skip to main content
UTRGV The University of Texas Rio Grande Valley
Main Menu
Donate Now Directory myUTRGV

You are here:

Home News & Alerts Archived News and Alerts

Information Security Office

  • Home
  • Report an Incident
  • News & Alerts
    • Archived News and Alerts
    • Archived Emails
    • Newsletter
  • Resources
    • Policies, Standards and Compliance
    • Software Assessment
    • Forms
    • How-To
      • Phishing Alert Button
    • Training
      • NEO
      • Data Owner
      • ISA
      • Security Awareness
      • Social Media
      • Phishing
      • Other
    • Events
      • NCSAM
      • NSAM
      • Data Privacy Day
    • Cyber Security Videos
    • Frequently Asked Questions
    • Training Feedback
  • About Us
    • Mission and Services
    • Staff Directory
    • Our Location

News & Alerts - Related Links

  • Archived News and Alerts
  • Archived Emails
  • Newsletter

Contact Us

Information Security Office
Email: is@utrgv.edu
Phone: (956) 665-7823
Fax: 956-665-3154
Facebook Twitter

Quick Links

UTRGV Acceptable Use and Security Policy How to report suspicious/phishing emails Data Storage Guide Social Media Access Controls

Archived News & Alerts

January 18, 2022

The Log4j Vulnerability Puts Pressure on the Security World

December 21, 2021

The Log4j Vulnerability: Millions of Attempts Made Per Hour to Exploit Software Flaw

December 17, 2021

Understanding the Impact of Apache Log4j Vulnerability

June 8, 2021

Colonial Pipeline Attack Yields Urgent Lessons About U.S. Cybersecurity

April 26, 2021

Why are cybercriminals eyeing insurance companies?

April 15, 2021

What is the SolarWinds Hack and Why Is It a Big Deal?

2020

June 09, 2020

A hacking group has started to flood a dark web hacking marketplace with databases containing a combined total of 73.2 million user records over 11 different companies.

May 21, 2020

Covid-related malspam campaign impersonates U.S. Treasury to steal taxpayer credentials
The advocacy group Abuse.ch has found a Covid-19-related malspam campaign that impersonates the U.S. Treasury Department and more than likely looks to steal a taxpayer’s credentials using a remote access trojan.

2019

March 21, 2019

Hackers Bypass MFA on Cloud Accounts via IMAP Protocol
Over the past several months, threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol, in an attempt to bypass multi-factor authentication (MFA), Proofpoint reports.

2018

August 29, 2018

Data breach exposes medical histories of 300 high school students

The data breach took place when on August 20 the information was posted in error to the schools intranet and remained viewable to the public for about 24 hours. The school is now investigating exactly how this took place and the school system has launched an investigation into the incident.

August 29, 2018

NIST issues guidance for protecting medical IoT devices

The incredible advancements that have turned what were once standalone pieces of medical equipment into IoT devices do enable better care for patients, but at the same time open these devices up to cyberattacks, warned the National Institute of Standards and Technology (NIST), working with the National Cybersecurity Center of Excellence (NCCoE), in a new report.

August 24, 2018

T-Mobile suffers data breach affecting 2.2 million customers

The third most popular mobile network in the US, T-Mobile, has suffered a data breach that affected more than two million of its customers. According to the company’s website, on 20 August 2018, T-Mobile’s inhouse security team noticed unusual activity that was immediately “shut down.” Data potentially compromised before the shutdown included subscribers’ names, billing zip codes, phone numbers, email addresses, account numbers and account types (e.g. pre-paid or billed). Apparently, no social security numbers (SSNs), financial data or account passwords were accessed during the attack.

August 24, 2018

Cheddar’s Restaurants Bitten By Credit-Card Breach

Cheddar’s, known for its reasonably priced country-fried chicken, pot pies, ribs and other comfort food, has hundreds of locations across the Midwest and the South. It said that it discovered the breach last Thursday; the breach itself however took place between November 3, 2017 and January 2.

August 23, 2018

Exclusive: FBI probing cyber attack on congressional campaign in California

The hackers successfully infiltrated the election campaign computer of David Min, a Democratic candidate for the House of Representatives who was later defeated in the June primary for California’s 45th Congressional district.

