By Arica Chhay, Jay Krous, Michael Smitasin A new phishing tactic has emerged; attackers are using the comments feature of Google Docs to send phishing messages. These attacks are challenging to prevent at the moment since the comment appears to come from Google. Review the real Lab example … [Read more...] about Google Docs Phishing Comments
CrowdStrike Falcon is the Lab’s New Antivirus Solution
Berkeley Lab IT is pleased to announce CrowdStrike Falcon (or simply CrowdStrike) has replaced Sophos as the Lab’s antivirus software. Sophos Antivirus, which has been used at the Lab since 2012, will be discontinued by Sophos in July 2023. Crowdstrike enables detection and remediation of … [Read more...] about CrowdStrike Falcon is the Lab’s New Antivirus Solution
Safer Web Browsing
By Arica Chhay, Jay Krous, Tap L, Gabe McGinnis 1. Minimize browser extensions. Web browser extensions are tools to extend or enhance your browsing experience, often by adding new features or enabling integrations with other applications, such as Google or Zoom. While most extensions are … [Read more...] about Safer Web Browsing
Security Advisory: Update Apple Devices to Address a New Zero-Day Vulnerability
Apple released a security update for Apple devices on February 13, 2023, regarding CVE-2023-23529. This vulnerability allows an attacker to remotely execute code without your knowledge. The latest security updates include the fix to this issue, and we encourage all users to update all Apple devices … [Read more...] about Security Advisory: Update Apple Devices to Address a New Zero-Day Vulnerability
Blocked Access to the Lab Network
Open collaboration and teamwork is an integral aspect of Berkeley Lab culture. Cyber Security's goal is to safely remove barriers to scientific research and enable full participation for all Lab staff and affiliates, including remote and international users. To maintain the integrity of our complex … [Read more...] about Blocked Access to the Lab Network
High Volume Spam Emails
Berkeley Lab employees have recently reported an unusually large number of spam emails to their lbl.gov work account. High volume spam emails are a common attack tactic that typically floods users with hundreds of spam emails in a short period of time. Attackers do this to cover up important emails … [Read more...] about High Volume Spam Emails
Cyber Security Awareness Month 2022
This October 2022, Berkeley Lab is kicking off the start of national Cyber Security Awareness Month with a new Cyber Security Annual Training (SEC 0201) course. The updated training reflects the latest security challenges and mitigations. The new SEC 0201 is now available for all Berkeley Lab staff … [Read more...] about Cyber Security Awareness Month 2022
Fake Invoice Phishing Scams
The Cyber Security group is aware of many Berkeley Lab staff receiving fake invoices sent to their lbl.gov work email address. The goal of this phishing scam is to trick recipients into believing they have been charged for a service so they call the number and reveal sensitive personally … [Read more...] about Fake Invoice Phishing Scams
Be Careful about Financial Adviser Solicitations
It’s a busy season for staff opting to retire. Be cautious about unauthorized financial adviser solicitations claiming to provide consultation for retirement or pension benefits. Misleading messages delivered through email and phone calls have recently been reported by University of California (UC) … [Read more...] about Be Careful about Financial Adviser Solicitations
Microsoft Update May Affect Network Attached Storage (Condo-Storage)
Microsoft will be rolling out a new fix in July 2022 for a vulnerability found in CVE-2021-42287. If the vulnerability is successfully exploited, this could lead to the disclosure of sensitive information, modification of data, administration takeover, or Denial of Service (DoS). Microsoft’s fix … [Read more...] about Microsoft Update May Affect Network Attached Storage (Condo-Storage)
Was this page useful?

