In early 2024, UW–Madison will update the Duo multi-factor authentication service. After the update, you might notice that the Duo security prompt looks a bit different.
Who, meme? Yes, you! Showcase your creativity, humor and cybersecurity awareness for a chance to have your meme displayed in the next TechNews!
LastPass is a password manager available to faculty, staff and students. Though LastPass experienced a security incident late last year, we believe using it continues to be low risk.
Don’t get scammed by IRS impersonators or make a poor choice on tax preparers. Protect your money and personal information with these tips. And a reminder: Take these steps if you get a suspicious email.
Microsoft has recently revised the severity for SPNEGO Extended Negotiation security mechanism (NEGOEX) vulnerability to critical from its previous High severity from the September 2022 patch release. The vulnerability is being tracked as CVE-2022-37958.
What should you do if you get an MFA-Duo push notification that you didn’t request? How can you find out if your email or phone number was compromised in a data breach? And what the heck is “vishing?” Go on our scavenger hunt for Cybersecurity Awareness Month and find out!
WordPress has released version 6.0.2. This security and maintenance release contains patches for 3 vulnerabilities, including a high severity SQL Injection vulnerability in the Links functionality (CVSS Score of 8.0), as well as two Medium Severity Cross-Site Scripting vulnerabilities.
Atlassian has published a security advisory warning Bitbucket Server and Data Center users of a critical security flaw that allows remote attackers with access to public repositories or read access to private Bitbucket repositories to execute arbitrary code.
Microsoft released announcements for known vulnerabilities addressed in their Tuesday Patch release. Two are considered Remote Code Execution vulnerabilities, meaning an attacker can exploit the system vulnerabilities remotely.
Django, an open-source Python-based web framework, has detected a SQL injection vulnerability (CVE-2022-34265) in some recent versions.