The eDellRoot certificate installed on certain Dell laptops and PCs has introduced a security vulnerability on those systems with it installed. This threat is that private keys were leaked for a Dell root certificate. This means attackers can use this certificate to modify your browsing experience and steal sensitive information.
You can manually remove this certificate, or Microsoft has updated their security software to remove this certificate.
Please ensure Windows Defender for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 is running and up-to-date. Both these packages are free. If either of those packages are up to date and running, it has probably already removed the vulnerable certificate.
Alternatively you can manually remove this certificate.
Contact email@example.com if you have a Dell PC running Windows and cannot do either of the steps above, help desk can assist you in installing and updating the correct software.
Win32/CompromisedCert.C is a Dell root certificate for which the private keys were leaked online.
The certificates can be found in Dell PCs running these OS: Windows 10, Windows 8.1, Windows 8, Windows 7
If your Dell PC contains this certificate, it most likely vulnerable to this threat. A PC with this certificate could be vulnerable to SSL/TLS spoofing attacks, allowing an attacker to digitally sign binaries so that they are trusted by the affected PC. An attacker could gain control over your PC and browsing experience. An attacker can exploit a certificate using phishing or man-in-the-middle attacks to decrypt, modify or spoof HTTPS websites, such as banking, social media, or email websites. This could allow a malicious hacker to steal your account names, passwords, and confidential data. They could also carry out transactions without your knowledge, even when it seems like you have a secure browser connection to a website.
Security administrators have identified a malicious email that is being delivered via email. The teams are working on blocking the malicious messages. If you receive a message with a zip attachment please do not open the attachment and delete the message from your email. The attachment that has been identified thus far is Document.zip. However, you should not open any .zip attachment.
University of California, Davis
Information and Educational Technology
University employees are receiving fraudulent e-mails indicating a change in their human resource status. The e-mail contains a link directing the employee to login to their human resources website to identify this change. The website provided appears very similar to the legitimate site in an effort to steal the employee’s credentials. Once the employee enters his/her login information, the scammer takes that information and signs into the employee’s official human resources account to change the employee’s direct deposit information. This redirects the employee’s paycheck to the bank account of another individual involved in the scam.
Consequences of this Scam:
If you have been a victim of this scam, you may file a complaint with the FBI’s Internet Crime Complaint Center at www.IC3.gov. Please reference this PSA number in your complaint.
The IC3 produced a PSA in May 2014 titled “Cyber-related Scams Targeting Universities, Employees, and Students,” which mentioned this scam. The PSA can be viewed at http://www.ic3.gov/media/2014/140505.aspx.
Tips on how to Protect Yourself from this Scam
More on Avoiding Social Engineering and Phishing Attacks from the US-Cert.
As a precaution, police issued a "WarnMe" notification to the campus community. No evacuations are required. Be aware of your surroundings, and report any suspicious objects to police at 530 754-2677.
Additional information: UC Davis Police Department
This message is posted because the Systems Support Group (SSG) received questions about the legitimacy of emails sent out by the Warn Me system. You can find out more about the Warn Me system at: https://warnme.ucdavis.edu/
That means XP is no longer secure enough to use on the UC Davis network—or to use online, period. If you still use XP, you need to move to a newer operating system.
UC Davis policy prohibits use of unsupported OS or application software on machines that connect to the campus network. Unmaintained software is a common entry point for viruses and malware, which can then spread to other UC Davis computers.
See the UC Davis Windows XP Security page for more information.
Not for long, however!
April 14th, in the morning, regnant will be turned off.
If you haven't changed your systems DNS servers settings, you may find your network is slow or non-functional after this date. If so, here are the servers you should be using (in order from primary to secondary):
All other setting can remain the same, but regnant's IP (18.104.22.168) should be removed from your systems settings.
For modern linux systems, you should use your GUI network configuration tools.
More than likely you already made this change, or we made it for you. We have found some systems that haven't been changed over, and have written their owners to remind them of the change.
As always, if you have issues, please contact us at: firstname.lastname@example.org
Apps Status Dashboard details on Gmail:
1/24/14 12:23 PM The problem with Gmail should be resolved. We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better
UC Davis Status Twitter Feed:
Campus computing services returned to normal operation by 8:00pm. 9:23 PM - 10 Jan 14
Services that are having difficulties are: www, email, authentication (CAS, Kerberos), and LDAP.
Some services remain down at this time.
For updates, the Systems Support Group (SSG) suggests: UCDavisStatus on Twitter