Phish Alert - Closing of your account
April 18, 2018
York Information Security has received reports of fraudulent emails purporting to be someone you know asking for iTunes gift cards. Do not respond to the email, text message, or phone call.
If you believe that you fell victim to the scam, please contact Security Services at ext. 33333 or email firstname.lastname@example.org.
For more information, please visit the following resources:
Phish Alert - Employee Survey
April 11, 2018
Phish Alert - New Important Message From Yorku
April 6, 2018
Phish Alert - Dropbox Document Received - (Scanned_Invoice673001.pdf)
April 6, 2018
- Beware of the Latest Phishing Email with Passport York Login
Phish Alert - Security Update for All Users
March 9, 2018
T4 Payroll schedule message
March 6, 2018
Phish Alert - Schulich.YorkU.CA update
March 5, 2018
Phish Alert - We've improved, migrate to new version, It's free
February 27, 2018
A Vulnerability That Affects Outlook (CVE-2018-0950)
April 12, 2018
On Apr 11, 2018, Microsoft released updates to address a security gap in the Microsoft Outlook. The gap allows an attacker to send a maliciously crafted email to steal the "hashed" password of the email recipient. An attacker with a hashed password can ...
Multiple CPUs vulnerable to Meltdown and Spectre
January 8, 2018
Information Security is monitoring the development of the recently discovered vulnerabilities—Meltdown and Spectre. Both vulnerabilities stem from a design flaw in many processors. System and application vendors are releasing updates to mitigate these ...
Canadian University defrauded of $11.8 million in a phishing scam
September 5, 2017
MacEwan University was defrauded of $11.8 million using a targeted phishing attack. CBC reported it here: http://www.cbc.ca/beta/news/canada/edmonton/macewan-university-phishing-scam-edmonton-1.4270689 Targeted phishing is increasingly used by criminal ...
Critical Apache Struts 2.x Vulnerability
March 10, 2017
Summary A critical vulnerability has been discovered and released in the Apache Struts 2 framework. Impact This vulnerability allows for unauthenticated, remote code execution on the server. Further, there are at least two known public exploits for thi ...
Phish Alert - Update your details
July 11, 2016
Phish Alert - Important Schedule Message
July 11, 2016
Notice on University of Calgary cyber-attacks
June 10, 2016
Notice on University of Calgary cyber-attacks You may be aware the University of Calgary is in the process of recovery from a severe cyber-attack which resulted in widespread IT service disruptions for a week or longer. York University IT and Informati ...
Email Ransomware Alert (Locky)
March 1, 2016
A new variant of a crypto-ransomware, dubbed as "Locky", has recently been discovered and is spreading via email in the form of a Word document attachment with malicious macros. The ransomware encrypts files on a victim's computer, adds a ".locky" file ...
FALSE "Microsoft Support Calls" SCAM
October 29, 2015
UIT Information Security Office has received reports that false Microsoft support phone calls (currently a large, global scam) have recently targeted some members of the York community. Scammers, pretending to be from "Microsoft Support", try to fool p ...
StageFright Bug Affecting Android Devices
July 31, 2015
A vulnerability has been discovered in the Android operating system that allows an attacker to access data stored on your device or remotely install software by just having your mobile phone number. This vulnerability is being referred to as “StageFrig ...