September 28, 2023

Zero-day bug requires action: Enable auto updates

Recommendations for the UW community Recommendations for IT Staff Security researchers are reporting that a vulnerability that affects a wide range of software, including web browsers, requires immediate attention by end users and IT staff. Libwebp: A ubiquitous code library WebP is a format for images designed by Google that allows pictures to be compressed…

September 20, 2023

Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month! Join the Office of Information Security as we celebrate throughout the month with awareness videos, online and in-person presentations, training sessions, contests, and info booths on securing personal and UW data and devices We’ve planned a variety of in-person and virtual events, including opportunities to participate in awareness contests…

June 9, 2023

Phone scams target UW parents

vishing phone

We frequently post about scams aimed at the University of Washington community, and a recent trend targets the parents of UW students. Last week, UW police issued a warning about scam phone calls that appear on caller ID to come from the University of Washington Police Department (UWPD). The caller falsely claims that a student…

May 31, 2023

Web shell attacks surpass ransomware as top threat

According to Cisco Talos Intelligence Group, malicious web shells surpassed ransomware as the top observed threat in the first quarter of 2023, comprising nearly 22 percent of incidents. Web shells allow remote administration on web servers. They may be used for legitimate purposes, but they are often installed by cyber criminals and other adversaries to…

May 10, 2023

Stay secure while traveling

As the academic year comes to a close and summer draws near, you or someone you know may need a refresher on how to secure personal and/or UW data and devices. Check out our Tips for Traveling Risk Advisory to help you prepare to get moving again. Travel tips

May 3, 2023

Two-factor authentication scams

alert sign

Cyber thieves and other adversaries are creating fake login pages that look similar to legitimate UW authentication and Duo web pages to try to get access to your UW NetID account. You may be directed to one of these pages if you click on a link from a phishing email, like the one shown below….