Recent News Articles
What to Do
Never approve an authentication request for DUO that you did not initiate.
Endpoint Detection and Response product SentinelOne, will be retired on May 31st, 2022.
This product has been replaced with FireEye Endpoint Security (FES). Any asset that has SentinelOne installed will need to be uninstalled and replaced with FES.
After May 31st
- You will no longer have the ability to access the SentinelOne console to manage your SentinelOne assets.
- Assets with SentinelOne installed will no longer be protected or receive updates
UCLA Information Security Office is aware of UCLA students being targeted by fake job offer scams. Please read our recent Security Advisory regarding
Job Opportunity Scams at UCLA - Department of Computer Science.
Recently UCLA has seen a significant increase in the volume of “impersonation” email campaigns affecting the campus community. These email campaigns rely on social engineering tactics and generally involve the creation of a Gmail account with a very similar email address to a senior UCLA executive in a deception attempt to coerce the recipient into a response.
UCLA has recently learned that some members of the UCLA community are receiving emails from financial institutions named Chime and Go2Bank. These emails may come in different forms and under a variety of subject lines. Some of the identified subject lines are:
Please be advised of a critical, zero-day exploit, termed PrintNightmare, discovered in the Windows Print Spooler service that can result in privilege escalation and remote code execution when exploited. This can result in the full compromise of a system, and if leveraged against a domain controller, can be used to take control of the entire domain and propagate malware throughout the network.
Microsoft has released additional security patches related to Microsoft Exchange Server 2013, 2016, and 2019. These patches address additional vulnerabilities which could also allow remote code execution. Please see the updated Microsoft Tech Community article for more information.
---
The Internal Revenue Service (IRS) has issued warning of an ongoing IRS-impersonation scam targeting educational institutes, primarily students/staff who have a “.edu” email address. The phishing email appears to target individuals affiliated with education in all formats including public and private, profit and non-profit institutions.
Committee: UCLA Cyber-Risk and Data Privacy Governance Committee
Chair: Cyber-Risk Responsible Executive
Executive Leader: Administrative Vice-Chancellor and Cyber-Risk Responsible Executive Michael Beck
As we focus on research around COVID-19, cybercriminals are focused on targeting researchers. The newest attack involves a fraudulent request for an interview with a well-known New Yorker columnist, Atul Gawande. From early reports, after initial contact, it seems the cybercriminals start a back and forth communication with anyone who responds. The attacker may even set up a phone conversation but ultimately, they send a malicious Microsoft Teams-like link.