The email below is a phishing email. It contains a link that leads to a malicious page, please do not click any links contained within and delete the email.
Author Archives: minsterg
IT SECURITY ALERTs Phish
Below is an image of an email sent by a Tony Burr. Even though this came from a Google Drive sharing address, this is instead a phishing email impersonating a TCNJ employee. These often contain a mismatched sender to the person stated as the file sharer. You can also see the sender address is not… Continue Reading
PHISH – Retirement And Pension Meetings for The College of New Jersey Employees
An email was recently sent to a wide number of TCNJ employees in regards to retirement advisory. This is not a provider that TCNJ uses and is unsolicited spam email. As with any email received from an external 3rd party, be extremely careful with any information you provide to them. See below for screenshot of… Continue Reading
It’s Cybersecurity Month 2022!
It’s October, and that means it’s Cybersecurity Month! This year’s theme for Cybersecurity Month is “See Yourself in Cyber.” Seeing yourself in cybersecurity means to look at the things you do every day, both at work, at home and elsewhere, and see where you can do things to better protect yourself and others. Things such… Continue Reading
PHISH – Subject: tcnj.edu | Work Opportunity for
See below image of email. This is a phishing attempt by an outside source attempting to harvest information from TCNJ users. Do not reply or click any links contained within this email. If you receive any suspicious messages, please report them to phish@tcnj.edu. Continue Reading
PHISH – Invoice_US_CMR_LRB_10295419121_2021-12-13.pdf
Recently an email was sent out that contains a malicious PDF. If you receive this email do not click the link embedded in the PDF or download it. Notify phish@tcnj.edu and delete the email. Thank you. Continue Reading
PHISH – MsDocs 893826 / New Scanned Docs from MX-M253N
This is a phishing email, the embedded link does not go to a SharePoint site or contain any documents. Do not click on any links and delete this email. Thank you. Continue Reading
Phish – Subject: Confirm Ownership for ***@tcnj.edu
Phishing email which will take you to a Mail Center landing page and attempt to harvest your credentials. Do not enter any information or click any links in this email. Continue Reading
EXPLOIT – CVE-2021-30860 – FORCEDENTRY zero-day exploit on Apple devices
The FORCEDENTRY vulnerability was discovered last week by CitizenLab. This vulnerability allows attackers to craft malicious PDF files which the device then process and runs the attackers code, leading to data theft, impersonation and potential device takeover. This vulnerability exploits Apple’s image rendering library, CoreGraphics and requires no interaction from the user once the text… Continue Reading
Exploit – CVE-2021-40444 – MSHTML RCE Vulnerbility via malicious Microsoft Office documents
This week Microsoft reported that they are seeing this vulnerability being actively exploited in the wild. The attacker crafts a Microsoft Office document which contains a malicious ActiveX control, that once installed, grants the attacker the same rights as the user who opened the document. This can allow the attacker to run code, install and… Continue Reading