June 2, 2021
The Office of Information Security offers information security workshops for members of the UW community. Find Bad Things on Windows 10 will explore the Mitre ATT&CK framework for understanding techniques and tactics used by adversaries. It is scheduled for the 3rd Wednesday of each month, 1:00-3:00. The Secure Code series includes: Web App Security 101:…
May 28, 2021
An important part of attending to information security risks and threats is managing various types of secrets, such as passwords, certificates, and keys. Our newly-published Managing Secrets Risk Advisory lists considerations and tools for securely accessing, sharing, storing, and changing your organization’s secrets, as well as things to avoid. Go to Advisory More Articles
April 22, 2021
Ransomware is a type of malicious software (malware) that locks up computers, devices, and data to make them inaccessible until a sum of money is paid to cyber thieves. It can lock up individual files and folders or it can lock up your entire device. It can also spread to attached devices. Cyberthieves may infect…
April 16, 2021
Cybercriminals use LinkedIn’s public-facing service to collect information about LinkedIn members, the same information LinkedIn displays to non-members to include members’ names and job titles. Phishers are using this information to send malicious email messages to LinkedIn members under the guise of an employment opportunity. Currently, the phishers are attaching Zip files with names that…
March 25, 2021
In the Office of Information Security, our advising team collaborates with University departments and organizations on risk management practices for critical or high-risk information security assets. To assist in this process, they have published an updated set of resources for the development and maintenance of a Security Plan. These tools are intended to help your…
This week there are at least two phishing campaigns impersonating the IRS that are targeting the UW community. If you see an email with the subject Your Payroll Direct Deposit or Recalculation of Your Tax Refund Payment, delete it. In this case, there is no need to report these particular messages to our service center…