News & Alerts
The IT Security Office will be sending the following email around to sponsors of Guest accounts to advise sponsors to review your sponsored guest accounts and terminate any that are no longer needed.
Apple as pushed out a silent update to address the Zoom vulnerabilities by removing the local web server. This update is said to have no negative impact on the OS or the Zoom application itself.
Microsoft has announced a vulnerability in the Outlook for Android app for versions < 3.0.88. If this vulnerability is successfully exploited, the attacker can execute malicious in-app client-side code on the compromised device.
The following email is legitimate and has been sent to various members of the Duke community.
Researchers sometimes discover security vulnerabilities with university systems and networks, and Duke recognizes the value of identifying and remediating these issues, in accordance with the university’s responsible disclosure policy found here:
The Duke IT Security Office has received multiple reports of the following widespread phishing attack purportedly allowing the recipient to retrieve a voice message.
The following email was sent to all Duke University and Duke Health Staff and Faculty.
Please note that this email is legitimate and we ask that you continue to forward any suspicious messages to email@example.com.
The IT Security Office has received several reports of email fraud attempts where attackers are impersonating Duke staff.
We'd like to recognize Darshil Shah for their efforts in uncovering an authentication bypass vulnerability on a Duke Unviersity website.