Cybercriminals’ top priority is a real-life payout. For Ohio State student systems, that means criminals may target money that comes to students in the form of refunds, grants, scholarships, loans or other financial aid. If criminals get your user name and crack your password, they may be able to divert funds scheduled for direct deposit into your bank account and send the money to their account instead.
Are your computers, smartphones and tablets up to date? If you’ve been hitting snooze on the latest update, now is the time to let your device patch itself.
As you know, on Friday there was a worldwide ransomware attack. Though that attack is currently partially halted, there are additional versions currently released that are live and active. Technical staff should be aware that this family of ransomware works by exploiting the Server Message Block vulnerability. Microsoft released patches on March 14 to address this.
By now you should have seen the news of widespread ransomware attacks. It is projected to have affected users in more than 150 countries.
In this attack ransomware called WannaCry was emailed to users. When opened, the malware locked files on their computers. Older versions of Microsoft Windows systems that have not applied security patches were affected.
On Monday, January 23, Apple released the iOS 10.2.1 update which fixes flaws that previously allowed iOS devices to be compromised. If you have any iOS devices (iPad, iPhone, iPod, etc.) it is highly recommended to run the update as soon as possible. More detailed information from Apple can be found here: support.apple.com/en-us/HT207482.
A new type of phishing scam is targeting online shoppers, reminding us to be aware of how we interact with websites and that phishing attacks can come from many sources, not just email!
The Enterprise Security team's mission is to improve the security awareness and profile of the university. We wanted to make you aware of this scam that could cause you loss as a consumer.
The Internet Crime Complaint Center (IC3) has issued an alert on employment scams targeting college students. Phony job opportunities are advertised via college employment websites or sent to students’ university email addresses. Unfortunately, students who have taken the bait have suffered financial losses. For more information and tips on avoiding these scams please review the IC3 Alert.
Adobe has released security updates to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
The Enterprise Security team's mission is to improve the security awareness and profile of the university. This includes making you aware of important cybersecurity new items. A Joint Analysis Report has been released by US-CERT providing details on malicious activities undertaken by Russian Civilian and Military Intelligence Services (RIS).
This week we’ve seen a surge of phishing attacks against the university. Most recently we spotted a malicious website posing as a login page for BuckeyeMail and wanted to bring it to your attention. Please avoid clicking on links in emails when possible and always verify you’re at the site you meant to be at before entering user name and password. If you receive an email phish please report it to firstname.lastname@example.org. By informing us, we can more easily target and block other emails and sites from the same source.