Author: Leila Sharma

Google Chrome Updates for Desktop & Android Users

Leila Sharma

CISA (Cybersecurity and Infrastructure Security Agency) advises immediate application of the following Chrome browser updates as these vulnerabilities are currently being exploited.   Updating Chrome on Desktops: Google has released version 86.0.4240.183 for Windows, Mac & Linux desktops, which addresses multiple security vulnerabilities, including CVE- 2020 -16009,  CVE-2020-15999 & CVE-2020-17087.  Updating Chrome on Android Devices:  Additionally, […]

Update: MS Zerologon Vulnerability

Leila Sharma

As an update to the NYU IT Security News & Alerts post, Zerologon Vulnerability, Windows Admins Advised to Patch Now, Microsoft has issued a blog post advisory reinforcing the original guidance supplied due to the observance of continued exploit of the vulnerability tracked as CVE-2020-1472. Further CISA (Cybersecurity and Infrastructure Security Agency) reports that nation […]

Ryuk Ransomware Alert

Leila Sharma

As an update to the recent post, Educational Institutions Worldwide Are Experiencing a Spike in Ransomware Attacks, please be advised that the FBI and DHS (U.S. Department of Homeland Security) have issued a joint advisory, stating that Ryuk, a Russian cyber criminal gang, is preparing to release ransomware targeting those in the healthcare sector. We […]

(NCSAM Week 4): Email Spoofing

Leila Sharma

Email spoofing or forging is a scam in which malicious actors forge the sender’s email address in order to trick victims into taking some sort of action such as disclosing sensitive information or clicking on a malicious link or attachment. These imposter emails may target you individually or as part of a group, and may […]

(NCSAM Week 3) Passwords vs. Passphrases

Leila Sharma

What is a passphrase and why would you use it instead of a password? A passphrase is a phrase that is unique to your life, hence lengthy but easy to remember!  Length = strength. It has been shown that lengthier passphrases are harder to crack than shorter, more complex passwords. For more information, please see […]

(NCSAM Week 2) Safe Surfing: The Do’s & Don’ts of Public Wi-Fi

Leila Sharma

  Use of public Wi-Fi comes with inherent risks, and should be avoided if possible. Instead use your device’s data plan, hotspot, or if you must use public Wi-Fi, use a virtual private network (VPN) to encrypt your data.  A VPN will protect your data in transit and will make it impossible for anyone spying […]

(NCSAM Week 1) Tips for Handling “Scareware” – Fake Web Pop-Ups

Leila Sharma

Malicious software can take many forms: ransomware, worms, viruses, trojans, cryptocurrency mining code, keyloggers, spyware, rootkits and scareware. This post addresses scareware, and simple steps that you can take to safeguard your devices and data. Read on for more information, and be sure to check out the Security Awareness web page for National Cybersecurity Awareness […]

Welcome to National Cybersecurity Awareness Month 2020!

Leila Sharma

NCSAM presents an annual opportunity to bring cybersecurity top-of-mind with the reminder that cybersecurity awareness best practices and resources are available to help you defend against occurrences such as compromised data and devices, identity theft, monetary loss, reputational damage and more. Many cybersecurity best practices are easy to implement and the benefits cascade throughout our […]

Get Ready for a New NYU Login!

Leila Sharma

NYU IT is excited to announce that from October 8-10, NYU Login and the NYU Start page will be refreshed with a new mobile-friendly design, easier access to password reset and Multi-Factor Authentication (MFA)/Duo settings, with security and other enhancements.  No action is required on your part, but on October 8 and 9, please avoid […]

Zerologon Vulnerability, Windows Admins Advised to Patch Now

Leila Sharma

As part of the August 2020 Patch Tuesday security updates, Microsoft fixed a critical vulnerability in Windows Server systems, dubbed “Zerologon” and  tracked as CVE-2020-1472, “Netlogon Elevation of Privilege Vulnerability”, with a criticality score of 10/10. This vulnerability is being actively exploited and allows malicious actors to elevate their privileges to domain level administrator and […]