We have noted a recent uptick in Technical Support scams with scammers posing as MicroSoft or Apple Support. Users are either contacted directly by scammers, or receive a web pop-up or an onscreen recorded message asking them to “phone-in”, and are offered “assistance” (usually for a fee) with virus removal. The following is an example […]
The vulnerability announced earlier (please click here and here for more information) impacts not only Google Chrome but other browsers on the Windows platform. Please see the instructions below to check whether you have the newest release: Google Chrome Cisco WebEx Extension for Google Chrome version 1.0.7 was released on January 26, 2017 and contains […]
Cisco WebEx Extension for Google Chrome version 1.0.5 contains a fix for the vulnerability referenced in the following post: https://wp.nyu.edu/itsecurity/2017/01/24/security-flaw-in-cisco-webex-chrome-detected/ Google Chrome users can ensure that they are using the fixed version of the Cisco Webex extension for Google Chrome by taking the following steps: Go to Chrome, Preferences and you will be on the “Settings” page […]
Security Flaw in Cisco WebEx Chrome Detected Recently, a Google employee identified a critical vulnerability in the Cisco WebEx Chrome plugin that could affect NYU users. The flaw allows outside attackers to run unauthorized browser code and potentially expose computers to malware risk. Recommended action: Remove WebEx Chrome extension 1. Open Chrome 2. Click […]
The NYU IT Office of Information Security was recently made aware of a privacy issue relating to shared documents/folders in NYU Box. Please note that this NYU Box privacy issue has been corrected, but it may take some time for Google’s cached search results to update and for the correction to be reflected. The issue: […]
Please be aware of the following phishing attempt purporting to be from NYU Google Drive: Although the embedded link contains familiar elements, please be reminded of the following: Hover over embedded links to see (at the bottom left of your screen) where the link will take you if clicked. In this instance, the link is […]
We have received reports of ransomware that is being distributed via an Excel attachment to an e-mail message. This specific ransomware is a variant of Locky and has been dubbed Osiris as it encrypts files with a .osiris extension. For more information on Locky please click here and here. Please be on the look-out for […]
Researchers at Checkpoint, Inc. have found a family of malware which, when installed on vulnerable Android OS version 4 (Ice Cream Sandwich, Jelly Bean, and KitKat) and version 5 (Lollipop) gives the hacker full control of the device. Then it steals Google credentials to give the hackers access to all Google apps. The malware can […]
Please be advised that portions of the internet are currently under a denial of service attack, and may be unavailable. This includes at least NYU Box. Box and many other Internet services are working on controlling this attack and making their services available. To see which NYU services are impacted, and to monitor service status, […]
Please be advised of the following phishing message: Please be reminded of the importance of hovering over each link in an email message and confirming where a link will direct you before clicking it. Although the first link in this message appears as: https://shibboleth.nyu.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=a14tjdxg5d4av4qfd9m4o1cf?execution=e1s1 and has known and familiar elements, it is spoofed. When you […]