Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
658 Results
- Other Content
REDCap, Twilio, and A2P10DLC compliance
Overview
A change to how SMS services work may interrupt how a number of UCSF research studies collect data starting Thursday, December 15, 2022. The REDCap team has developed a path for a short-term resolution and are working on the implementation process.
This page summarizes the UCSF REDCap team's strategy for helping studies work through the change.
Dec 2022: Phish Alarm-Themed Lures Used in Credential Phishing Attacks
Cybercriminals have launched phishing attacks claiming to originate from a company help desk team.
Security Update: Google Released Updates for Chrome
Google has released Chrome version 108.0.5359.98/.99 for Windows and Chrome version 108.0.5359.98 for Mac, and Linux. A remote attacker could exploit this vulnerability to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to Chrome Stable Channel Update. IT Security
Dec 2022: HIPAA-Related Lures
Cybercriminals have launched a series of phishing attacks impersonating the legitimate law firm, including Latham & Watkins.
Nov 2022: Recruitment Company Michael Page Impersonated in Job-Themed Lures
Cybercriminals have launched a series of phishing attacks against individuals in the UK impersonating the recruitment company Michael Page.
Nov 2022: Hundreds of U.S. News Sites Compromised to Deliver Fake Browser Updates
Cybercriminals have compromised an undisclosed media company that provides video content and advertising to hundreds of news outlets across the United States. Authentic-looking browser update alerts appear on the impacted news websites.
Nov 2022: Shopping and Shipping Themed Mobile Attacks Likely to Ramp in Coming Weeks
Every year, as the holiday shopping season approaches, holiday-themed phishing attacks rise. Attackers know the season brings a high volume of ecommerce activity—and related notifications.
Nov 2022: Twitter-Themed Lures Used in Credential Phishing Attacks
Cybercriminals have launched phishing attacks impersonating Twitter Services. The emails include links to lookalike landing pages that are designed to steal Twitter credentials and phone numbers. While the email display names make it appear the messages come from “Twitter Services,” the actual sending address is a Gmail account. The emails use the proposed change at Twitter of charging verified users a monthly fee to maintain their verification status.
Nov 2022: Amazon-Themed Lures Distributed Via Zoom
Cybercriminals have launched a series of malicious email attacks impersonating an Amazon package order confirmation. The attack uses Amazon-branded emails delivered from a Zoom sending address, as threat actors are abusing Zoom’s infrastructure. The emails prompt recipients to click a link to download an invoice for order details.
Real Phishing and Social Engineering Threats
Please note that this is not an all-inclusive list of all of the phishing and social engineering threats but rather ones that are typical of current threats and/or ones that impacted UCSF staff, faculty, and/or learners (must be logged in to MyAccess to view). Be diligent with all communications, and please, even if you think an email might be a phish, report it via Phish Alarm and find out almost instantly in most cases.