Latest News and Threats

The latest threats and how to protect against them. Contact Helpdesk for assistance in removal if needed.

Current threats, vulnerabilities and information regarding data breaches are provided below. Users seeking additional information on these topics can visit the provided links. The following links go to non-OSU affiliated websites.

T-Mobile Data Breach
T-Mobile has announced that the company has suffered a security breach on August 20, 2018. This breach affected up to 2 million T-Mobile customers. T-Mobile has stated that no credit card information, social security numbers or password were compromised. However, T-Mobile stated that some of customer’s personal information might have been compromised. Such as name, billing zip code, phone number, email address, account numbers and account type.
For more information: Click Here

Streaming Services login credentials (OTT) for sale on the Dark Web

Information Security researchers have found a list of login credentials for popular streaming services for sale on the Dark Web. These services include, but are not limited to; Netflix, HBO GO, Hulu and DirecTV. Please keep an eye on your accounts for any unusual activity. As a precaution, you can change account passwords.

For more information: Click Here

CCleaner Malware
Malware has spread through a popular Windows cleanup utility called CCleaner. A malicious version of CCleaner and CCleaner Cloud was uploaded to the download server by unauthorized users . CCleaner v 5.33.6162 and Cleaner Cloud v.1.07.3191 were infected. If any user updated CCleaner /Cleaner Cloud or downloaded the program to install on their machine between August 15th 2017 - September 12th 2017, the user will need to update the program to the newest version.
For more information: Click Here and Click Here
Equifax Data Breach
Equifax has revealed a data breach that affects up to 143 million people. The investigation is ongoing, but appeared to have occurred near the end of July 2017.  The number and types of information that was accessed or stolen has yet to be determined. Equifax has set up a website to help determine if a user has been affected. Equifax is also offering credit monitoring and identity theft protection.
Credit bureaus have information on citizen’s loans, loan payments, credit card information including the credit card number, child support payments, birthdays, missed rent and utilities payments, addresses, employment history, and some driver’s license information.
Equifax’s website to help determine if a user has been affected. Click here for Equifax website
Equifax has set up a FAQ for users. Click here for the FAQ
For more information: Click Here
For information about freezing your credit: Click Here
FAFSA Data Breach
In April 2017 The IRS publicized a data breach where up to 100,000 users may have had their personal information stolen. Attackers used the IRS Data Retrieval Tool, which was designed for use when filing the FAFSA, to obtain personal information of users.
Facebook Messenger Virus
Attackers are using Facebook Messenger to spread a virus that affects Windows, MacOS and Linux machines. Users report receiving a video link that will install adware on the user’s machine. These video links come from both unknown contacts and friends. Facebook messenger users are urged to use caution when opening a link, even from a friend.

Ransomware is a type of malware that stops you from using your computer until you pay a certain amount of money (the ransom).
For more information: Click Here
WannaCry Ransomware
This ransomware targeted systems running Microsoft Windows Operating Systems, using an exploit in the Windows Server Message Block protocol. It then encrypts the system and demands money in bitcoin to unlock the files. This affects all versions of Windows desktop and Windows server. Microsoft has issued patches that fix this vulnerability for all Windows versions, including unsupported versions like Windows XP and Windows Server 2003. To help protect a system from this vulnerability, keep Windows OS systems up to date.
For more information: Click Here
Android Adware
Google continues the fight against malware loaded apps in the Google Play App Store for android smartphones. Recently some 500 apps, that together had over 100 million downloads, were pulled from the Google Play Store because they contained back doors which allowed malware/spyware to be installed on the device.
For more information: Click Here

Malicious Word, Excel and PowerPoint Documents
Attackers use Microsoft Office documents to infect computers with malware. Word and excel documents can use macros. Attackers will make a document with a macro that will execute malicious code once opened by the user. In addition, a zero-day exploit is now being used to infect user’s computers using a booby-trapped OLE2link object. Once clicked on, it downloads malicious code to the computer. This attack is seen is Word and PowerPoint. Always be cautious of uninvited documents or emails.

Chrome Browser Extensions
Recently it was discovered that several Chrome extensions were being used to install malware onto the user’s machines. Researchers believe the extensions were compromised through the use of social engineering and phishing attacks against the developers.