Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
3331 Results
PoC Exploit Published for Cisco Vulnerability
Cisco updated its security advisory for a vulnerability in multiple Cisco products. A remote attacker could exploit this vulnerability to elevate privileges.
Jun 2023: Hijacked Email Threads Spread Malicious Software
Cybercriminals have launched phishing attacks that hijack legitimate email threads to deliver malicious URLs. Attackers hijack email threads to further increase the believability of the attacks.
June 2023: Phishing Attacks Abuse Valid Web Traffic Tool
Cybercriminals have launched phishing attacks abusing legitimate tools that are used to direct web traffic. Phishing lures contain an embedded URL that leads to a lookalike Google Chrome update site. Downloading the fake Google Chrome update installs a legitimate tool used for remotely monitoring and supporting computers.
Slack Frequently Asked Questions
Below are answers to frequently asked questions from UCSF Slack users.
Slack Training
Slack is an optional messaging tool and collaboration platform designed to support natural teamwork, allowing you to collaborate online as effectively as you do face-to-face. It is available to UCSF employees and learners but should not be used to share restricted data. Please coordinate with your department to establish communication best practices for applications.
June 2023: Phishing Attacks Use Compromised Microsoft Office 365 Accounts
Cybercriminals have launched phishing attacks leveraging compromised Microsoft Office 365 accounts.The lures include .rpsmg file attachments, as well as embedded URLs hidden behind a “Read the Message” button. Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.
Jun 2023: New Top-Level Domains Increase Phishing Risk
Google has introduced eight new top-level domains (TLDs), the equivalents of “.com”, that websites can use. Among these new TLDs are “.zip” and “.mov”.
May 2023: Phishing Kit Uses Finance-Themed Lures
Cybercriminals are increasingly using phishing-as-a-service kits to build and distribute lookalike Microsoft Office 365 landing pages via phishing lures. The phishing lures can be customized to have a variety of different appearances or themes.