Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
120 Results
Jun 2023: New Top-Level Domains Increase Phishing Risk
Threat Alert: What to Watch For Google has introduced eight new top-level domains (TLDs), the equivalents of “.com”, that websites can use. Among these new TLDs are “.zip” and “.mov”.
Critical Vulnerability in miniOrange's Social Login and Register Plugin for WordPress
WordPress released a security update to address a Critical vulnerability in miniOrange's Social Login and Register plugin for WordPress. Exploitation of this vulnerability could allow an unauthenticated attacker to gain access to any account on a site including accounts used to administer the site, if the attacker knows, or can find, the associated email address.
Enterprise Portfolio Management
The Enterprise Portfolio Management (EPM) domain serves as a centralized authority responsible for assisting in evaluating, prioritizing, and selecting projects and initiatives that align with the organization's strategic objectives. It establishes a framework for evaluating project proposals, assessing their potential risks and benefits, and determining their feasibility and alignment with the organization's mission, vision, and values.
Nov 2022: Hundreds of U.S. News Sites Compromised to Deliver Fake Browser Updates
Threat Alert: What to Watch For Cybercriminals have compromised an undisclosed media company that provides video content and advertising to hundreds of news outlets across the United States. Authentic-looking browser update alerts appear on the impacted news websites.
Real Phishing Threats
Please note that this is not an all inclusive list of all of the phishing threats but rather ones that are typical of current threats and/or ones that were actually received by UCSF staff, faculty and/or students (must be logged into MyAccess to view). Be diligent with all communications.Content on this pagePhish Received by UCSFPhish Typical of Current ThreatsGreat Free Anti-Phishing Resources to Share with Your Friends and Family
Aug 2023: Impersonation Attacks Target GitHub Developers
Threat Alert: Social Engineering Attacks Target GitHub Developers
Standard
Digital Millennium Copyright Act (DMCA)
What you need to know Digital Millennium Copyright Act (DMCA) UCSF complies with the provisions of the Digital Millennium Copyright Act (DMCA). If you have a concern regarding the use of copyrighted material on any site on the UCSF network, please contact the agent designated to respond to reports alleging copyright infringement. Designated agent The current designated agent for the UCSF campus to receive notification of claimed infringement under Title II of the DMCA is on file with the U.S. Copyright Office.
Impacted Services: IT Security Outreach and Training
Standard
The 18 Protected Health Information Identifiers
What you need to know The 18 Protected Health Information (PHI) Identifiers include:
Impacted Services: IT Security Outreach and Training
REDCap, Twilio, and A2P10DLC compliance
Overview
A change to how SMS services work may interrupt how a number of UCSF research studies collect data starting Thursday, December 15, 2022. The REDCap team has developed a path for a short-term resolution and are working on the implementation process.
This page summarizes the UCSF REDCap team's strategy for helping studies work through the change.
Mar 2023: Twitter Scam Impersonates Bank Support Staff
Threat Alert: What to Watch For Scammers are creating fake customer support Twitter accounts for various banks and financial institutions.