August 23, 2018

Hackers Steal $13.5 Million Across Three Days From Indian Bank

Representatives of Cosmos Bank, India's second-largest cooperative bank, revealed this week that hackers breached the bank's servers over the weekend and stole over 940 million rupees ($13.5 million) across three days.

August 23, 2018

How to Protect Yourself Against a SIM Swap Attack

A SIM swap is when someone convinces your carrier to switch your phone number over to a SIM card they own. They’re not doing it for prank call cover, or to rack up long-distance charges. By diverting your incoming messages, scammers can easily complete the text-based two-factor authentication checks that protect your most sensitive accounts. Or, if you don’t have two-factor set up in the first place, they can use your phone number to trick services into coughing up your passwords.

August 21, 2018

Microsoft Says Russian Operation Targeted U.S. Political Groups As Midterms Loom

A familiar cyberattack suspect linked with the Russian intelligence service has resurfaced in the months leading up to the U.S. midterm elections, according to Microsoft. The tech giant announced overnight that last week it executed a court order to disrupt six fraudulent websites set up by a hacker group known by many names — most often APT28, but also Fancy Bear or Strontium, among others.

August 20, 2018

President signs NIST Small Business Cybersecurity Act into law

S.770 also tasks NIST, a division of the U.S. Commerce Department, with considering the needs of small businesses when developing these recommendations, which among other key qualities should be widely applicable and technology-neutral and "include elements that promote awareness of simple, basic controls, a workplace cybersecurity culture, and third-party stakeholder relationships.

July 17, 2018

Don't Get Scammed: 4 Questions to Help You Land a Legit Work-From-Home Job

If you stumble upon a job that might seem too good to be true, pump the brakes for a second — it could be a scam. We want to arm you with the best tips to avoid these work-from-home job scams, so we reached out to Katherine Hutt, the national spokesperson for the Better Business Bureau.

June 14, 2018

International Business E-Mail Compromise Takedown!

Law enforcement activity resulting in 74 arrests in the U.S. and overseas.

April 3, 2018

Spanish police arrest suspected mastermind of $1 billion bank hacks

AMSTERDAM (Reuters) - Spanish police have arrested the suspected leader of a gang of cyber criminals who stole up 1 billion euros ($1.2 billion) from banks by altering account balances and instructing automatic teller machines to issue cash, Europol said on Monday. The person suspected of being behind malware attacks known as “Carbanak” and “Cobalt” was arrested in Alicante, a port city on the south east coast of Spain, after cooperation between police forces in the United States, Asia and Europe, Europol said.

March 14, 2018

Mac malware rockets 270 percent - users warned 'safe' perception is wrong

Anti-malware security vendors have warned that Mac malware is on the rise, and that the perception of Macs as being completely 'safe' is misleading. Malwarebytes has released figures that show that in the year 2017 alone, Mac threats increased more than 270 per cent, while malware targeting Mac operating systems more than doubled from 2016 to 2017.

March 13, 2018

ISO Newsletter Volume: 2 Issue: 4

This Spring, we hope that you can take a break and relax! Spring is the perfect season of the year to go through unfinished projects, do some spring cleaning, relax with friends and family, and eagerly await what summer will bring. For this issue, The Information Security Office (ISO) invites you to consider taking a few minutes to go through your computer assets, digital life, and give them a good rest too! Please follow these tips that will guide you to refresh and renew your cyber life, and remember to share them with your friends and family: .

March 12, 2018

Tech support scams using browser lockers rising

The scammers go by the names GeeksHelp and AmericaGeeks, and were previously known as Geeks Technical Solutions LLC. The actual attack has not changed. Once the target calls the number on the pop-up ad they are encouraged to download an app giving the criminals the ability to control their computer and they are then given a hard sell to purchase a “support plan” from the fake company, Malwarebytes said.

February 26, 2018

Social media and engineering used to spread Tempted Cedar Spyware

Cybercriminals are using social media and social engineering to dupe victims into downloading Advance Persistent Threat spyware disguised as the Kik messenger app.

February 9, 2018

Scam hijacks Google Chrome browser, tries to get your personal data

Scams that hijack the world's most popular browser, Google Chrome, are making the rounds again. It starts with a fake error message. For computer users, this is a vexing problem because the underlying malicious code locks up the browser. "The bug that it triggers is more than just an annoyance in the sense that it will render your Chrome browser unresponsive,” Jerome Segura, Lead Intelligence Analyst at Malwarebytes, told Fox News.

