Security

Tableau Security Enhancement October 19, 2018, 20:00-22:00 PT

The Tableau server application will be unavailable for the following areas on October 19, 2018, 20:00 – 22:00: Arts DAE Library PAIR Sauder

Critical Apache Struts Vulnerability Exploited in Live Attacks

A severe vulnerability has been detected in Apache Struts 2 framework.  The vulnerability allows for full remote code execution and is actively being exploited in the wild.   The UBC Cybersecurity team has been in contact with all known owners of applications relying on Apache Struts.  If you are responsible for an application that uses […]

Malware and Phishing Scam Alert: OneClass Chrome Extension September 14, 2018 10.30 PT

Be on the alert for the OneClass Chrome Extension Malware and Phishing scam. UBC Cybersecurity has determined that the OneClass Chrome Extension is malware and that there is significant risk to students’ personal information if they have installed this software. Once the extension is installed, it may attempt to send an email on your behalf […]

Email Alert: UBCcard Plan email – August 30, 2018

An email titled “You’ve got money to spend on food and drinks at UBC” was sent out today with suspicious content.  The UBC Cybersecurity Team has verified that it is a legitimate, authentic UBC message sent from UBC Food Services and therefore Not a phishing email.  It is safe to open the email.   The […]

Fraudulent Email Alert: Payment Details – August 30, 2018

Do not reply to the email or open the attached file – it is a fraudulent attempt to gain sensitive information from you. If you think you may have submitted your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary breach of your account. This phishing […]

Fraudulent Email Alert: Invoices from Various Senders – August 1st, 2018

Invoices are being emailed from various senders with various subjects.  Do not reply to these emails or click on the link contained in the emails. If you think you may have clicked on the link, please advise security@ubc.ca.  The email can be deleted from your Inbox or mobile phone. Samples:      

Fraudulent Email Alert: IT Systems Notification **IRN** – July 31st, 2018

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary breach of your account.  The email can be deleted from your Inbox or mobile phone.  

Fraudulent Email Alert: Library Notifications – July 24th, 2018

Do not reply to this email or click on the link contained in the email. If you think you may have submitted your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary breach of your account.  The email can be deleted from your Inbox or mobile phone.   From: University […]

Fraudulent Email Alert: RE: 19th of July – July 19, 2018

Do not reply to this email or otherwise engage with the sender — it is a fraudulent attempt to gain sensitive account information from you. If you think you may have provided such information, such as  your CWL login credentials, please log into myAccount, change your password immediately and advise security@ubc.ca of the possible temporary […]

.SLK Attachment Mail Relay Block July 17, 2018 – 10:00 PT

On July 17th, 2018, UBC IT will be implementing a new email blocking rule for .SLK (symbolic link) files for all messages that pass through the UBC mail-relays, including UBC’s Faculty and Staff email (FASmail). After this date, people who attempt to send a message through FASmail with an .SLK file attached will receive an […]