University of Southern California

Author Archives: mbordas

← Older posts

Phishing Warning 2015-05-05

Posted on by mbordas

Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as … Continue reading

Posted in Phishing | Tagged

For Your Reference: Phishing Scams Targeting University Employees

Posted on by mbordas

The online news outlet Inside Higher Ed recently posted an article about new phishing scams targeting university employees. The article highlights recent phish emails promising salary raise information and requesting help with processing wire transfers. The article is available at … Continue reading

Posted in Phishing, Recommended Reading |

Phishing Scam Regarding Financial Services Provider John Hancock

Posted on by mbordas

ITS is aware of suspicious emails sent to members of higher education communities as part of a phishing scam aimed at obtaining individuals’ personal information. These emails appear to originate from the financial services provider John Hancock and instruct recipients to verify their records by clicking … Continue reading

Posted in Phishing |

Anthem-related Email Scams

Posted on by mbordas

The university has been alerted to several scams related to the recent cyber attacks against the medical insurance provider Anthem. Continue reading

Posted in Education, Hoaxes, Phishing |

Kerberos KDC Flaw Requires Microsoft Out-of-Band Patch

Posted on by mbordas

BACKGROUND Hackers have bypassed Microsoft’s previous security patch to address the Object Linking and Embedding (OLE) remote code execution flaw resulting in the company issuing an out-of-band patch this week. IMPACT The vulnerability could allow remote elevation of privilege in … Continue reading

Posted in Patch Tuesday, Security Updates |

Phishing Attempts Targeting Direct Deposits

Posted on by mbordas

Various universities have reported an increase in the number of attempts to access employee account information by individuals masquerading, in an email or other communication, as representatives of the university’s human resources or employee benefits department. The attackers’ goal is … Continue reading

Posted in Education, Social Networking |

Recognizing Malicious Pop-Up Windows

Posted on by mbordas

Some users have reported encountering pop-up windows similar to those below while online. Note that this is not limited to browsing while on the USC networks. This may occur through any connection to the Internet, including home and public wireless … Continue reading

Posted in Education, Malware |

Sandworm Vulnerability Requires Another Fix from Microsoft

Posted on by mbordas

BACKGROUND Hackers have bypassed Microsoft’s security patch to address the Sandworm vulnerability in Windows resulting in the company issuing another advisory and warning users of the new threat. IMPACT The vulnerability could allow remote code execution if a user opens … Continue reading

Posted in Malware, Security Updates | Tagged , ,

Adobe Flash Vulnerability Currently Being Exploited

Posted on by mbordas

BACKGROUND There is a vulnerability in Adobe Flash that is being exploited in large scale attacks. The vulnerability is being tracked as CVE-2014-0569 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0558) on the Common Vulnerabilities and Exposures (CVE) database. The exploit includes memory corruption vulnerabilities and an integer overflow vulnerability that … Continue reading

Posted in Malware, Security Updates | Tagged , , ,

Dropbox Hack

Posted on by mbordas

Actions: Do not reuse passwords across different sites and services; if you do, change them to passwords unique to each site and service. What happened? A hacker posted a plain-text file to Pastebin with a provocative headline claiming that Dropbox … Continue reading

Posted in Password Security, Security Breach | Tagged ,

← Older posts