels, conference centers and cyber cafes. If you use such a device, do not log into email or other sensitive accounts. Public devices may be loaded with keystroke loggers and other malware.
Be alert to scams targeting hotel guests. If you should receive a call about a problem with your credit card, do not provide your card number to the caller over the phone. Instead, visit the hotel front desk.
When you return from travel:
Change any passwords that you may have used abroad.
Run full antivirus scan on your devices.
Review your credit card statements to confirm there are no discrepancies.
If you downloaded any apps specifically for your trip, remove them.
Did you know that Social Engineering is a common attack type that targets end users? Learn how to identify these types of attacks by watching the 3 minute and 27 second video from SANS on social engineering. This video will be available throughout the month of March.
For more information on social engineering, click here and here.