Security Alerts
January 22, 2018 EMAIL PHISHING ALERT: RISK Medium - Phishing email originating from Office of the Provost
A new phishing attempt containing instructions to forward attached reports and designed to look like it originated from Janice Deakin and the Office of the Provost was discovered by WTS and has since been intercepted. (Read full entry)
January 5, 2018 INFORMATION SECURITY ALERT: RISK MEDIUM - Spectre and Meltdown
Two new serious vulnerabilities have been discovered which have wide ranging effect. These vulnerabilities are called Spectre and Meltdown. The media has been sensationalizing some of the coverage around these vulnerabilities. These vulnerabilities may expose many systems. Still, and to be clear these vulnerabilities are quite serious but the sky is not falling .. at least not yet (meaning the risk is still pretty hard to realize). (Read full entry)
November 29, 2017 INFORMATION SECURITY ALERT: RISK Medium - Mac OSX High Sierra 10.13 and Greater Vulnerability
Recently Apple introduced its operating system “High Sierra” which does not set by default a password for the highest privilege account “root”. As a consequence, there is a root login vulnerability in macOS High Sierra. Apple is aware of this as the vulnerability was actually discussed it on their Developer Forum (as a solution to another problem) (Read full entry)
October 20, 2017 INFORMATION SECURITY ALERT: RISK Very Low - KRACK (Key Reinstallation Attack)
In recent weeks security researchers announced a newly discovered vulnerability dubbed KRACK (Key Reinstallation Attack), which affects several common security protocols for Wi-Fi, including WPA (Wireless Protected Access) and WPA2. This vulnerability likely affects billions of devices globally. While concerning and though receiving overblown media coverage it is important to keep things in perspective. (Read full entry)
June 28, 2017 INFORMATION SECURITY ALERT: RISK Moderate - Petya Global Ransomware Alert
A large-scale ransomware attack reported to be caused by a variant of the Petya ransomware is currently hitting various users, particularly in Europe. This variant, which Trend Micro already detects as RANSOM_PETYA.SMA, is known to use both the EternalBlue exploit and the PsExec tool as infection vectors. (Read full entry)
Published on and maintained in Cascade CMS.
