Recent News Articles

Microsoft 'Follina' Zero-Day Vulnerability

Add an Image or Video

UPDATE 6/14/2022

Microsoft has released a patch for this vulnerability as part of their June 2022 Patch Tuesday release. The patch is available via Windows Update or by visiting https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30190.

JOB POSITION!

We urgently require the services of students to fill the position of Research assistants on a part time basis and get paid $350 weekly. The position can be served remotely and materials needed to work with will be provided by the department .

Internship UCLA

Review following security advisories related to recent job scams at UCLA and stay secure.

Alert: Cybersecurity attacks using DUO

Please be aware, that we have received reports of a recent cybersecurity attack targeting email and mobile devices that requests an individual to accept DUO for multi-factor authentication.

What to Do

Never approve an authentication request for DUO that you did not initiate.

SentinelOne product retirement announcement

Endpoint Detection and Response product SentinelOne, will be retired on May 31st, 2022.

This product has been replaced with FireEye Endpoint Security (FES). Any asset that has SentinelOne installed will need to be uninstalled and replaced with FES.

After May 31st

You will no longer have the ability to access the SentinelOne console to manage your SentinelOne assets.
Assets with SentinelOne installed will no longer be protected or receive updates

Paycheck

Avoid mobile deposit scams.

[BruinTech] fyi - Critical vulnerability with Google Chrome and Chromium based browsers

Hello all,

We'd like to raise awareness about a serious vulnerability with Google Chrome and Chromium based browsers such as Microsoft Edge. Please see the details below.

In short, all affected users need to update and restart the browser to resolve the vulnerability.

Please contact us with any questions or requests for assistance.

Regards,

Jason Chambers - on behalf of the VMP Team
UCLA Information Security

Final Report for ...

Spear phishing attempt is a carefully crafted personalized email that is usually sent with an attachment or requests a response. The fraudster then tries to entice the recipient to open the infected attachment or respond with personal information.

‘Are you busy?’, “Hi,” or “Urgent”. E-mail Scam

We have reports from faculty and staff who have been recipients of a new twist on an old e-mail scam. These phishing scams often come from a non-UCLA email address with poor spelling/grammar.

Avoid Package Delivery Scams

You should never click a link or call back the number from an unexpected delivery notice.

Job Scams at UCLA

UCLA Information Security Office is aware of UCLA students being targeted by fake job offer scams. Please read our recent Security Advisory regarding

Job Opportunity Scams at UCLA - Department of Computer Science.

Job Opportunity Scams at UCLA - Department of Computer Science

UCLA Information Security Office is aware of UCLA students being targeted by fake job offer scams.

Critical Vulnerability (CVE-2021-44228, CVE-2021-45046) in Apache log4j Library

UPDATE 12/18/21 The Apache Software Foundation has updated their guidance on fully mitigating the log4j vulnerability and now recommend 2.17.0 as their most secure release.

Impersonation email campaign: Send me your available cell number

Recently UCLA has seen a significant increase in the volume of “impersonation” email campaigns affecting the campus community. These email campaigns rely on social engineering tactics and generally involve the creation of a Gmail account with a very similar email address to a senior UCLA executive in a deception attempt to coerce the recipient into a response.

Chime/Go2Bank solicitations for new bank accounts

FRAUD ALERT: Chime/Go2Bank solicitations for new bank accounts

UCLA has recently learned that some members of the UCLA community are receiving emails from financial institutions named Chime and Go2Bank. These emails may come in different forms and under a variety of subject lines. Some of the identified subject lines are:

Sophos Antivirus retiring on Oct. 28, 2021

UCLA will retire the Sophos Antivirus product for campus on 10/28/21. Learn what to do before then, to keep yourself protected.

Microsoft Windows Zero-Day Exploit - PrintNightmare

Please be advised of a critical, zero-day exploit, termed PrintNightmare, discovered in the Windows Print Spooler service that can result in privilege escalation and remote code execution when exploited. This can result in the full compromise of a system, and if leveraged against a domain controller, can be used to take control of the entire domain and propagate malware throughout the network.

Protecting Your Identity in Light of the Accellion Security Incident at UCOP

On December 24, 2020, UC’s Accellion File Transfer Appliance (FTA) was the target of an international attack. UC data was accessed without authorization and some of this data was posted on the Internet.

PATCH NOW: Microsoft On-Premise Exchange RCE Vulnerabilities

Update: 4/13/21

Microsoft has released additional security patches related to Microsoft Exchange Server 2013, 2016, and 2019. These patches address additional vulnerabilities which could also allow remote code execution. Please see the updated Microsoft Tech Community article for more information.

---

IRS Warning of Impersonation Attacks Targeting Universities

The Internal Revenue Service (IRS) has issued warning of an ongoing IRS-impersonation scam targeting educational institutes, primarily students/staff who have a “.edu” email address. The phishing email appears to target individuals affiliated with education in all formats including public and private, profit and non-profit institutions.