January 17, 2018

iPhones Significantly Slowed Down by Spectre Security Update

Description: Apple rolled out iOS 11.2.2 a few days ago to address Spectre vulnerability in iPhone and iPad; test confirmed that in some cases, an iPhone 6 can get even 50 percent slower after installing Apple’s security updates.

January 12, 2018

Feds charge 'Fruitfly' creator with hacking thousands of computers

The government claims, Phillip R. Durachinsky, 28, ran a 13-year scheme from 2003 to Jan. 20, 2017 that infected thousands of computers with malware dubbed “Fruitfly.” Fruitfly, which targeted Mac computers, allowed Durachinsky to take complete control of a computer including secretly turning on cameras and microphones to record video and audio.

January 4, 2018

Critical flaws revealed to affect most Intel chips since 1995

Just hours after proof-of-concept code was tweeted, security researchers have revealed the long-awaited details of two vulnerabilities in Intel processors dating back more than two decades. Two critical vulnerabilities found in Intel chips can let an attacker steal data from the memory of running apps, such as data from password managers, browsers, emails, and photos and documents.

2017

December 8, 2017

ISO Newsletter Volume: 2 Issue: 3

The UTRGV Information Security Office (ISO) hopes that you enjoy the winter break with your family, friends, and pets! We know that for this season there is a lot of online shopping, discounts, special offers, travel, and delicious food. Before we leave to have a pleasant time, we would like to thank you for your support and for reading this newsletter. As you start to put together that shopping list, please consider the following security tips. Feel free to share them with your family and friends!.

November 2, 2017

WannaCry ransomware: Hospitals were warned to patch system to protect against cyber-attack - but didn't

'Basic IT security' could have prevented the NHS from being such a significant victim of May's WannaCry ransomware outbreak.

September 13, 2017

Equifax Data Breach: 143 million U.S. consumers affected

On the Equifax Data Breach the information that was accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. Criminals also accessed credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.

September 6, 2017

SANS OUCH! September Newsletter: Password Managers

One of the most important steps you can take to protect yourself online is to use a unique, strong password for every one of your accounts and apps. Unfortunately, it is most likely impossible for you to remember all your different passwords for all your different accounts. This is why so many people reuse the same password. Unfortunately, reusing the same password for different accounts is dangerous, because once someone compromises your password, they can access all your accounts that use the same password. A simple solution is to use a password manager, sometimes called a password vault. These are programs that securely store all your passwords, making it easy to have a different password for each account. Password managers make this simple, because instead of having to remember all your passwords, you only have to remember the master password to your password manager.

August 29, 2017

New Information Security Office (ISO) Newsletter Volume!

The UTRGV Information Security Office (ISO) is proud to introduce the new look and name to our newsletter. This newsletter will strive to keep you informed about important security news and topics that will help you remain safe and secure both at work (for employees), at school (for students), or at home (for everyone). Your comments, ideas and critiques are welcome in order to ensure this newsletter serves the UTRGV community in the best way possible. Welcome to the fall of 2017 and the start of another great academic year!

August 1, 2017

SANS OUCH! August Newsketter: Backup & Recovery

If you use a computer or mobile device long enough, sooner or later something will go wrong, resulting in you losing your personal files, documents, or photos. For example, you may accidently delete the wrong files, have a hardware failure, lose a device, or become infected with malware, such as ransomware. At times like these, backups are often the only way you can rebuild your digital life. In this newsletter, we explain what backups are, how to back up your data, and how to develop a simple strategy that’s right for you.

July 25, 2017

Newcastle University spoofed in phishing scam

Cybercriminals went to extreme lengths to clone the Newcastle University website going as far as to create dozens of sub-pages explaining different programs offered by the university.

July 24, 2017

Trickbot Malware Now Targets US Banks

The Trickbot banking Trojan is now targeting U.S. banks in new spam campaigns fueled by the prolific Necurs botnet. The malware has grown more potent with the introduction of a customized redirection method as part of its attacks.

July 10, 2017

Pentagon to encrypt soldiers' email

Keeping soldiers' email out of the hands of enemies has long been a concern, but the Pentagon has been slow to use the readily available encryption tool for its internal mail service which serves 4.5 million users.

July 5, 2017

SANS OUCH! July Newsketter: Gaming Online Safely & Securely

Online gaming is a great way to have fun; however, it also comes with its own set of unique risks. In this newsletter, we cover what you and your family can do to protect yourselves when gaming online.

