The College of New Jersey

Apply     Visit     Give     |     Alumni     Parents     Offices     TCNJ Today     

News

August 2020 Security Patches

Microsoft’s Patch Tuesday addressed 120 vulnerabilities.  17 are
critical severity rated, with two zero days addressed.  The first
allows attackers to bypass security features to load files, and the
second affects the Internet Explorer scripting engine, allowing
attackers to execute code. Both zero days are actively exploited and
one is publicly disclosed. Additional information can be found here
https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2020-patch-tuesday-fixes-2-zero-days-120-flaws/
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Aug

Adobe also released patches for Adobe Lightroom, Acrobat and Reader.
The Lightroom vulnerability affects Lightroom Classic version 9.2.0.10
and earlier, and has a vulnerability rating of 3 (high).  The Reader
vulnerabilities affects all versions from 2015 to present and has a
vulnerability rating of 2.
https://helpx.adobe.com/security/products/acrobat/apsb20-48.html
https://helpx.adobe.com/security/products/lightroom/apsb20-51.html

Other notable patches released include Chrome and Citrix.

Chrome addressed 15 bugs, the majority of which are rated high.

Citrix addressed a set of vulnerabilities in Citrix Endpoint
Management (XenMobile Server).  Applies to version 10.9 and newer.
Older than 10.9 requires an upgrade to a newer version entirely.

Phish – Subject: Failure Error Messages

Phish reported July 30, 2020. Please ignore and delete these  messages From: IT-Operation-Check <tsururunnext@sv3123.xserver.jp> Date: Thu, Jul 30, 2020 at 12:55 AM Subject: (12) Failure Error Messages – To: XXXX Tcnj Cloud {12} mails has failed to load and Released to inbox as a result of SSL server error on xxxx@tcnj.edu Reload status below to… Continue Reading

Phish – Subject: UNIVERSITY NEWS!!!

New phish reported. Please ignore and delete. Subject: UNIVERSITY NEWS!!! To: XXXX Good Day! We are notifying you about a part time position. One of our institution’s Alumni (Mrs Jessica) needs a part time pet_sitter to care for her lovely pet dog for nine hours every week. She offers to pay Five hundred dollars weekly.… Continue Reading

Phish – Subject: Special Request

New gift card scam reported Subject: Special Request Good morning XXX, I’m planning to surprise some of the staffs with gifts during this unprecedented health crises, your confidentiality will be appreciated. However, i need you to get a purchase done. Email me once you get this. XXX Dean of the XXX XXX@tcnj.edu Sent from my… Continue Reading

Zoom Privacy and Security

Zoom has received a lot of media attention over the past few weeks due to its sudden surge in popularity. It is important to note that TCNJ has a service contract with Zoom, which makes our Zoom instance significantly different than the free version. Zoom has quickly pushed out updates to address reported vulnerabilities, usually… Continue Reading

Phish – Subject: Action Required!

Another phishing message reported. Please ignore and delete the message.  From: IT Alert <bmarrazzo@meridianpartnersny.com> Date: Fri, Apr 3, 2020 at 8:27 PM Subject: Action Required! To: XXXX Hi Hope you’re doing well! IT Department wanted to check in with you and see whether you have had a chance to update your email. Kindly reply to get a… Continue Reading

NCSAM 2019 Training

October is National Cyber Security Awareness Month. We have sent out our annual security training. Also be on the look out for phishing messages. Report suspicious messages to phish@tcnj.edu Additional information about our training program can be found at https://security.tcnj.edu/program/security-awareness-training/ Continue Reading

Subject: Sorry…

The following scam message has been reported. Your account was not hacked. The attacker is spoofing their from address to look like it came from your account to extort money from you. Subject: Sorry: xxxxx@tcnj.edu was hacked.. To: <xxxxx@tcnj.edu> Hello, My name is XXXXX I am known on the darknet I am an experienced software… Continue Reading

Top