This October 2022, Berkeley Lab is kicking off the start of national Cyber Security Awareness Month with a new Cyber Security Annual Training (SEC 0201) course. The updated training reflects the latest security challenges and mitigations. The new SEC 0201 is now available for all Berkeley Lab staff … [Read more...] about Cyber Security Awareness Month 2022
Cyber Security
Fake Invoice Phishing Scams
The Cyber Security group is aware of many Berkeley Lab staff receiving fake invoices sent to their lbl.gov work email address. The goal of this phishing scam is to trick recipients into believing they have been charged for a service so they call the number and reveal sensitive personally … [Read more...] about Fake Invoice Phishing Scams
Be Careful about Financial Adviser Solicitations
It’s a busy season for staff opting to retire. Be cautious about unauthorized financial adviser solicitations claiming to provide consultation for retirement or pension benefits. Misleading messages delivered through email and phone calls have recently been reported by University of California (UC) … [Read more...] about Be Careful about Financial Adviser Solicitations
Microsoft Update May Affect Network Attached Storage (Condo-Storage)
Microsoft will be rolling out a new fix in July 2022 for a vulnerability found in CVE-2021-42287. If the vulnerability is successfully exploited, this could lead to the disclosure of sensitive information, modification of data, administration takeover, or Denial of Service (DoS). Microsoft’s fix … [Read more...] about Microsoft Update May Affect Network Attached Storage (Condo-Storage)
Update Computers for Return to Work
The number one recommendation by IT professionals and Berkeley Lab Cyber Security is to keep computers up-to-date. We strongly encourage running Microsoft or Apple updates on any computers which have been turned off for some time. Computer vulnerabilities are continually emerging and … [Read more...] about Update Computers for Return to Work
New Type of Social Engineered Phishing
The Berkeley Lab Cyber Security group reports a new variety of social engineered phishing scams. In this new variety, attackers impersonate the name of real Lab staff or colleagues, including senior leaders and supervisors. The attackers use public websites to determine relationships and … [Read more...] about New Type of Social Engineered Phishing
Seeing The message “Your connection is not private”
Do not be alarmed if you are getting the message "Your connection is not private". The related IT team is working to resolve the issue. In the meantime click Advanced and click Proceed to login.lbl.gov (Unsafe) and accept the risk to continue. Feel free to … [Read more...] about Seeing The message “Your connection is not private”
Cyber Security Awareness: Ransomware Resistant Backups
Ransomware is a type of malicious software cyber attackers use to encrypt an organization’s systems or data and extort payment in order to restore access. Ransomware attacks can be disruptive and harmful to organizations, resulting in financial loss, the permanent loss of sensitive or proprietary … [Read more...] about Cyber Security Awareness: Ransomware Resistant Backups
Cyber Security Awareness: Default Passwords
Attempting to log in with blank, default, and common usernames and passwords is a widely used attack technique. Unlike most enterprise or corporate networks, Berkeley Lab has an open computing environment so changing default credentials is especially important. To facilitate science and … [Read more...] about Cyber Security Awareness: Default Passwords
Cyber Security Awareness Month: Phone Scams
In support of Cybersecurity Awareness Month, the IT Division is highlighting phone scams and offering tips on how to avoid attacks. Scammers often take advantage of busy times throughout the year when people are distracted or vulnerable, such as during holidays, tax season, back-to-school, and … [Read more...] about Cyber Security Awareness Month: Phone Scams
Was this page useful?
Send
in the bottom right or navigate to