June 30, 2017

ISO Newsletter Volume: 1 Issue: 6

Summer is finally here and for many of us that means it’s time to get away! The ending of the Spring semester started with several cybersecurity events, one of these events impacted 99 countries including the United States of America. This summer looks like it’s going to be a hot one for cybersecurity.

June 23, 2017

New York Supreme Court Justice fell for $1M phishing attack

New York State Supreme Court Justice Lori Sattler was duped out of more than $1 million while trying to sell her Upper East Side apartment and purchase another.

June 16, 2017

Data breach at Oklahoma University impacts 30,000 students

Lack of privacy settings in a campus file-sharing network led to an unintentional exposure of the educational records of thousands of students at Oklahoma University.

June 14, 2017

MacSpy: free malware-as-a-service hits Mac OS

At the low price of free, the malware packs quite a bang for the buck with a list of features that claim to offer no digital trace of the threat actor, screen capture, key logging, iCloud syncing, be invisible to the victim, continuous voice recording, pasteboard, and browser data retrieval services.

June 7, 2017

Federal report: Hospital cybersecurity is in 'critical condition'

Many American hospitals and health care practices are critically vulnerable to cyberattack and lack the resources to protect against rising threats, according to a long-awaited report issued by the U.S. Department of Health and Human Service’s Health Care Industry Cybersecurity Task Force.

June 6, 2017

Top Defense Contractor Left Sensitive Pentagon Files on Amazon Server With No Password

A cache of more than 60,000 files was discovered last week on a publicly accessible Amazon server, including passwords to a US government system containing sensitive information, and the security credentials of a lead senior engineer at Booz Allen Hamilton, one of the nation’s top intelligence and defense contractors. What’s more, the roughly 28GB of data contained at least a half dozen unencrypted passwords belonging to government contractors with Top Secret Facility Clearance.

June 5, 2017

Hackers hosted tools on a Stanford University website for months

Compromising legitimate websites and the web servers that store and deliver them is a time-honoured tactic of opportunistic hackers, and a failure to keep them out can result in the servers hosting phishing and scam pages, spam mailers, exploit kits, or malware.

May 31, 2017

SANS OUCH! June Newsketter: Lessons From WannaCry

Recently, you most likely watched widespread news coverage of a new cyber attack called WannaCry. It infected over 200,000 computers worldwide and locked numerous organizations out of their data, including hospitals in the United Kingdom. There are several reasons this attack gained so much attention. First, it spread rapidly from computer to computer by attacking a known weakness in Windows computers. Second, the attack was a type of malware called Ransomware, which meant that once it infected your computer it encrypted all your files, locking you out of your data. The only way you could recover your data was from backups or by paying the attacker a $300 ransom to decrypt all of your data. The third and most important reason this attack gained so much attention was because it never should have happened. The weakness that WannaCry attacked in Windows computers was well known by Microsoft, which had released a fix months earlier. But many organizations failed to install the fix, or were still using operating systems that are no longer supported by Microsoft.

May 24, 2017

Investigation: Your Life for Sale

The personal information of tens of thousands of Rio Grande Valley residents were put at risk, as estimated in a CHANNEL 5 NEWS investigation of a computer server found at a local flea market.

May 22, 2017

Hack Sparrow: New 'Pirates of the Caribbean' film reportedly stolen, held for ransom

True-life digital pirates have reportedly hijacked the upcoming film Pirates of the Caribbean: Dead Men Tell No Tales, and plan to leak it online in increments, unless Disney pays an exorbitant ransom demand to rescue its movie.

May 15, 2017

Massive cyberattack targeting 99 countries causes sweeping havoc

Hospitals, major companies and government offices have been hit by a massive wave of cyberattacks across the globe that seize control of computers until the victims pay a ransom.

May 8, 2017

Texas Senate passes anti-cyberbullying bill

The Texas Senate voted 31-0 to approve SB 179, legislation that will crack down on online bullying in state schools.

May 5, 2017

Educational organizations among the most sought after cybercriminals

When it comes to finding a one-stop shopping experience for a cybercriminal it's hard to find a better target than an educational institution. What makes these organizations such an inviting target is schools, both those of higher education and local school districts, hold in one place all the types of data prized by hackers, health care information, student and employee personally identifiable information (PII), research and even payment card data, according to a report by ESET researcher Lisa Myers.

