Latest News and Threats

The latest threats and how to protect against them. Contact Helpdesk for assistance in removal if needed.

Current threats, vulnerabilities and information regarding data breaches are provided below. Users seeking additional information on these topics can visit the provided links. The following links go to non-OSU affiliated websites.

Marriott International Data Breach
Marriott International has revealed the company has had a data breach that could affect up to 500 million guest. The following information was accessed from the Starwood Guest Reservation Database during the breach. Customer's names, email addresses, passport numbers and payment information. Credit card information, card numbers and expiration dates may have been compromised and stolen as well. Marriott has not ruled out the possibility that the information was stolen and has been decrypted. The hotel chain has set up a website and call center to answer questions at info.starwood.com, and it is emailing affected guests beginning Friday 11/30/2018. Marriot has discovered that the attackers have had access to the database since 2014.

For more information Click Here

Phishing Site are showing the padlock symbol
More and more phishing site are now using the padlock security icon in the url bar. Internet users have been told to always look for a green padlock symbol next the url to make sure the site is secure. Most users believe the green lock means the site is legitimate, however that is not always the case. Now more phishing sites are using the green padlock to appear legitimate and trick people into believing the site is real and steal credentials. Be aware of phishing scams.
 
For more information Click Here
Click Here for OSU’s Cyber Security Safety Information.
 
Dell Data Breach
Dell has announced that on November 9, 2018 the company’s network was breached. Customer names, email addresses and hashed passwords were targeted. Dell has no conclusive evidence that any information was stolen. However, Dell has reset all customer’s password for extra precautions.

For more information Click Here

T-Mobile Data Breach
T-Mobile has announced that the company has suffered a security breach on August 20, 2018. This breach affected up to 2 million T-Mobile customers. T-Mobile has stated that no credit card information, social security numbers or password were compromised. However, T-Mobile stated that some of customer’s personal information might have been compromised. Such as name, billing zip code, phone number, email address, account numbers and account type.
 
For more information Click Here

Streaming Services login credentials (OTT) for sale on the Dark Web

Information Security researchers have found a list of login credentials for popular streaming services for sale on the Dark Web. These services include, but are not limited to; Netflix, HBO GO, Hulu and DirecTV. Please keep an eye on your accounts for any unusual activity. As a precaution, you can change account passwords.

For more information Click Here

CCleaner Malware
Malware has spread through a popular Windows cleanup utility called CCleaner. A malicious version of CCleaner and CCleaner Cloud was uploaded to the download server by unauthorized users . CCleaner v 5.33.6162 and Cleaner Cloud v.1.07.3191 were infected. If any user updated CCleaner /Cleaner Cloud or downloaded the program to install on their machine between August 15th 2017 - September 12th 2017, the user will need to update the program to the newest version.
 
For more information Click Here and Click Here
 
Equifax Data Breach
Equifax has revealed a data breach that affects up to 143 million people. The investigation is ongoing, but appeared to have occurred near the end of July 2017.  The number and types of information that was accessed or stolen has yet to be determined. Equifax has set up a website to help determine if a user has been affected. Equifax is also offering credit monitoring and identity theft protection.
 
Credit bureaus have information on citizen’s loans, loan payments, credit card information including the credit card number, child support payments, birthdays, missed rent and utilities payments, addresses, employment history, and some driver’s license information.
 
Equifax’s website to help determine if a user has been affected. Click here for Equifax website
Equifax has set up a FAQ for users. Click here for the FAQ
For more information Click Here
For information about freezing your credit: Click Here
 
FAFSA Data Breach
In April 2017 The IRS publicized a data breach where up to 100,000 users may have had their personal information stolen. Attackers used the IRS Data Retrieval Tool, which was designed for use when filing the FAFSA, to obtain personal information of users.
 
Facebook Messenger Virus
Attackers are using Facebook Messenger to spread a virus that affects Windows, MacOS and Linux machines. Users report receiving a video link that will install adware on the user’s machine. These video links come from both unknown contacts and friends. Facebook messenger users are urged to use caution when opening a link, even from a friend.

Ransomware
Ransomware is a type of malware that stops you from using your computer until you pay a certain amount of money (the ransom).
 
For more information Click Here
 
WannaCry Ransomware
This ransomware targeted systems running Microsoft Windows Operating Systems, using an exploit in the Windows Server Message Block protocol. It then encrypts the system and demands money in bitcoin to unlock the files. This affects all versions of Windows desktop and Windows server. Microsoft has issued patches that fix this vulnerability for all Windows versions, including unsupported versions like Windows XP and Windows Server 2003. To help protect a system from this vulnerability, keep Windows OS systems up to date.
 
For more information Click Here