Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
566 Results
Nov 2022: Twitter-Themed Lures Used in Credential Phishing Attacks
Cybercriminals have launched phishing attacks impersonating Twitter Services. The emails include links to lookalike landing pages that are designed to steal Twitter credentials and phone numbers. While the email display names make it appear the messages come from “Twitter Services,” the actual sending address is a Gmail account. The emails use the proposed change at Twitter of charging verified users a monthly fee to maintain their verification status.
Nov 2023: Phishing Attacks Impersonate Philippine Agency
Threat Alert Phishing Attacks Impersonate Philippine Agency
May 2023: Phishing Attacks Impersonate Secure Share Providers
Attackers have launched a series of phishing attacks impersonating reputable secure share providers, which are used for securely sharing files. The lures contain links or attachments containing the supposed document. Interacting with the link or attachment leads to the installation of credential harvesting malicious software (malwa
Mar 2023: Attacks Spread Microsoft Teams-Themed Lures
Cybercriminals have launched phishing attacks using lures that impersonate Microsoft Teams meeting invites. The lures include a malicious link. Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.
Sep 2023: Credential Phishing Lure Imitates SharePoint and Financial Institution
Cybercriminals have launched a series of phishing attacks imitating a financial institution. The lures use an alleged credit card transaction dispute as a theme. While the emails claim to come from a financial institution, the email sending address does not match the email domain of the spoofed financial organization.
IT Security Risk Assessment
UCSF is required by a number of policies, laws, and regulations to assess the security risk of information systems that handle UCSF data.
- Faculty
- Staff
- Technical Partner
- Security
CLE Error, January 17, 2025 — Retrospective
What happened
- An unexpected error occurred on the CLE website—cle.ucsf.edu—for an estimated 20 minutes on Friday, January 17, 2025.
- End-users could log in to the site but could not perform any actions. When they tried, they received an error: “Coding error detected, it must be fixed by a programmer: Invalid cache key.”
- The outage took place from approximately 3:40 p.m. to 4 p.m.
Apr 2023: Phishing Lures Abuse SAP Concur and DocuSign
Cybercriminals have launched phishing attacks using apparently compromised SAP Concur and DocuSign accounts to distribute malicious emails. The phishing lures use financial themes, such as an expense report on SAP Concur or a financial settlement document on DocuSign. The lures include malicious links.
Feb 2023: Employee Termination-Themed Lure Spreads Malware
Cybercriminals have launched a series of phishing attacks using the threat of employee transfers and terminations as a lure.
Feb 2024: Job Offer Message Lures
Threat Alert: Job Offer Message Lures