May 4, 2017

Google Docs Phishing Spam

A sophisticated phishing attack swept through the network, masquerading as a Google Docs permission request. Every time someone followed the prompts, the app would gain access to the user’s contact list and blast out a new round of emails, causing a ripple effect of compromised accounts.

May 3, 2017

SANS OUCH! May Newsletter: Securing Today's Online Kids

The number of ways children today can go online and interact with others is staggering. From new social media apps and games to schools issuing Chromebooks, kids’ social lives and futures depend on their ability to make the most of technology. As parents, we want to make sure they do so in a safe and secure manner. However, this can be a challenge, as many of us never grew up in a technical environment like this. To help you, we cover the key steps to enabling today’s kids to make the most of technology safely and securely.

May 1, 2017

ISO Newsletter Volume: 1 Issue: 5

In Spring we celebrate the renewal of life, ideas of rebirth, regrowth that occurs in nature, and eagerly await the exciting fun of summer. By tradition, spring cleaning means cleaning, dusting, and mopping; for this issue the Information Security Office (ISO) invites you to consider taking a few minutes to spring clean your digital life.

April 21, 2017

Texas 10th grader hacks school network to change grades

A Texas high school sophomore was arrested on March 31 and charged with a felony for hacking into the Spring Branch Independent School District computer system in order to change student's grades.

April 17, 2017

FDA slams St. Jude on device security

The U.S. Food and Drug Administration issued a letter of warning to medical device maker Abbott on Wednesday, slamming the company for what it said was a pattern of overlooking security and reliability problems in its implantable medical devices at its St. Jude Medical division and describing a range of the company’s devices as “adulterated,” in violation of the US Federal Food, Drug and Cosmetic Act.

April 5, 2017

SANS OUCH! April Newsletter: Passphrases

Passwords are something you use almost every day, from accessing your email or banking online to purchasing goods or accessing your smartphone. However, passwords are also one of your weakest points; if someone learns or guesses your password they can access your accounts as you, allowing them to transfer your money, read your emails, or steal your identity. That is why strong passwords are essential to protecting yourself. However, passwords have typically been confusing, hard to remember, and difficult to type. In this newsletter, you will learn how to create strong passwords, called passphrases, that are easy for you to remember and simple to type.

April 3, 2017

Millions of college credentials spotted on dark web

Researchers have found 13,930,176 email addresses and passwords belonging to faculty, staff, students and alumni of major universities across the country on the dark web.

March 30, 2017

Skype users hit by ransomware through in-app malicious ads

Several users have complained about "fake Flash" ads, which if triggered, can lead to a ransomware attack.

March 22, 2017

W-2 phishing scam scourge continues hitting Powhatan County (VA) schools

Almost 1,000 Powhatan County (VA) school district employees had their personal information compromised when a district employee fell for a W-2 phishing scam.

March 9, 2017

ISO Newsletter Volume: 1 Issue: 4

The UTRGV Information Security Office (ISO) would like to wish you a great and safe Spring Break! Prepare yourself for the break and make some educated decisions before you pack your bags and leave.

March 1, 2017

SANS OUCH! March Newsletter: Securely Using Mobile Apps

What makes mobile devices so versatile are the millions of apps we can choose from. These apps enable us to be more productive, instantly communicate and share with others, train and educate, or just have more fun. However, with the power of all these mobile apps comes risks.

February 15, 2017

Researchers discover over 170 million exposed IoT devices in major US cities

While the research focuses on visibility rather than vulnerabilities, bugs, and security flaws, having millions of devices with open ports and viewing potential can leave them exposed to cyberattacks and use in Distributed Denial of Service (DDoS) attacks.

February 7, 2017

Texas hospital penalized $3.2 Million for HIPAA violations

It was determined that the Children's Medical Center of Dallas used unencrypted mobile devices, among other noncompliance in efforts to protect customer health data.

February 1, 2017

SANS OUCH! February Newsletter: Staying Secure on the Road


In this newsletter, SANS cover how you can connect to the Internet and use your devices securely on the road.

January 27, 2017

Facebook adds Privacy Basics to help secure accounts

Facebook is celebrating Data Privacy Day by introducing the new Privacy Basics feature to control who see what its users share on the platform.

