Security

Fraudulent Email Alert: Request submitted – July 24, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: MICROSOFT OUTLOOK UPGRADE – July 24, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: Help desk Message – July 24, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Security Advisory: BusyWinman Linux Intrusion – July 21, 2017 15:40 PT

  We have received reports about malware on Linux systems that have been detected at other institutions. If you notice anything on your systems that matches the description below, please contact security@ubc.ca.   BusyWinman Malware is a two-component malicious software including: A Linux Bew Backdoor variant A UPX Packed BusyBox binary A dedicated malicious infrastructure […]

Fraudulent: Computer Support Phone Call – July 20, 2017

Please be vigilant if you ever receive phone calls at home from someone reporting that they are from the UBC IT Help Desk offering to check and update your computer.  This is an example of a “Windows Tech Support” scam, where the cybercriminal is hoping to install malware onto your computer. UBC IT Help Desk […]

Fraudulent Email Alert: Validate Your Email Account….To Avoid closed down – July 19, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: Important Message – July 19, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: Very Important Message – July 19, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

PetyaWrap Vulnerability – June 27th, 2017 – 12:40 PT

PetyaWrap Vulnerability PetyaWrap, a variant of Petya, is the latest worldwide ransomware that has affected Europe significantly, including large corporations such as Merck and Maersk.  The vulnerability can spread using the same Windows SMBv1 vulnerability as the recent WannaCry attack.  There are no additional patches beyond those that were already released for WannaCry. The ransomware […]

Stack Clash Vulnerability – Jun 19, 2017 – 15:30 PT

Stack Clash Vulnerability Stack Clash is a vulnerability that affects memory management of Unix-based operating systems. Attackers exploit this vulnerability by corrupting memory by stacking with another memory region in the system and executing an arbitrary code.  These exploits are Local Privilege Escalations where the attacker can exploit the stash vulnerability and obtain full root […]