¼ªÏé·»

Flag Announcement
Information Technology
Information Technology
Home Information Technology Information Security Security Blog

Contact Us

¼ªÏé·» Information Technology

Monday to Friday, 8am to 5pm

Faculty Technology Center
(818) 677-3443

IT Help Center
(818) 677-1400

Information Security
(818) 677-6100


(818) 677-5898

Classroom Support
(818) 677-1500

Send email

Check our social media for changes and updates.

ÌýÌý

Ìý

Security Blog

Security Alert!

Southern California Wildfire-Themed Scams

DATE(S) ISSUES:
1/20/25

SUBJECT:

Cybercriminals exploiting Southern California wildfires for phishing and scams

OVERVIEW:

Cybercriminals are leveraging the ongoing Southern California wildfires to conduct phishing attacks and scams. These scams appear in emails, text messages, QR codes, phone calls, voicemails, and fraudulent crowdfunding or fundraising campaigns on social media. Threat actors quickly incorporate fire-related themes into their phishing lures, impersonating property inspectors, building contractors, and government agencies offering aid. Some even claim to help replace identification documents, aiming to steal money and personal information.

USERS AFFECTED:

  • Fire victims
  • Homeowners
  • Donors
  • Organizations

RISK:

  • Identity theft
  • Financial loss
  • Fraudulent aid scams
  • Charity donation scams

PREVENTION TIPS:

  • Verify Requests – Independently confirm any financial or personal information requests by contacting official agencies directly.
  • Enable Security Measures – Use multi-factor authentication (MFA) and email filtering to detect phishing attempts.
  • Report Suspicious Activity – If you suspect fraud, report it to the Federal Trade Commission (FTC) or local authorities.
  • Stay Informed – Monitor official emergency websites and trusted news sources for legitimate aid and updates.


REFERENCES:

fema.gov:

Wildfire Survivors: Beware of Stolen Identity Fraud and Other Disaster Recovery Scams and Deceptions

Ìý

Network-Connected Wrench Vulnerability

DATE(S) ISSUED:

1/11/24

SUBJECT:Ìý

Vulnerability in a network-connected wrench having potential safety issues

OVERVIEW:

Security researchers from Nozomi have discovered 23 vulnerabilities in the Bosch Rexroth Handheld Nutrunner NXA015S-36V-B, a cordless wrench used in factories worldwide for precise torque applications. The device connects wirelessly to local networks, allowing engineers to tighten bolts accurately. Exploiting these vulnerabilities could enable hackers to install malware, potentially leading to the sabotage or disabling of the wrenches, causing safety and reliability issues. Bosch Rexroth has acknowledged the vulnerabilities and is working on a patch scheduled for release at the end of January 2024.

USERS AFFECTED:

  • Consumers
  • Factories
  • Organizations

RISK:

  • Safety Risks
  • Sabotage of Manufacturing Processes
  • Malware Installation
  • Operational Disruption
  • Data Security Concerns

REFERENCES:

Ìý

arstechnica.com:

CriticalÌý iOS fixes - Patch your Apple Devices Now (12/2/23)

DATE(S) ISSUED:

11/30/23

SUBJECT:Ìý

iPhone Security Flaws

OVERVIEW:

Apple has released iOS 17.1.2, along with a warning to update now. iOS 17.1.2 fixes two iPhoneÌý—both of which are already being used in real-life attacks. There is also an update to MacOS and Safari for older Macs. Here is the link to theÌý

USERS AFFECTED:

  • Any person who owns an Apple device(s)

RISK:

  • Any user clicking on the "malvertisements" or ads containing malware are subject to the installation of malware on their device

RECOMMENDATIONS:

We recommend the following actions be taken:

  • Update Apple devices as soon as possible including iPhones, MacOS, and Safari for older Macs.

REFERENCES:

support.apple.com:

Malicious Google Ads Installing Malware

DATE(S) ISSUED:

11/20/23

SUBJECT:Ìý

Malicious Google Ads Trick WinSCP Users into Installing Malware

OVERVIEW:

Beware of a sophisticated cyber threat known as SEO#LURKER! Cybersecurity experts have uncovered a malicious scheme targeting users searching for WinSCP. Attackers manipulate search results and Google ads to lure unsuspecting individuals into downloading malware instead of legitimate software. These deceptive ads redirect to compromised websites, leading to a fake WinSCP site where a seemingly genuine installer hides malicious Python scripts. Victims, particularly in the U.S., are targeted through geoblocking. This tactic isn't new; similar attacks have targeted PyCharm users.Ìý

USERS AFFECTED:

  • Users exposed to and clicking onÌýlookalike WinSCP website, winccp[.]net.

RISK:

  • Any user clicking on the "malvertisements" or ads containing malware are subject to the installation of malware on their device

RECOMMENDATIONS:

We recommend the following actions be taken:

  • Before clicking on an ad, confirm that it isÌýlegitimate
  • If you are unsureÌýan ad is legitimate, search for the ads official website and continue from there
  • Report ad to google if it is suspicious

REFERENCES:

thehackernews.com:

Contact Us

¼ªÏé·» Information Technology

Monday to Friday, 8am to 5pm

Faculty Technology Center
(818) 677-3443

IT Help Center
(818) 677-1400

Information Security
(818) 677-6100


(818) 677-5898

Classroom Support
(818) 677-1500

Send email

Check our social media for changes and updates.

ÌýÌý

Ìý
Scroll back to the top of the page