It’s that time of the year again. With tax season upon us, attackers are stepping up their efforts to steal your data. The IRS is reporting an increase in scam emails regarding W-2 information. IRS Scam Notice Let’s take some time to review safe email practices. Always be skeptical – an email “From” address can… Continue Reading
News
WebEx Extension RCE
A vulnerability has been made public that could allow an an attacker to remotely execute code on a victim’s computer using the WebEx browser plugin. The vulnerability can be exploited by visiting a specially crafted website. WebEx has released an update to address this vulnerability. Make sure all web browsers are plugins are up to date… Continue Reading
New Type of Phishing Attack
It’s 2017 and email phishing is not new, however, there is a new technique attackers are using specifically against Gmail accounts. Malicious email messages appear to contain an attachment, but clicking the attachment will open a new browser tab that appears to be a login screen. This form will capture account credentials and send them to the attacker. To… Continue Reading
Cyber Security Workshop II
The second cyber security seminar will be held in Green Hall room 14 at 10AM on 10/26/2016. NCSAM is coming to a close, so all annual security awareness training must be completed by the end of the month. Continue Reading
Cyber Security Workshop
This first cyber security seminar will be held in the Education Building room 200 at 10AM on 10/12/2016. Feel free to participate even if you did not preregister. Continue Reading
Security Awareness Training 2016
TCNJ’s annual IT Security Awareness Training is now active. Each year all employees must complete Security Awareness Training. This year employees are only required to complete 1 of the training modules. Additional information and instructions for completing the training can be found at https://security.tcnj.edu/program/security-awareness-training/ Continue Reading
VPN Password Notification Bug Fix
The “Password expires in 0 days.” notification bug has been fixed. If you are still experiencing this bug when connecting to VPN please contact the helpdesk. Continue Reading
Mozilla Releases Security Updates for Firefox
Mozilla released an update for Firefox to fixed a serious flaw allowing remote access to local files. Visiting a malicious website could allow an attacker to access files on the victim’s local file system. The vulnerability is being actively exploited on Windows, Mac, and Linux systems. The vulnerability has been fixed in Firefox 39.0.3 and Firefox… Continue Reading
Andorid Remote Code Execution Exploit
An exploit has been discovered in a media library that affects all Android phones from version 2.2 to the present version 5.1.1. A specially crafted Multimedia Messaging Service (MMS) message could run code on the victims smartphone without any user interaction. Google has issued a patch, but no patches have been pushed to any devices.… Continue Reading
Least vulnerable operating system of 2014 was…
According to GFI Blog – A tie between Windows 8 and Windows 8.1 with 36 total vulnerabilities (24 high, 12 medium, 0 low) However, the author, Cristian Florian from GFI Blog, has grouped the operating systems together in a dubious manner and has left out major/monolithic components that cannot be removed from the OS. … Continue Reading