Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
105 Results
Jun 2023: New Top-Level Domains Increase Phishing Risk
Threat Alert: What to Watch For Google has introduced eight new top-level domains (TLDs), the equivalents of “.com”, that websites can use. Among these new TLDs are “.zip” and “.mov”.
Critical Vulnerability in miniOrange's Social Login and Register Plugin for WordPress
WordPress released a security update to address a Critical vulnerability in miniOrange's Social Login and Register plugin for WordPress. Exploitation of this vulnerability could allow an unauthenticated attacker to gain access to any account on a site including accounts used to administer the site, if the attacker knows, or can find, the associated email address.
Accessible PowerPoint Lunch and Learn to Celebrate Global Accessibility Awareness Day (GAAD) 2024
Date: May 16, 2024
Nov 2022: Hundreds of U.S. News Sites Compromised to Deliver Fake Browser Updates
Threat Alert: What to Watch For Cybercriminals have compromised an undisclosed media company that provides video content and advertising to hundreds of news outlets across the United States. Authentic-looking browser update alerts appear on the impacted news websites.
Aug 2023: Impersonation Attacks Target GitHub Developers
Threat Alert: Social Engineering Attacks Target GitHub Developers
Real Phishing Threats
Please note that this is not an all inclusive list of all of the phishing threats but rather ones that are typical of current threats and/or ones that were actually received by UCSF staff, faculty and/or students (must be logged into MyAccess to view). Be diligent with all communications.
REDCap, Twilio, and A2P10DLC compliance
Overview
A change to how SMS services work may interrupt how a number of UCSF research studies collect data starting Thursday, December 15, 2022. The REDCap team has developed a path for a short-term resolution and are working on the implementation process.
This page summarizes the UCSF REDCap team's strategy for helping studies work through the change.
Dec 2023: Real Phish Received at UCSF - Multi Factor Authentication
Picture of Actual Phish
Threat Alert: What to Wa
Mar 2023: Twitter Scam Impersonates Bank Support Staff
Threat Alert: What to Watch For Scammers are creating fake customer support Twitter accounts for various banks and financial institutions.
Feb 2023: MFA (DUO) Fatigue Attacks Target High-Profile Orgs - Do not approve authentication requests for logins you did not initiate!
Threat Alert: What to Watch For