Trend Micro has found two critical flaws (heap corruption remote code execution vulnerabilities) in Apple’s PC version of QuickTime that could allow hackers to take over computers. Rather than putting out a fix, Apple recently advised that it will no longer support QuickTime for Windows, and provided the following instructions for removal: https://support.apple.com/en-us/HT205771 The U.S. […]
Badlock is a recently-announced security bug in Windows and Samba. Though few details have been released, it is thought to affect Server Message Block (SMB), the protocol used to read and write files over a local network. Please note that machines running Linux and OS X may provide services through Samba. Staff that administer those […]
Locky ransomware is now spreading via JavaScript (.js) attachments/executable files, which are attached to email messages in .zip files. The following are examples of messages you may receive (click images to enlarge): When the .js file is clicked, Locky will begin to install and encrypt files with certain file extensions, including unmapped network shares. It […]
Please be advised that NYU does not sponsor unannounced surveys. If you have any questions about the legitimacy of a communication you receive, please do not reply to the communication or click any embedded links or options. Instead, please contact security@nyu.edu Adware can have the following characteristics: Deceptive and full of malware that will install […]
We have noticed an increase in phishing messages from file sharing services. Since the messages associated with legitimate file sharing can be brief, it may make these phishing attempts more challenging to recognize. We’d like to share the following phishing examples. *Please click any image to enlarge. Example #1 (claiming to be from an NYU […]
A recently announced attack known as DROWN (Decrypting RSA using Obsolete Weakened eNcryption) exploits SSL/TLS vulnerabilities. DROWN is an attack that allows decryption of intercepted data and can also allow man-in-the middle attacks. Vulnerable systems include: Servers that support SSLv2 – allows for a cross-protocol attack whereby an attacker could decrypt TLS sessions between clients […]
Ransomware dubbed “Locky” is spreading via email, in the form of a Word file attached to e-mail messages. Locky email is translated to various languages and localized by region. E-mails with this type of ransomware may look something like (*click images to enlarge): Once the Word attachment is opened, users see scrambled content and […]
A number of people have reported receiving the phishing message below, with the subject “New NYU Spam Security Check”. This message is fraudulent, and included a link to a compromised site. If you haven’t clicked, then you can mark the message as Spam by clicking the button at the top of the NYU Email window. […]
NYU has seen several recent scams that involve obtaining an employee’s NetID and password, which are then used by the scammer to alter the employee’s Direct Deposit information, resulting in the employee’s paychecks being re-directed to the scammers’ bank accounts. We want you to be aware of these scams, what we are doing to protect […]
In recent days, a high number of spear phishing attacks have been targeted at NYU accounts. Spear phishing is different from generic phishing where an attacker seeks credentials within a specific domain or organization, typically to gain access to organizational resources such as LexisNexis and other paid subscription services, or confidential data. Spear phishing, as […]