The College of New Jersey

Apply     Visit     Give     |     Alumni     Parents     Offices     TCNJ Today     Three Bar Menu

Announcements Archive

Cybersecurity Awareness Month 2021

October is Cybersecurity Awareness Month. The theme, just like last year, is “Do Your Part. #BeCyberSmart” which emphasizes the important role we all must play in protecting ourselves and the College from cyber attacks. It is our shared responsibility to be good digital citizens. No individual is solely responsible for securing the Internet. Everyone must… Continue Reading

EXPLOIT – CVE-2021-30860 – FORCEDENTRY zero-day exploit on Apple devices

The FORCEDENTRY vulnerability was discovered last week by CitizenLab.  This vulnerability allows attackers to craft malicious PDF files which the device then process and runs the attackers code, leading to data theft, impersonation and potential device takeover.  This vulnerability exploits Apple’s image rendering library, CoreGraphics and requires no interaction from the user once the text… Continue Reading

Exploit – CVE-2021-40444 – MSHTML RCE Vulnerbility via malicious Microsoft Office documents

This week Microsoft reported that they are seeing this vulnerability being actively exploited in the wild.  The attacker crafts a Microsoft Office document which contains a malicious ActiveX control, that once installed, grants the attacker the same rights as the user who opened the document.  This can allow the attacker to run code, install and… Continue Reading

Phish – Subject:Evaulation.docx01.docx

New phish reported, 04/28/2021.  Mail comes from a Jeremy Keifer in the From field and the email appears to be from some variation of share-drive-noreply@google.com.  It is impersonating Kathryn Foster and claims to share a file from Sharepoint (it also has a typo and misspells “has”).  Do not open this attachment or enter any information.… Continue Reading

Phish – Subject: HHS COLLEGE RELIEF FUND ( RE: Finance Department )

New phish reported, with a pdf attachment that links to a phishing site.  From: Dr. Peter Ausburn <p4ausburn@outlook.com> Date: Mon, Feb 22, 2021 at 2:16 PM Subject: HHS COLLEGE RELIEF FUND ( RE: Finance Department ) To: XXX@tcnj.edu <XXX@tcnj.edu> Hello good day, Please find attached the summary of the previous meeting between the College Finanace… Continue Reading

Phish – Subject: TCNJ Help Desk

New phish reported. Link to a jotform site From: “TCNJ” <XXXXXX> Subject: TCNJ Help Desk Date: November 25, 2020 at 7:00:29 PM EST To: XXX@tcnj.edu Hello, Your request to deactivate your TCNJ account has been received and will be completed shortly. You can cancel the request here to keep your account active Thank You TCNJ… Continue Reading

Phish – Subject: Quick Request

New phish reported. Please ignore and delete this message.  From: XXXX <baltzlem.wou@gmail.com> Subject: Quick Request Date: November 10, 2020 at 6:50:00 PM EST To: XX@tcnj.edu Get back to me with your available text number I can reach you at. — Provost and Vice President for Academic Affairs; Professor of Biology Continue Reading

Phish – Subject: CAMPUS NEWS. (JOB OPPORTUNITY)

New Scam/phish reported From: Constanza Escobar Lagos (Alumno) <constanza.escobarl@usm.cl> Date: Thu, Sep 10, 2020 at 7:09 PM Subject: CAMPUS NEWS. (JOB OPPORTUNITY) To: Good Day ! We are notifying you about a part time position. A Job that will not affect your present employment or studies, fun and rewarding. You get to make up to… Continue Reading

Phish – Subject: Condolences

Phishing message report. Sent from 3rd party using sendgrid to spoof tcnj.edu accounts. The event has been reported.    Subject: Condolences To: It is with sadness in my heart i announce the death of my daughter and best friend Julie XXXX XXXX. Julie died on the 7th of September after her long battle with Leukemia.… Continue Reading

August 2020 Security Patches

Microsoft’s Patch Tuesday addressed 120 vulnerabilities.  17 are critical severity rated, with two zero days addressed.  The first allows attackers to bypass security features to load files, and the second affects the Internet Explorer scripting engine, allowing attackers to execute code. Both zero days are actively exploited and one is publicly disclosed. Additional information can… Continue Reading

Phish – Subject: Failure Error Messages

Phish reported July 30, 2020. Please ignore and delete these  messages From: IT-Operation-Check <tsururunnext@sv3123.xserver.jp> Date: Thu, Jul 30, 2020 at 12:55 AM Subject: (12) Failure Error Messages – To: XXXX Tcnj Cloud {12} mails has failed to load and Released to inbox as a result of SSL server error on xxxx@tcnj.edu Reload status below to… Continue Reading

Top