UCSF IT Technology

Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using the promise of a paid Christmas bonus as a lure.

Threat Alert: What You Need to Know Scammers are tampering with physical gift cards in retail store locations.

Threat Alert: What to Watch For Recent email-based attacks have used compromised Microsoft OneDrive accounts to send phishing emails. These emails encourage recipients to click a link to view a shared document. The OneDrive links lead targets to shared PDF documents containing quick response (QR) codes.

Mandiant reported a vulnerability in Apache Camel. The camel-ldap component allows LDAP Injection when using the filter option.

Drupal has released security updates to address Moderately Critical and Critical vulnerabilities in impacting Drupal. An attacker could exploit these vulnerabilities to access sensitive information and remotely execute code. For a complete description of the vulnerabilities and affected systems go to Drupal Security Advisories. IT Security

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit this vulnerability to  take control of an affected system. For a complete description of the vulnerabilities and affected systems go to Samba Security Releases. IT Security Read more about IT Security service offerings.

Mandiant reported High vulnerabilities in SAP BusinessObjects Business Intelligence Platform and SAP NetWeaver Process Integration. An attacker could exploit these vulnerabilities to execute arbitrary code. For a complete description of the vulnerabilities and affected systems go to