Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
3366 Results
IT Security News and Alerts
Welcome to UCSF IT Security News and Alerts. Our goal is to keep you informed and equipped with the knowledge to protect sensitive information and maintain the integrity of our digital environment. Stay tuned for timely notifications, expert insights, and actionable advice to ensure that you are always ahead of potential risks and can confidently navigate the evolving landscape of IT security.
How to Set Up and Manage your CLE (Moodle) Course
- Faculty
- Staff
Mar 2025: FasTrak Text Alerts Lead to Monetary Loss
This is your final official notice from FasTrak regarding an unpaid toll for your vehicle. You must pay the outstanding balance online within 24 hours using the link below. Failure to settle this by the due date will result in immediate fines, escalating late fees, suspension of your vehicle registration with your state’s DMV, potential vehicle impoundment, and aggressive legal action including court proceedings with substantial financial penalties and possible wage garnishment.
Applications Requiring VPN
- Faculty
- Research Staff
- Staff
- Student
Accessing Canva (for Non-Learner Users)
The process for accessing Canva as a non-learner user is simple. This page will walk you through the process for accessing Canva from start to finish!
- Affiliate
- Staff
- Technical Partner
- Email & Collaboration
UCSF IT Security Incident Response Statistics
03/19/25: Actively Exploited, Zero Day, Critical Vulnerability in Open-Source Apache Tomcat Web Server
Actively Exploited, Zero Day, Critical Vulnerability in Open-Source Apache Tomcat Web Server. The vulnerability can be exploited to perform remote code execution (RCE).For a complete description of the vulnerabilities and affected systems, go to CVE-2025-24813-PoC /Tomcat_CVE-2025-24813_RCE.py.IT Security
03/19/25: Critical and Other Vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE)
Gitlab released security updates to address Critical and other vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE). These vulnerabilities allow an authenticated attacker with access to a valid signed SAML document to impersonate another user within the same SAML Identity Provider (IdP) environment.For a complete description of the vulnerabilities and affected systems, go to GitLab Critical Patch Release: 17.9.2, 17.8.5, 17.7.7.
03/19/25: Vulnerability in Junos OS
Juniper released security updates to address a vulnerability in Junos OS. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device.