Skip to main content
University of California San Francisco Give to UCSF

UCSF IT Technology

  • About Us
    • About Us
    • Mission Areas
    • IT Strategy
    • IT Governance
    • IT Directory
    • Standards and Guidelines
  • Services
    • Services
    • Status
    • Security Announcements
    • Software
  • Initiatives
    • Initiatives
    • AI at UCSF
    • IT Operating Model (ITOM)
    • Project One
    • Lift & Shift | Drupal 7-to-Drupal 10 Update Project
    • Digital Accessibility Compliance Project
    • Knowledge Management Project
    • Zoom Workspace
    • IAM Modernization Program
  • News & Events
    • News & Events
  • How-To Articles
  • Log In
Open Close Search
Open menu
Give to UCSF
  1. Home
  2. Search

Log in to see all content. Some content is hidden to the public.

Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.

Type

  • Event (29)
  • How-To (808)
  • Landing Page (72)
  • News (169)
  • Other Content (1012)
  • Service (194)
  • Standard & Guideline (45)
  • Status (1002)

Service Category

  • Access & Identity (53)
  • Business Applications (184)
  • Desktop Support (84)
  • Education Applications (70)
  • Email & Collaboration (186)
  • Health Systems (21)
  • Hosting & Computing (28)
  • Network & Wireless (36)
  • Phones & Pager (28)
  • Research Services (48)
  • Security (95)
  • Web Services (166)

3331 Results

Other Content

Nov 2022: Twitter-Themed Lures Used in Credential Phishing Attacks

Cybercriminals have launched phishing attacks impersonating Twitter Services. The emails include links to lookalike landing pages that are designed to steal Twitter credentials and phone numbers.While the email display names make it appear the messages come from “Twitter Services,” the actual sending address is a Gmail account.The emails use the proposed change at Twitter of charging verified users a monthly fee to maintain their verification status.

Other Content

Nov 2022: Amazon-Themed Lures Distributed Via Zoom

Cybercriminals have launched a series of malicious email attacks impersonating an Amazon package order confirmation.The attack uses Amazon-branded emails delivered from a Zoom sending address, as threat actors are abusing Zoom’s infrastructure.The emails prompt recipients to click a link to download an invoice for order details.

Other Content

Real Phishing and Social Engineering Threats

Please note that this is not an all-inclusive list of all of the phishing and social engineering threats, but rather ones that are typical of current threats and/or ones that impacted UCSF staff, faculty, and/or learners (must be logged in to MyAccess to view). Be diligent with all communications, and please, even if you think an email might be a phish, report it via Phish Alarm and find out almost instantly in most cases.

Other Content

Vulnerability in Apache Batik Has Been Weaponized

H-ISAC reported that a vulnerability in Apache Batik has been Weaponized. The vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. For a complete description of the vulnerabilities and affected systems go to Apache Batik CVE-2022-40146. IT Security

Other Content

Apache Kylin Command Injection Vulnerability

A command injection vulnerability exists within Apache Kylin. For a complete description of the vulnerabilities and affected systems go to Apache Kylin CVE-2022-24697. IT Security Read more about IT Security service offerings.

Other Content

Vulnerability in Aruba Network InstantOS

A classic buffer overflow vulnerability exists within Aruba Networks InstantOS 8.10.0.1. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user.

Other Content

PoC Code Published for High-Severity macOS Sandbox Escape Vulnerability

Tracked as CVE-2022-26696 (CVSS score of 7.8), the security defect was identified and reported last year, with a patch available since the release of macOS Monterey 12.4 in May. Apple notes that the flaw allowed a sandboxed process to circumvent sandbox restrictions, and that improved environment sanitization resolved the issue.

Other Content

Trend Micro Apex One for SaaS Improper Authentication Vulnerability

An improper authentication vulnerability exists within Trend Micro Apex One for SaaS. Successful exploitation of this vulnerability could allow an attacker to bypass the product’s login authentication by falsifying request parameters on affected installations. For a complete description of the vulnerabilities and affected systems go to Trend Micro Security Bulletin September 2022. IT Security

Other Content

Vulnerability within Moodle 4.0.2.

Mandiant reveals vulnerability within Moodle 4.0.2. A remote code execution risk when restoring backup files originating from Moodle 1.9 For a complete description of the vulnerabilities and affected systems go to Moodle Security Announcement. IT Security Read more about IT Security service offerings.

Other Content

IBM InfoSphere Information Server on Cloud 11.7 Command Injection Vulnerability

IBM released a patch to address a vulnerability in the IBM InfoSphere Information Server on Cloud 11.7. IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. For a complete description of the vulnerabilities and affected systems go to IBM Security Bulletin. IT Security Read more about IT Security service offerings.

Pagination

  • First page « First
  • Previous page ‹ Previous
  • …
  • Page 158
  • Page 159
  • Page 160
  • Page 161
  • Page 162
  • Page 163
  • Page 164
  • Page 165
  • Page 166
  • …
  • Next page Next ›
  • Last page Last »
Home
  • Status
  • Services
  • How To
  • News & Events
  • About
  • IT Directory
  • Standards & Guidelines
  • Get Help
  • Recognize IT Staff

Submit a Support Inquiry

For emergencies and high priority issues please call the IT Service Desk (415) 514-4100

  • Facebook
  • Twitter
  • YouTube
  • Instagram

© 2026 The Regents of the University of California