Security

Fraudulent Email Alert: Validate Your Email Account….To Avoid closed down – July 19, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: Important Message – July 19, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: Very Important Message – July 19, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

PetyaWrap Vulnerability – June 27th, 2017 – 12:40 PT

PetyaWrap Vulnerability PetyaWrap, a variant of Petya, is the latest worldwide ransomware that has affected Europe significantly, including large corporations such as Merck and Maersk.  The vulnerability can spread using the same Windows SMBv1 vulnerability as the recent WannaCry attack.  There are no additional patches beyond those that were already released for WannaCry. The ransomware […]

Stack Clash Vulnerability – Jun 19, 2017 – 15:30 PT

Stack Clash Vulnerability Stack Clash is a vulnerability that affects memory management of Unix-based operating systems. Attackers exploit this vulnerability by corrupting memory by stacking with another memory region in the system and executing an arbitrary code.  These exploits are Local Privilege Escalations where the attacker can exploit the stash vulnerability and obtain full root […]

Enhancing UBC Border Firewall Security Features – May 31st, 2017 12:30 PT – June 2nd, 2017 12:30 PT

UBC will enhance firewall security features on Wednesday, May 31st, 2017 12:30 PT – Friday, June 2nd, 2017 12:30 PT. There are no expected impacts to the UBC community when the features are enabled.

Fraudulent Email Alert: Library Notifications – June 3, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: Payroll Notice. – May 24, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

Fraudulent Email Alert: Account Closure. – May 24, 2017

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount  and change your password immediately.  Also, please forward a copy of the email including full headers to security@ubc.ca and advise of the possible temporary breach of your account.  The email can then […]

UPDATE: GLOBAL RANSOMWARE ALERT – WannaCry Ransomware

Update May 24, 2017:There are now reports of new variants using the same vulnerability exploited by the WannaCry attack. These variants (EternalRocks, Adylkuzz, UIWIX) are being spread directly from infected systems to exposed vulnerable systems. Installing the MS17-010 patch for Windows is the only way to eliminate the vulnerabilities being actively exploited.If a system cannot […]