January 19, 2017

ISO Newsletter Volume: 1 Issue: 3

The UTRGV Information Security Office (ISO) would like to wish you and your families a happy New Year. Hopefully one of your new years resolution will involve information security at home and work, in the instance that you have not added this to your list don’t worry there is still plenty of time.

January 13, 2017

Los Angeles college pays $28,000 in ransomware

Los Angeles Valley College in Valley Glen said it paid $28,000 in bitcoins to the hackers, who had used malicious software to commandeer a variety of systems, including key computers and emails.

January 11, 2017

SANS OUCH! January Newsletter: Social Engineering

In this newsletter, you will learn how social engineering works and what you can do to protect yourself.

January 6, 2017

Ransomware scheme is targeting schools, colleges and head teachers

Claiming to be from 'The Department of Education', the caller asks for the email address of the head teacher which they claim they need in order to send them sensitive information which is unsuitable for the school's general email address. Once those carrying out the scheme have the contact details they need, they'll send an email containing a ransomware infected .zip file - often disguised as an Excel or Word document - to the intended victim. If the file is opened, it will execute the ransomware, encrypting files and then demanding a ransom be paid in order to retrieve the files.

January 3, 2017

FDA Issues Final Guidance for Medical Device Security

the U.S. Food & Drug Administration (FDA) has posted the agency's final guidance for medical device safety.

2016

December 20, 2016

ALERT UPDATE: Yahoo Data Breach - 1 Billion Users Affected

Based on further analysis of this data by the forensic experts, Yahoo believes an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts.

December 7, 2016

SANS OUCH! December Newsletter: Securely Disposing of Your Mobile Device

In this newsletter SANS will cover what types of personal information may be on your mobile device and how you can securely wipe it before disposing or returning it.

December 6, 2016

Cyber criminal sentenced: gets four years for selling PII

Aaron Glende (aka IcyEagle) was sentenced to four years and two months in prison for selling stolen personally identifying information (PII) and login credentials.

December 1, 2016

Hackers demanded $28,500 to unlock Carleton University files
Hackers managed to infect the systems of a Canadian university with ransomware and demanded 39 Bitcoin (approximately $28,500) to unlock the files.

November 29, 2016

Security Alert: How to stop iCloud Calendar Spam

"I didn't create a calendar item to remind me to go buy Oakley or Ray-Ban sunglasses over the next couple of days. No, I was the victim of calendar spam. It's essentially email spam, but a lot more devious."

November 23, 2016

Information Security Office Newsletter Vol. 1 Issue. 2

The UTRGV Information Security Office (ISO) would like to wish you a safe and happy holidays. It is November and as you are getting started for your holidays shopping or planning to visit your loved ones, we would like to thank you for your support, for reading this newsletter, and for taking an interest in Information Security.

November 15, 2016

Beware, iPhone Users: Fake Retail Apps Are Surging Before Holidays

Hundreds of fake retail and product apps have popped up in Apple’s App Store in recent weeks — just in time to deceive holiday shoppers.

November 9, 2016

Arizona man arrested for hacking email accounts at universities

An Arizona man was arrested on Wednesday on charges that he hacked into over 1,000 email accounts for students and others at two universities, including Pace University in New York, and tried to do the same at 75 other higher-education institutions.

November 3, 2016

SANS OUCH! November Newsletter: Using The Cloud Securely

The Cloud is neither good nor evil; it is a tool for getting things done, both at work and at home. However, when you use these services you are handing over your private data to others, and you expect them to keep it both secure and available.

November 1, 2016

The US Department of the Treasury's Office of the Comptroller of the Currency has disclosed to Congress "a major security incident."

The incident reported by the OCC involves a former employee who downloaded a large number of files onto two removable thumb drives prior to his retirement and when contacted was unable to locate or return the thumb drives to the agency.

October 24, 2016

NSA's staffer allegedly stole 50TB of data, boxes of documents and computers

U.S. federal prosecutors reportedly will charge former National Security Agency (NSA) staffer Harold Martin III not only removed 50 terabytes of data from NSA servers, but also removed “six full banker's boxes” of documents along with a host of computer hardware, according to published reports.

October 14, 2016

Malware behind payment card breach at University of Central Florida

A malware infection is to blame for a payment card data breach affecting at least 230 University of Central Florida students, according to Orlando, Florida NBC affiliate WESH, citing school officials.

