Microsoft released a patch as part of April 2022’s Patch Tuesday for a Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2022-26809). This vulnerability impacts most Windows Server and Desktop versions, including Windows 7 and Windows 11.
Cybersecurity News
Cybersecurity announcement: web fingerprint scanning Tue, Apr 5
Spring announced a remote code execution vulnerability in Spring Core, aka Spring4Shell. Details and actions here.
Cybersecurity announcement: Java Spring Framework RCE vulnerability
Spring announced a remote code execution vulnerability in Spring Core, aka Spring4Shell. Details and actions here.
Chrome update fixes “severe” vulnerability
Do you use Chrome as your desktop web browser? If so, please check which version of Chrome you have installed on your computer. If your version of Chrome is not up to date, you could be vulnerable to hackers.
Beware of Ukraine-themed phishing scams
Although there are no current credible Russian cybersecurity threats to U.S. universities, UW’s cybersecurity team is prepared to prevent cyberattacks. Do your part by identifying and reporting phishing scams related to Ukraine.
Last Chance For Early Registration: EDUCAUSE Cybersecurity Conference
In Baltimore: May 3-5. Attend for just-in-time content to help higher education cybersecurity and privacy professionals address current challenges. Price increases after Mar 22!
Join The Cybersecurity Forward Planning Committee
The Cybersecurity Forward Planning Committee is looking for new members! Interested in joining? Let us know by Feb 4.
Action Needed: Log4J Vulnerability
The UW–Madison Cybersecurity Operations Center has confirmed numerous attempts on the campus network. In order to secure your systems, you need to act now.
Are your smart home devices secure?
Smart TVs, cameras, speakers, watches, toys, phones, tablets and other internet-connected devices add convenience to our lives, but their security isn’t guaranteed. Get tips to protect your personal info.
8/16 Phishing Alert! Subject: “Benefits”
There’s an active phishing campaign targeting UW–Madison email addresses. The attacker offers to provide financial assistance to qualifying employees. Sure signs it’s bogus: misspellings and a link to a non-UW URL.