A vulnerability in CISCO WebEx browser extensions for Google Chrome and Mozilla Firefox has been identified. Specifically, the vulnerability affects browser extensions for: Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx meetings when running on MS Windows. There are no workarounds which address this […]
NYU IT has been notified by Homeland Security about an emerging ransomware email threat (a new strand of Petya) occurring in many countries around the world, and NYU’s Office of Information Security is actively monitoring for any impact at NYU. Ransomware is a type of malicious software that infects a computer and restricts users’ access […]
There has been a recent uptick noted in the delivery of phishing via SMS text messages (a/k/a “SMiShing”) in the form “URL padding” or the front loading of a web address of a malicious site with a legitimate domain name. The goal of these attacks is credential stealing as users are prompted to enter their […]
Update #2: May 15, 2017 Ransomware worm that takes advantage of a vulnerability in the Windows operating system remains a threat. Please see the below PDF for a copy of an urgent security alert message from NYU CIO Len Peters. This message, relating to steps you should take to protect the data on Windows computers from the […]
Please be advised of a widely spreading Dropbox themed phishing campaign, the goal of which is to steal credentials. The subject line of these spam messages references a purchase order number, an invoice, or simply requests that recipients open an attachment. Once the attachment is opened, users may receive the following: Users who […]
Please be advised that Microsoft plans to release an update for a critical Word flaw today, as part of Patch Tuesday. It is recommended that this patch is applied as soon as it becomes available. This vulnerability allows the installation of malware, in this case a banking trojan dubbed Dridex, when a target/user opens a […]
New legislation allowing ISPs (Internet Service Providers) to sell browsing history has contributed to a rise in VPN (Virtual Private Network) scams as VPN is an option which affords users the ability to retain their online privacy. For example, current and former Plex and Boxee users may receive the following VPN scam messages: Please be […]
A hacking group called the Turkish Crime Family informed Business Insider that it possesses approximately 600 million iCloud passwords, and that they plan to reset user accounts on April 7th. Please note that Apple denies that there has been a breach of their their systems including iCloud and Apple ID. It appears the information may […]
Due to a vulnerability, all Mac OSX users should update their Pharos Uniprint software to version 9.0.8 asap. Pharos software is used to manage remote printing, and if you run Mac OSX and print to NYU IT facilities or other facilities which utilize Pharos, you will need to update. If in doubt, please see the […]
Please be advised that the following email, purporting to come from NYU HR, is a phishing attempt. Please do not click on the embedded link or reply to the message. Please note the following: HR@nyu.edu is not a legitimate NYU email address. Even though the embedded link contains a recognizable element “shibboleth.nyu”, please be reminded […]