October 6, 2016

Internet of Things comes back to bite us

Consumers around the world could see their home Internet speeds slow in the coming weeks due to a recent release of software that allows hackers to use Internet-connected devices to attack websites.

October 5, 2016

SANS OUCH! September Newsletter: Four Steps to Staying Secure

As technology gains a more important role in our lives, it also grows in complexity. Given how quickly technology changes, keeping up with security advice can be confusing. It seems like there is always new guidance on what you should or should not be doing. However, while the details of how to stay secure may change over time, there are fundamental things you can always do to protect yourself.

September 23, 2016

Security Alert: Yahoo Data Breach – 500 Million Users Affected Yahoo has confirmed, based on a recent investigation, that a copy of certain user account information was stolen from their network in late 2014 by what we believe is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers.

September 22, 2016

Education sector bullied by ransomware

BitSight researchers found the education sector has been bullied by the highest rates of attack while having the least protected systems among the sectors researchers observed. The access that these institutions have to social security numbers, medical records, intellectual property, research, and financial data of faculty, staff, and students make them prime targets for attacks, the report said.

September 16, 2016

SANS OUCH! September Newsletter: Email Do’s and Don’ts

Email is still one of the primary ways we communicate, both in our personal and professional lives. However, we can quite often be our own worst enemy when using email. In this newsletter, we will explain the most common mistakes people make with email and how you can avoid them in your day-to-day lives.

September 8, 2016

USB Hacking Devices Can Steal Credentials From Locked Computers

Many users might think that leaving their computer unattended does not pose any security risks as long as the device is locked. However, researcher Rob Fuller has demonstrated that an attacker with physical access to the targeted device can capture its login credentials in just seconds as long as the machine is logged in.

September 6, 2016

Scary Security Flaw Also Affects Your Mac

The same security flaw that could have allowed hackers to steal your iPhone data without you knowing it also exists on the Mac. On Thursday, Apple released a patch for a security flaw that would allow hackers to exploit flaws in its OS X desktop operating system, install spyware on the computer, and steal all kinds of data.

September 1, 2016

Dropbox massive data breach involving 68M users

What started out last week as a warning by Dropbox to its users that some login data may have been compromised has exploded into a massive data breach with an estimated 68 million Dropbox user credentials being exposed on the web.

August 26, 2016

Apple patents technique for grabbing iPhone thieves' fingerprints and photo

The patent is called "biometric capture for unauthorized user identification," (spotted by AppleInsider) and covers how an iOS device could be turned into a surveillance device capable of capturing, storing, and even transmitting information on the person using it following the receipt of a signal to do so, or after a number of unauthorized use attempts have been made.

August 17, 2016

SANS OUCH! August Newsletter: Ransomware

Once ransomware infects your computer, it encrypts certain files or your entire hard drive. You are then locked out of the whole system or cannot access your important files, such as your documents or photos. The malware then informs you that the only way you can decrypt your files and recover your system is to pay the cyber criminal a ransom (thus the name ransomware).

August 4, 2016

Cyber Threats and Opportunities - by The University of Texas System Chancellor William H. McRaven

Cyber attacks take place all day, every day – on people, businesses, government agencies, national political parties, you name it – and the consequences of just one attack succeeding can be devastating. This vulnerability poses a serious threat to our economy, our way of life, and to our collective security.

July 28, 2016

Countering the Cyber Threat. New U.S. Cyber Security Policy Solidifies FBI as Key Cyber Leader

The Obama Administration released Presidential Policy Directive-41 on U.S. Cyber Incident Coordination Policy, which sets forth principles that will govern the federal government’s response to cyber incidents and designates certain federal agencies to take the lead in three different response areas—threat response, asset response, and intelligence support.

July 21, 2016

HHS: Healthcare groups must report all ransomware attacks

The Federal Health and Human Services Department (HHS) issued guidelines this week that could require hospitals and doctor offices to notify HHS if they are victimized by a ransomware attack.

July 14, 2016

UN extends human rights to online world

The United Nations has passed a resolution calling for human rights to be counted online as well as off, citing the internet as an important medium for free speech and free assembly. The resolution was not without its opponents, though. The UN has affirmed the right of all to use the internet without fear of surveillance or deprivation.

July 6, 2016

SANS OUCH! July Newsletter: CEO Fraud

Cyber criminals have developed a new attack called CEO Fraud, also known as Business Email Compromise (BEC). In these attacks, a cyber criminal pretends to be a CEO or other senior executive from your organization. The criminals send an email to staff members like yourself that try to trick you into doing something you should not do.

