Security

Cryptolocker Fraud Alert

UBC Cybersecurity has received a report of a message being sent to a number of UBC employees purporting to have infected the recipient’s computer with “cryptolocker” ransomware and that their files are being held hostage for a  ransom to be paid via Bitcoin. This is false.  We have not seen any cases of actual infection. […]

Fraudulent Email Alert: RE: Employee & Staff Notification – Feb 19, 2018

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary breach of your account.  The email can be deleted from your Inbox or mobile phone.   From: <sender’s […]

Fraudulent Email Alert: RE: ADMIN CASE ! – Feb 19, 2018

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary breach of your account.  The email can be deleted from your Inbox or mobile phone.   From: <sender’s […]

Fraudulent Email Alert: RE: ITS Help-desk;” – Feb 15, 2018

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary breach of your account.  The email can be deleted from your Inbox or mobile phone.   From: <sender’s […]

Fraudulent Email Alert: Tutoring for my son – Jan 26, 2018

If you get this message, DO NOT reply and DO NOT provide any personal information. Delete the email. The email is part of an overpayment scam. The scammer will send the victim a fraudulent cheque for an amount greater than what was agreed upon then ask for a “refund”. The scammer is counting on the […]

Shibboleth Service Provider (SP) Vulnerability

A security advisor was recently issued indicating that if you are using the current Shibboleth SP on your application, it has been identified as vulnerable to forged user attribute data and that UBC’s Shibboleth implementation is impacted. Shibboleth SP software relies on a generic XML parser to process SAML responses and there are limitations in […]

Fraudulent Email Alert: SECURITY EMAIL ALERT – Jan 19, 2018

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary breach of your account.  The email can be deleted from your Inbox or mobile phone.   From: <sender’s […]

Fraudulent Email Alert: UBC SECURITY ALERT!!! – Jan 19, 2018

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary breach of your account.  The email can be deleted from your Inbox or mobile phone.   From: <sender’s […]

Fraudulent Email Alert: UBC SECURITY ALERT URGENT – Jan 17, 2018

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary breach of your account.  The email can be deleted from your Inbox or mobile phone.   —–Original Message—– […]

WordPress 4.9.2 Addresses Flash Security Issue – January 17, 2018 08:30 PT

An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for most use cases, they have been removed from WordPress 4.9.2. If you haven’t already, we recommend updating to the latest version of WordPress.   To continue to […]