Audience for this post: System administrators, IT staff, and staff members responsible for maintaining IT systems Latest update Summary Best Practices References We will continue to update this post with news and links to resources to help you prioritize your remediation efforts as more information becomes available. 11/01/2022 update: OpenSSL has published a blog post…
We posted about this a few weeks ago, but in this busy month, it’s worth repeating: The U.S. Department of Education and the Federal Trade Commission are working together to raise awareness about potential scams and misinformation that may be aimed at those seeking student loan debt relief. Beware of scammers who may contact you…
It’s the beginning of a new academic year and it’s Cybersecurity Awareness Month. So how can you be safer and more secure online? Get tips, tools, and resources from the annual message to the UW community. Go to message More News & Alerts
Scams are nothing new, but we are seeing a surge in scams targeting UW students and costs for victims are rising. Our Scams web page covers some of the more commonly used tactics, but there are two kinds that we want to highlight in today’s post: Employment Scams Student Aid Scams Employment scams use elaborate…
Audience for this post: UW IT admins Admin UW NetIDs have historically not been eligible to opt-in to ‘UW Duo 2FA for the Web‘, because they are not allowed to sign in to https://identity.uw.edu. Because UW Azure AD customers wanted to add 2FA as a protective measure on their admin UW NetID, UW-IT has created…
This month security firm Mandiant published a blog post and threat intelligence report about a state-sponsored Advanced Persistent Threat (APT) group known as APT42. Formerly known as UNC788, APT42 is said to be a “prolific and well-resourced threat actor” that has used credential harvesting, surveillance operations, and malware distribution to target over 30 organizations of…