July 1, 2016

House Homeland Security Committe new report: "Going Dark, Going Formward: A Primer on the Encryption Debate."

Ultimately this effor will provide a better understanding of digital security issues for Congress and the American public. The report will help inform and advance debate that centers around balancing personal cyber security and national security.

June 28, 2016

Microsoft Office 365 hit with massive Cerber ransomware attack

At least 57 percent of all Office 365 customers received at least one phishing attempt that contained the infected attachment. Millions of Microsoft Office 365 users were potentially exposed to a massive zero-day Cerber ransomware attack last week that not only included a ransom note, but an audio warning informing victims that their files were encrypted.

June 8, 2016

Hackers crippled the University of Calgary's computer systems - then received a $20,000 ransom payment
The University of Calgary paid a $20,000 ransom in untraceable Bitcoins to shadowy hackers after a devastating malware attack. University officials agreed to pay the ransom to ensure critical systems could be restored, but noted it will take some time for the university’s IT staff to apply the encryption keys to the infected machines.

June 3, 2016

SANS OUCH! June Newsletter: Encryption

You may hear people use the term “encryption” and how you should use it to protect yourself and your information.However, encryption can be confusing and you should understand its limitations. In this newsletter, SANS explain in simple terms what encryption is, how it protects you, and how to implement it properly.

June 1, 2016

Malware attack shutters University of Calgary network

A virus of unknown origin shut down the computer network of the University of Calgary. Calgary students and staff received the following warning on Saturday: "Do not use any UCalgary-issued computers for any purpose." A malware attack was believed responsible for disabling IT services, including email, Skype, VPN, secure wireless and Active Directory.

May 24, 2016

Congress is so bad at cybersecurity, two lawmakers sent advice to colleagues

House lawmakers Ted Lieu (D-CA, 33rd) and Will Hurd (R-TX, 23rd) penned an email to their colleagues Monday warning them of some of the biggest dangers and threats to their information and operational security, amid a recent spate of cyberattacks.  The two House members make up half of the four computer science majors in Congress.

GCHQ group disclosed kernel privilege exploit to Apple

The disclosure raises questions about the use of zero day exploits by the U.K.'s GCHQ, and intelligence agencies internationally. Security information professionals see competing priorities from intelligence agencies in how they make use of vulnerabilities. The tone of the public dialogue involving intelligence agencies has led to an erosion of trust.

May 19, 2016

117 million LinkedIn email credentials found for sale on the dark web

The 2012 LinkedIn data breach may be the breach that just keeps on giving with the news that 117 million customer email credentials originating from that hack were found for sale on the dark web prompting the professional social network to invalidate the account passwords.

May 18, 2016

Castro Cybersecurity Legislation Passes The House Of Representatives

The U.S. House of Representatives passed Congressman Joaquin Castro's (TX-20) bill to bolster our nation's cyber defenses and keep local communities safe from attacks. Rep. Castro's legislation, H.R. 4743, The National Cybersecurity Preparedness Consortium Act, allows non-profit entities, including universities, to work more closely with the Department of Homeland Security (DHS) to address cybersecurity risks and incidents at the state and local level.

May 9, 2016

Senator wants definition on cyber act of war

The Cyber Act of War Act of 2016 would require the President to develop a policy to determine whether a cyber attack constitutes an act of war.

May 4, 2016

SANS OUCH May Newsletter Internet of Things IoT

The next big technical advancement is the Internet of Things. The Internet of Things, often shortened to IoT, is all about connecting everyday devices to the Internet, devices from doorbells and light bulbs to toy dolls and thermostats.

April 14, 2016

ALERT Apple Ends Support for QuickTime for Windows
According to Trend Micro, Apple will no longer be providing security updates for QuickTime for Windows, leaving this software vulnerable to exploitation.

Jump to Top

UTRGV

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube
  • CARES, CRRSAA and ARP Reporting
  • Site Policies
  • Contact UTRGV
  • Required Links
  • Fraud Reporting
  • Senate Bill 18 Reporting
  • UTRGV Careers
  • Clery Act Reports
  • Web Accessibility
  • Mental Health Resources
  • Sexual Misconduct Policy
  • Reporting Sexual Misconduct