Category: Alerts

The Most Effective Measure You Can Take to Protect Your Computer, Phone & Other Devices – Update!

Leila Sharma

The Cybersecurity & Infrastructure Agency (“CISA”) has named updating or patching the most effective measure that individuals can take to safeguard their devices (see CISA Security Tip, Understanding Patches and Software Updates). In addition to functional enhancements and fixing bugs, updates/patches address product security vulnerabilities that are possibly being exploited now, and may continue to be […]

An Update for NYU Users of Cisco Jabber

Leila Sharma

NYU community members: Please be advised that an update is available for your Windows and Mac installations of Cisco Jabber. The update addresses the flaw noted in the following NYU IT Security News and Alerts blog post, Jabber IM Client for Windows has a Critical Flaw; Update Now. Please note that although Mac installations are […]

Jabber IM Client for Windows Has a Critical Flaw; Update Now

Leila Sharma

Please be advised of an exploit requiring no user interaction, which affects Cisco Jabber for Windows in which XMPP messaging services are enabled. Systems using Cisco Jabber in phone-only mode (without XMPP messaging services enabled) are not vulnerable to the exploit and Cisco additionally advises that the vulnerability is not a threat when Cisco Jabber […]

Customer Service Imposter Scams

Leila Sharma

The Federal Trade commission (“FTC”) has issued an advisory on a new type of imposter scam, which involves scammers posing as members of customer service departments of well known companies. Please be advised that If you do an online search for a customer service number, the information displaying at the top of your search results […]

Extortion Tactics Used in Fake Ransom Campaigns Targeting Website Owners

Leila Sharma

Website owners are being targeted with extortion attempts seeking bitcoin payment 0f $1,500 – $3,000 in order to avoid having their sites’ databases leaked or sold. These messages also threaten to: email all associates and customers in an effort to inflict reputational damage.  de-index sites from search engines using Black Hat SEO (Search Engine Optimization) […]

FTC Warns of COVID-19 Phishing Scams Targeting Students

Leila Sharma

The FTC has issued an alert about a phishing email message targeting students, which purports to come from the University Office of Financial Aid. These messages attempt to trick students into clicking an embedded malicious link related to a COVID-19 stimulus payment. The goal of this phishing campaign appears to be credential theft as the […]

Scammers are Targeting Teleworking Employees with Fraudulent Termination and VTC Phishing Messages

Leila Sharma

Scammers are using the COVID-19 pandemic to target teleworking employees with phishing termination emails and VTC (virtual teleconference) invitations. These messages cite COVID-19 as the reason for termination, and attempt to trick victims into clicking on embedded malicious links that purportedly provide more information on online conferences related to their termination or information on their […]

Zero-click Vulnerability in Samsung Phones; Update Now

Leila Sharma

A critical vulnerability has been discovered in Samsung mobile phones, which requires no user interaction, and impacts Samsung mobile phones running Android version 4.4.4 or later (which is in phones sold from 2014 onward). This vulnerability has been patched and users are advised to update now. If exploited, this vulnerability could allow a malicious actor […]

Protecting Yourself from COVID-19 Related Scams

Leila Sharma

There are currently numerous reports of targeted phishing attempts, a/k/a  spear phishing, which seek to exploit anxieties around the COVID-19 outbreak. Phishing may take place over email, phone calls, SMS text messages, social media updates, and web pop-ups. Scammers will likely use familiar/expected language and branding to make their messages appear legitimate. These phishing messages […]

COVID-19 Scams Update

Leila Sharma

Please be advised that scammers seeking to steal your sensitive information or your stimulus relief may pose as Treasury, IRS or CDC officials and may request confirmation of your personal identifying information (PII) in connection with an update or the receipt of your benefits. These communications are commonly delivered via phone calls (robocalls and person […]