Chrome 72, which is available now from the Chrome menu via Chrome, About Google Chrome (will auto update when accessed) fixes 58 CVE flaws (Common Vulnerabilities and Exposures, a catalog of known security threats sponsored by the U.S. Department of Homeland Security), 17 of which are rated ‘high severity’ and 1 of which is rated […]
Please be advised that a snooping bug has been found in Apple’s FaceTime App. The bug exists in the apps Group Facetime feature and is triggered when someone makes a call using FaceTime and uses the “Add Person” option when the dialed number begins to ring to add themselves. Once the caller adds him/herself, a […]
As a Data Privacy Day related advisory, please be reminded of the importance of protecting your personal and sensitive data by keeping operating systems and applications up to date on all of your devices. Devices running outdated operating systems or applications are commonly targeted by malicious actors seeking to exploit known security bugs and loopholes in […]
Data Privacy Day (“DPD”) is held annually on January 28th and is an international effort to create awareness around the importance of respecting privacy, safeguarding data and enabling trust. This year, DPD will spotlight the value of information. If you are seeking to better manage your privacy and how your data is collected and shared, […]
A recent phishing email, which is a variation of the “Nigerian Prince” scam, a fund transfer fraud, states that the sender is undergoing treatment for cancer and that her late husband has left her millions of dollars that need to be issued to another person to avoid confiscation. The sender further states that she wants […]
Please be advised that the Office of information Security (“OIS”) has seen a recent uptick in imposter scams. As an update to our posts on imposter scams and gift card scams (which are a type of imposter scam), please be on the alert and note the following 3 recent examples of these types of scams: […]
Please note that NYU IT has replaced two data-centric policies (Data Classification Table and Reference for Data and System Classification) with the new Electronic Data and System Risk Classification Policy, which incorporates necessary General Data Protection Regulation (“GDPR”) data-centric information. Please consult this policy for information on how NYU classifies information assets into risk based […]
As an update to our 12/05/18 post on the Marriott breach, please be advised that Marriott has provided an update on this security incident, which details the number of guests, passport numbers and payment cards impacted by the breach as well as guest monitoring/support resources. Marriott states that they will be putting a mechanism in […]
The US-CERT (United States Computer Emergency Readiness Team) has issued an advisory respecting two vulnerabilities found in Microsoft Windows and Windows Server. Successful exploitation of either vulnerability could allow a remote actor to take control of an affected system. Microsoft has patched both of these vulnerabilities via the January Patch Tuesday update and it is […]
Please be advised of a Netflix phishing scam warning that “Your account is on hold” and asking you to update your payment information via an embedded “Update Account Now” link. The following is a sample of this phishing message. Please be reminded: that an email from a familiar company requesting credential input or an update […]