Information Security Announcements

FALL 2023

OIT-ISO NOTIFICATION: Monday, November 20, 2023 - Important Security Update: New End-Point Protection, Cortex XDR
In recent months, cyber-attacks disabled thousands of computers at other CUNY colleges, disrupting their business operations. We are anticipating an annual surge of cyber threats that typically occurs during the holiday season. In response to these hazards, in collaboration with CUNY, we are fortifying our information security measures. >>View Notice

FALL 2020

OIT-ISO NOTIFICATION: Friday, September 4, 2020 - [THREAT ALERT] Multiple Active Email Phishing Attacks
There is an active phishing email attack targeting City College student email accounts. One such campaign that rising in occurrence is one in which various work from home job offers are sent, working for faculty or for doctors or in well-known offices or organizations such as UNICEF and WHO. >>View Notice

SPRING-SUMMER 2020

OIT-ISO NOTIFICATION: [THREAT ALERT] Active Email Phishing Attack - May 1, 2020
There is an active phishing email attack targeting City College student email accounts. This attack has the subject line "FREELANCER/VIRTUAL ASSISTANT URGENTLY NEEDED" or "VIRTUAL ASSISTANT PT OFFER". >>See Notice

OIT-ISO NOTIFICATION: Secure Transfer - April 28, 2020
The Office of Information Technology would like to introduce the Secure Transfer portal, The OIT Information Security Office recommends exercising due diligence and caution in your cybersecurity efforts. >>See Notice

OIT-ISO NOTIFICATION: Video-Teleconferencing Hijacking Advisory - March 31, 2020
There are reports of video-teleconferencing being disrupted by pornographic and/or hate images and threatening language. These are known as VTC hijacking (Also called “Zoom-bombing”). >>See Notice

OIT-ISO NOTIFICATION:COVID-19 Related Phishing Campaigns--March 26, 2020
Malicious cyber threat actors are capitalizing on the global attention surrounding the novel 2019 Coronavirus (COVID-19) to facilitate scams, distribute malware, and send phishing emails. >>See Notice

OIT-ISO NOTIFICATION: Email Scams Advisory--March 2, 2020
This is a reminder to be alert to the innumerable online scams. One of the most prevalent is known as a “phishing” email. These emails are designed to look like legitimate emails originating from your bank, a friend, or even the United States government. However, they are a ruse to persuade you to download malicious software and/or reveal account credentials and personal information that can be used for identity theft. >>See Notice

OIT-ISO NOTIFICATION: Email Scams Advisory--February 7, 2020
This is a reminder to be alert to the innumerable online scams. One of the most prevalent is known as a “phishing” email. These emails are designed to look like legitimate emails originating from your bank, a friend, or even the United States government. However, they are a ruse to persuade you to download malicious software and/or reveal account credentials and personal information that can be used for identity theft. >>See Notice

WINTER SESSION 2020

CUNY-CIS Security Advisories: FBI FLASH Report – Website Defacement Activity Indicators of Compromise and Techniques Used to Disseminate Pro-Iranian Messages – TLP: GREEN--January 13, 2020
Following last week’s US airstrikes against Iranian military leadership, the FBI observed increased reporting of website defacement activity disseminating pro-Iranian messages. The FBI believes several of the website defacements were the result of cyber actors exploiting known vulnerabilities in content management systems (CMSs) to upload defacement files. The FBI advises organizations and people concerned with Iranian cyber targeting be familiar with the indicators, tactics, and techniques provided in the attached file.