Spring announced a remote code execution vulnerability in Spring Core, aka Spring4Shell. Details and actions here.
Cybersecurity News
The Office of Cybersecurity manages the university’s risk-reduction efforts through data protection, ongoing diagnostics, cybersecurity awareness training and policies and procedures to safeguard intellectual property and sensitive information.
Chrome update fixes “severe” vulnerability
Do you use Chrome as your desktop web browser? If so, please check which version of Chrome you have installed on your computer. If your version of Chrome is not up to date, you could be vulnerable to hackers.
3/17 phishing alert! Subject: “UNICEF Paid part-time job”
Watch out for an active phishing campaign on campus in which the attacker impersonates UNICEF Executive Director Henrietta H. Fore. The email message advertises a part-time, work-from-home job.
Beware of Ukraine-themed phishing scams
Although there are no current credible Russian cybersecurity threats to U.S. universities, UW’s cybersecurity team is prepared to prevent cyberattacks. Do your part by identifying and reporting phishing scams related to Ukraine.
Last Chance For Early Registration: EDUCAUSE Cybersecurity Conference
In Baltimore: May 3-5. Attend for just-in-time content to help higher education cybersecurity and privacy professionals address current challenges. Price increases after Mar 22!
2/9 Email phishing alert: Subject line “IT Security Update”
Scammers recently sent a message that appears to be from the DoIT Help Desk, but was actually a forgery. Learn how to protect yourself.
Join The Cybersecurity Forward Planning Committee
The Cybersecurity Forward Planning Committee is looking for new members! Interested in joining? Let us know by Feb 4.
1/28 Email phishing alert: Subject line “Debit Alert”
Scammers recently sent a message that appears to be from Chase Bank, but was actually a forgery. Learn how to protect yourself.
Action Needed: Log4J Vulnerability
The UW–Madison Cybersecurity Operations Center has confirmed numerous attempts on the campus network. In order to secure your systems, you need to act now.
10/25 BEC Email phishing alert: scammers impersonate leadership
Scammers recently sent a Business Email Compromise message that appears to be from a campus leader’s personal Gmail account, but was actually a forgery. Learn how to protect yourself.