Users of all supported Macs and other Apple devices, are advised to update all devices in order to patch a spyware zero day vulnerability that’s being actively exploited. Please update as follows: Macs running Ventura (version 13) => 13.2.1 Macs running Big Sur (version 11) and Monterey Version (version 12), get an update dubbed […]
The FBI has issued a warning that malicious actors are using search engine ad services to impersonate brands and direct victims to malicious sites in attempts to steal credentials and infect devices with malware such as ransomware or spyware. How it works: When a user searches for a business or financial institution, ads will appear […]
We have received reports of access requests being made by individuals from outside of NYU, for NYU Drive documents. With respect to these types of requests, please be reminded not to share your NYU Drive content unless the specific request you receive is expected or unless you have contacted the requesting party via a trusted […]
Please be aware of the following spear phishing (targeted) phishing email, which was purportedly sent from a staff member in NYU Abu Dhabi to a faculty member at another University. This very credible looking phish attempts to trick the recipient with the promise of an unusually large honorarium coupled with a request for banking details […]
As rumors swirl about the possibility of Twitter requiring a $19.99 per month subscription to retain the checkmark, which denotes a verified account, scammers have seized the moment, and have sent out spoofed messages purporting to be from Twitter. These messages offer the possibility of keeping the checkmark for free, in exchange for personal information. […]
There is new malware that’s exploiting a known remote code execution vulnerability (RCE), in VMware Workspace One Access and Identify Manager. This vulnerability is tracked as CVE-2022-22954, and has a severity score of 9.8/10. This flaw, along with a host of other vulnerabilities, was patched in April and is currently being exploited to spread ransomware […]
CSAM (Cybersecurity Awareness Month) is an opportune time to remind community members of available information security training, which includes recommending NYU faculty and staff (NYU-US) complete their annual baseline/foundational training on NYU’s Cybersecurity Awareness Training platform (powered by KnowBe4). The 2022 baseline training includes two modules: Security Awareness Foundations, which is an interactive training module […]
The 2nd week of CSAM focuses on the mounting cyber threats in Higher Ed, understanding these threats, and what you can do to avoid them. While cyber attacks have increased in every sector, they’ve risen precipitously in Higher Education. Scammers are very interested in both the amount of data and the types […]
Welcome to CSAM 2022 (Cybersecurity Awareness Month)! As you know, cybersecurity threats are top-of-mind for many organizations, individuals and nation-states. CSAM is a great opportunity to refresh your cyber smarts, receive new cyber recommendations, and gain new insights. We invite you to explore the following resources, and help #KeepNYUCyberSecure. NEW! Have you had a chance […]
Please be advised that we have received new reports of gift card scams, which are being delivered via SMS text message. Please see the examples below. All identifying information has been removed from the messages Be skeptical of all messages asking you to purchase gift cards. Scammers will seek the codes as part of what […]