Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
183 Results
Don't be the catch of the day
The link to the quiz is at the end of the article. Everyone who passes during July is entered to win one of six grand prizes!
Jun 2023: New Top-Level Domains Increase Phishing Risk
Threat Alert: What to Watch For Google has introduced eight new top-level domains (TLDs), the equivalents of “.com”, that websites can use. Among these new TLDs are “.zip” and “.mov”.
Critical Vulnerability in miniOrange's Social Login and Register Plugin for WordPress
WordPress released a security update to address a Critical vulnerability in miniOrange's Social Login and Register plugin for WordPress. Exploitation of this vulnerability could allow an unauthenticated attacker to gain access to any account on a site including accounts used to administer the site, if the attacker knows, or can find, the associated email address.
Nov 2022: Hundreds of U.S. News Sites Compromised to Deliver Fake Browser Updates
Threat Alert: What to Watch For Cybercriminals have compromised an undisclosed media company that provides video content and advertising to hundreds of news outlets across the United States. Authentic-looking browser update alerts appear on the impacted news websites.
Enterprise Portfolio Management
The Enterprise Portfolio Management (EPM) domain serves as a centralized authority responsible for assisting in evaluating, prioritizing, and selecting projects and initiatives that align with the organization's strategic objectives. It establishes a framework for evaluating project proposals, assessing their potential risks and benefits, and determining their feasibility and alignment with the organization's mission, vision, and values.
Real Phishing Threats
Please note that this is not an all inclusive list of all of the phishing threats but rather ones that are typical of current threats and/or ones that were actually received by UCSF staff, faculty and/or students (must be logged into MyAccess to view). Be diligent with all communications.Content on this pagePhish Received by UCSFPhish Typical of Current ThreatsGreat Free Anti-Phishing Resources to Share with Your Friends and Family
Aug 2023: Impersonation Attacks Target GitHub Developers
Threat Alert: Social Engineering Attacks Target GitHub Developers
Avoid the “Dirty Dozen” Tax Scams!
The link to the quiz is at the end of the article.
REDCap, Twilio, and A2P10DLC compliance
Overview
A change to how SMS services work may interrupt how a number of UCSF research studies collect data starting Thursday, December 15, 2022. The REDCap team has developed a path for a short-term resolution and are working on the implementation process.
This page summarizes the UCSF REDCap team's strategy for helping studies work through the change.
Mar 2023: Twitter Scam Impersonates Bank Support Staff
Threat Alert: What to Watch For Scammers are creating fake customer support Twitter accounts for various banks and financial institutions.