This week Microsoft reported that they are seeing this vulnerability being actively exploited in the wild. The attacker crafts a Microsoft Office document which contains a malicious ActiveX control, that once installed, grants the attacker the same rights as the user who opened the document. This can allow the attacker to run code, install and… Continue Reading
News
Phish – Subject: Document shared with you: “DC.docx”
Another Google Drive Shared File Phish Reported lmack7010@gmail.com shared a document Unknown profile photo lmack7010@gmail.com has shared the following document: XXXXXXXX DC.docx Continue Reading
Phish – Subject: I shared a Doc via Dropbox with you
New phish reported that looks like a Dropbox email. It links to an external site the attempts to capture credentials. Continue Reading
Phish – Subject:Evaulation.docx01.docx
New phish reported, 04/28/2021. Mail comes from a Jeremy Keifer in the From field and the email appears to be from some variation of share-drive-noreply@google.com. It is impersonating Kathryn Foster and claims to share a file from Sharepoint (it also has a typo and misspells “has”). Do not open this attachment or enter any information.… Continue Reading
August 2020 Security Patches
Microsoft’s Patch Tuesday addressed 120 vulnerabilities. 17 are critical severity rated, with two zero days addressed. The first allows attackers to bypass security features to load files, and the second affects the Internet Explorer scripting engine, allowing attackers to execute code. Both zero days are actively exploited and one is publicly disclosed. Additional information can… Continue Reading
Phish – “Faculty&Staff Evaluation”
Another shared document from an external compromised account phish. This is not from the President… Please ignore and delete similar messages. Continue Reading
Phish – Subject: Failure Error Messages
Phish reported July 30, 2020. Please ignore and delete these messages From: IT-Operation-Check <tsururunnext@sv3123.xserver.jp> Date: Thu, Jul 30, 2020 at 12:55 AM Subject: (12) Failure Error Messages – To: XXXX Tcnj Cloud {12} mails has failed to load and Released to inbox as a result of SSL server error on xxxx@tcnj.edu Reload status below to… Continue Reading
Phish – Subject: IT Dept. shared
New phish reported. Shared onedrive document that has a malicious link Continue Reading
Phish – Subject: UNIVERSITY NEWS!!!
New phish reported. Please ignore and delete. Subject: UNIVERSITY NEWS!!! To: XXXX Good Day! We are notifying you about a part time position. One of our institution’s Alumni (Mrs Jessica) needs a part time pet_sitter to care for her lovely pet dog for nine hours every week. She offers to pay Five hundred dollars weekly.… Continue Reading
Phish – Subject: Special Request
New gift card scam reported Subject: Special Request Good morning XXX, I’m planning to surprise some of the staffs with gifts during this unprecedented health crises, your confidentiality will be appreciated. However, i need you to get a purchase done. Email me once you get this. XXX Dean of the XXX XXX@tcnj.edu Sent from my… Continue Reading