Email Impersonation Security provides a stronger layer of cybersecurity for messages and automated notifications sent to NYU Email. Any email that doesn’t meet NYU’s cybersecurity standards is flagged as a risk in the recipient’s NYU Email inbox so they know to be cautious about it or to just delete the message. In support of this […]
Apple has released iOS 14.5 for mobile devices, which includes a new privacy tracking tool called App Tracking Transparency, which provides more visibility and control around how your data is shared by apps you use. This tool addresses the behavior of the embedded trackers inside many of your apps that routinely gather information to target […]
For an update on the recent APT nation state attack that compromised Solarwinds, please see the following INFOSEC article, Cybersecurity Weekly: New SolarWinds backdoor found, affects MicroSoft & VMWare. CISA (The Cybersecurity & Infrastructure Security Agency) has also issued: CISA Insights: What Every Leader Needs to Know About The Ongoing APT Cyber Activity and has […]
As an update to the NYU IT Security News & Alerts post, Zerologon Vulnerability, Windows Admins Advised to Patch Now, Microsoft has issued a blog post advisory reinforcing the original guidance supplied due to the observance of continued exploit of the vulnerability tracked as CVE-2020-1472. Further CISA (Cybersecurity and Infrastructure Security Agency) reports that nation […]
NYU IT is excited to announce that from October 8-10, NYU Login and the NYU Start page will be refreshed with a new mobile-friendly design, easier access to password reset and Multi-Factor Authentication (MFA)/Duo settings, with security and other enhancements. No action is required on your part, but on October 8 and 9, please avoid […]
Dark Basin is a “hack-for-hire” group that has targeted individuals and institutions globally, including American non-profits. Dark Basin has been found to have likely conducted commercial espionage against those involved in advocacy, criminal cases, public events, financial transactions and news stories. Notably, Dark Basin sends phishing emails that are often impersonation attempts to the personal […]
On February 22nd, The Wall Street Journal (“WSJ”) reported that 11 iOS and Android apps were purportedly sharing sensitive data with Facebook in apparent violation of Facebook’s own policies.The WSJ further reported that tests showed that the Facebook collects data from numerous apps within seconds of data entry by the user. This appears to be […]
Facebook has updated the location controls for Android devices to give users an additional option, offering similar options to those available on iOs devices. Prior to this update, if you shared Facebook location information on an Android device, your location information would be shared even when not using the app. Android users will now have […]
As a Data Privacy Day related advisory, please be reminded of the importance of protecting your personal and sensitive data by keeping operating systems and applications up to date on all of your devices. Devices running outdated operating systems or applications are commonly targeted by malicious actors seeking to exploit known security bugs and loopholes in […]
Please be advised that the Office of information Security (“OIS”) has seen a recent uptick in imposter scams. As an update to our posts on imposter scams and gift card scams (which are a type of imposter scam), please be on the alert and note the following 3 recent examples of these types of scams: […]