Secure computing for the CCNY community requires that our users participate in making sure our campus computing is safe! By following certain protocols and procedures that are in place and by reading any Office of Information Technology e-mail broadcasts you will be using CCNY computing 'best practices' .
The Office of Information Technology (OIT) is steadily updating and adding information, posting guidelines and providing the means to achieve the goal of secure computing. Any office that will be using sensitive information from students, faculty or staff is required to fill out and file the appropriate form(s). All forms are to be submitted to and approved by the Office of the Chief Information Officer (CIO).
From OIT: Summary of Security Bulletins
Summary of Security Bulletin -- (For CCNY Community)
SPRING 2024
OIT-ISO NOTIFICATION: Tuesday, June 4, 2024 -Security Alert: Ongoing Phishing Attacks
Recently, our campus has been the target of numerous phishing attacks using a variety of fraudulent offers and notices. These attacks primarily target Students, Staff and Faculty with fake notices of account termination, fraudulent job offers, and fake requests from supervisors and other administrators to purchase gift cards. >>View Notice
OIT-ISO NOTIFICATION: Monday, January 29, 2024 - [THREAT ALERT] Multiple Active Email Phishing Attacks
Recently, our campus has been the target of numerous phishing attacks using a variety of fraudulent offers and notices. These attacks primarily target Students, Staff and Faculty with fake notices of account termination, fraudulent job offers, and fake requests from supervisors and other administrators to purchase gift cards. >>View Notice
FALL 2023
OIT-ISO NOTIFICATION: Monday, November 20, 2023 - Important Security Update: New End-Point Protection, Cortex XDR
In recent months, cyber-attacks disabled thousands of computers at other CUNY colleges, disrupting their business operations. We are anticipating an annual surge of cyber threats that typically occurs during the holiday season. In response to these hazards, in collaboration with CUNY, we are fortifying our information security measures. >>View Notice
FALL 2020
OIT-ISO NOTIFICATION: Friday, September 4, 2020 - [THREAT ALERT] Multiple Active Email Phishing Attacks
There is an active phishing email attack targeting City College student email accounts. One such campaign that rising in occurrence is one in which various work from home job offers are sent, working for faculty or for doctors or in well-known offices or organizations such as UNICEF and WHO. >>View Notice
SPRING-SUMMER 2020
OIT-ISO NOTIFICATION: [THREAT ALERT] Active Email Phishing Attack - May 1, 2020
There is an active phishing email attack targeting City College student email accounts. This attack has the subject line "FREELANCER/VIRTUAL ASSISTANT URGENTLY NEEDED" or "VIRTUAL ASSISTANT PT OFFER". >>See Notice
OIT-ISO NOTIFICATION: Secure Transfer - April 28, 2020
The Office of Information Technology would like to introduce the Secure Transfer portal, The OIT Information Security Office recommends exercising due diligence and caution in your cybersecurity efforts. >>See Notice
OIT-ISO NOTIFICATION: Video-Teleconferencing Hijacking Advisory - March 31, 2020
There are reports of video-teleconferencing being disrupted by pornographic and/or hate images and threatening language. These are known as VTC hijacking (Also called “Zoom-bombing”). >>See Notice
OIT-ISO NOTIFICATION:COVID-19 Related Phishing Campaigns--March 26, 2020
Malicious cyber threat actors are capitalizing on the global attention surrounding the novel 2019 Coronavirus (COVID-19) to facilitate scams, distribute malware, and send phishing emails. >>See Notice
OIT-ISO NOTIFICATION: Email Scams Advisory--March 2, 2020
This is a reminder to be alert to the innumerable online scams. One of the most prevalent is known as a “phishing” email. These emails are designed to look like legitimate emails originating from your bank, a friend, or even the United States government. However, they are a ruse to persuade you to download malicious software and/or reveal account credentials and personal information that can be used for identity theft. >>See Notice
OIT-ISO NOTIFICATION: Email Scams Advisory--February 7, 2020
This is a reminder to be alert to the innumerable online scams. One of the most prevalent is known as a “phishing” email. These emails are designed to look like legitimate emails originating from your bank, a friend, or even the United States government. However, they are a ruse to persuade you to download malicious software and/or reveal account credentials and personal information that can be used for identity theft. >>See Notice
WINTER SESSION 2020
CUNY-CIS Security Advisories: FBI FLASH Report – Website Defacement Activity Indicators of Compromise and Techniques Used to Disseminate Pro-Iranian Messages – TLP: GREEN--January 13, 2020
Following last week’s US airstrikes against Iranian military leadership, the FBI observed increased reporting of website defacement activity disseminating pro-Iranian messages. The FBI believes several of the website defacements were the result of cyber actors exploiting known vulnerabilities in content management systems (CMSs) to upload defacement files. The FBI advises organizations and people concerned with Iranian cyber targeting be familiar with the indicators, tactics, and techniques provided in the attached file.
Last Updated: 06/04/2024 11:21