Alert

Update 9/15/2021 Microsoft released security updates yesterday to address the remaining PrintNightmare vulnerabilities. https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-remaining-windows-printnightmare-vulnerabilities/ Update 9/1/2021 This post is an update for this previous post regarding the Microsoft Print Spooler vulnerabilities known as “PrintNightmare.” As stated in the August 16 post, Microsoft updated CVE-2021-34527, Windows Print Spooler Remote Code Execution Vulnerability to indicate that patches…

A cloud security vendor, Wiz, announced on Friday (8/26) that they discovered a vulnerability in Microsoft Azure’s managed database service, Cosmos DB, that grants read/write access for every database on the service to attackers who find and exploit the bug. They named the vulnerability “Chaos DB.” Wiz made the discovery two weeks ago, but they…

Recently there has been a surge in phishing and scams targeting UW students, faculty, and staff. Many of these emails appear to be job offers or alerts from UW accounts or UW offices. There is a “fresh phish” below that offers $800/week with bonuses. More examples can be found on the Phishing Examples web page….