CISO News and Alerts

August 5, 2022

Your UW NetID credentials

Your UW NetID credentials are valuable to scammers, cyber thieves, and other adversaries. If they’re able to obtain your UW NetID and password, they may use them to send spam and phishing emails, as well as to gain access to your personal data and UW institutional information and intellectual resources. Adversaries may also use your…


July 29, 2022

Tech support scams

What are tech support scams? What is the impact? How can I avoid these scams? What if I have fallen victim to a scam? Resources What are tech support scams? In a technical support scam, a cyber thief will contact you, either by phone or through a website via a pop-up window in your web…


July 1, 2022

PowerShell guidance from the NSA

The National Security Agency (NSA), along with authorities from New Zealand and the United Kingdom, have released a joint Cybersecurity Information Sheet (CIS) on security practices for using Microsoft PowerShell. The information sheet provides recommendations for proper configuration and monitoring with the use of capabilities and features such as PowerShell remoting and remoting over SSH,…


June 24, 2022

Lost and stolen laptops

gray laptop

Whether you’re traveling or staying close to home this summer, remember to secure your laptops and other mobile devices from theft. Stolen laptops are a common cause of unauthorized disclosure and loss of data at universities. If your laptop is lost or stolen, resulting in a breach of personal information, Washington state law (RCW 42.56.590)…


June 6, 2022

Summer scams

person lounging with a laptop

Many in the UW community are looking forward to a summer break, but cyber thieves stay busy finding new ways to trick students, staff, and faculty into giving up their data, credentials, and cash. Summer months bring summer scams delivered through email, text and fraudulent calls aimed at various University groups, including the incoming first-year…


May 31, 2022

Zero-day vulnerability in Microsoft products

Microsoft Office logo

News about this vulnerability is evolving and we will update this post as we gather information. Overview Things to do (IT staff) Recommendations for the UW community References Overview A zero-day vulnerability, dubbed “Follina” by a security researcher, allows remote code execution in Microsoft products. It has been actively exploited since April. On Monday, May…