Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
3331 Results
May 2023: Malicious QR Codes in Public Places Used in Theft
Scammers are creating malicious quick response (QR) codes which they are including on official looking forms in public spaces, such as on customer satisfaction surveys outside businesses or on lookalike parking tickets placed on parked cars. The malicious QR codes lead to download sites for malicious third-party applications or lookalike payment websites.
May 2023: AI-Themed Phishing Lures Distribute Threats
Cybercriminals have launched a campaign distributing malware with an AI-themed lure. The lure purports to be from an “Information Technology Manager” regarding a mandatory system update for employees.
May 2023: URL Shortening Service Widely Abused in Attacks
Cybercriminals have started using the URL shortening service clck[.]ru in widespread phishing attacks in April. The nature of these attacks and the lures used vary greatly. However, the attacks encourage recipients to click on a shortened URL ending in [.]ru.
May 2023: Phishing Attacks Deliver Remote Access Malware
Threat Alert: What to Watch For
BigFix Endpoint Management Minimum Supported Operating Systems
- Affiliate
- Faculty
- Non-UCSF
- Staff
- Student
- Technical Partner
- Volunteer
Apr 2023: Tax-Themed Lures Distribute Malware
Cybercriminals have launched a series of phishing attacks using a timely tax-themed lure. The lures imitate the sharing of 2022 tax documents via a Citrix ShareFile link. The lures note that the download expires on April 18, 2023, the tax-filing deadline in the United States.
Communities of Practice
Apr 2023: Okta-Themed Lures Harvest Microsoft Credentials
Cybercriminals have launched Okta-branded phishing attacks encouraging recipients to follow a link to resynchronize their Okta and Microsoft accounts. Clicking on the link leads to a credential phishing kit that redirects the user to a lookalike Microsoft login page.
Actively Exploited Zero-Day Vulnerability in Chrome
Google has released Chrome version 112.0.5615.121 to address an actively exploited zero-day vulnerability in Windows, macOS and Linux versions of the Google Chrome desktop browser. For a complete description of the vulnerabilities and affected systems go to Chrome Release Note.