Security

Fraudulent Email Alert: IT-Helpdesk – Nov 8, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.caand advise of the possible temporary breach of your account.  The email can then be deleted […]

WordPress 4.8.3 Addresses Serious SQL Vulnerability

Automattic (the web development corporation) has identified a serious SQL injection vulnerability flaw in WordPress that has now been patched in WordPress version 4.8.3.  Security Risk: High Recommended Action: 1.      Update any WordPress site immediately to version 4.8.3 2.      Enable automatic updates on WordPress sites WordPress websites and blogs hosted by CTLT If your WordPress […]

WPA2 Wireless Protocol Vulnerability – October 17, 2017 10:00 PT

Description A severe vulnerability has been discovered in the Wi-Fi Protected Access II (WPA2) standard utilized in secure wireless networks such as ubcsecure, eduroam, ubcprivate. UBC IT is in the process of applying infrastructure workarounds and/or patches as recommended by our vendors. Operating systems on the end-point devices that connect to these networks are also […]

Google Chrome Phasing out Symantec CA Certificates

As a result of Symantec’s mis-issuance of end-entity certificates, Google Chrome, and other browsers such as Mozilla Firefox, are commencing a process of progressively distrusting Symantec CA certificates over time. Once a CA certificate is no longer trusted, Chrome users visiting sites configured to use end-entity certificates issued under the distrusted CA certificate will be prevented […]

Fraudulent Email Alert: Course timetable changed – Sep 19, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.caand advise of the possible temporary breach of your account.  The email can then be deleted […]

Fraudulent Email Alert: Password Expiration Notice – Sep 9, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.caand advise of the possible temporary breach of your account.  The email can then be deleted […]

Apache Struts Framework Vulnerability

A severe vulnerability has been detected in Apache Struts 2 framework.  The vulnerability allows for full remote code execution and is actively being exploited in the wild.   Severity Critical CVE Number CVE–2017-9805 Impacted Platforms Apache Struts 2 and versions since 2008 [2.1.2 – Struts 2.3.33 and Struts 2.5 – Struts 2.5.12] Recommended actions Please […]

Fraudulent Email Alert: Password Expiration Notice – August 15, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: RE: IT Service Desk – August 14, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: Dear Faculty & Staff – August 11, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]