ITS

Mask or Encrypt Sensitive Data

Security Reminder: Mask or Encrypt Sensitive Data The 5th comic in our series focuses on using data obfuscation to safeguard sensitive or confidential information from unauthorised access or exposure. Implementing data masking or encryption (e.g. when transmitting sensitive data) will help organisations such as NUS to mitigate the risks associated

Sharing of Passwords for Encrypted Files

Security Reminder: Sharing of Passwords for Encrypted Files Here's the fourth comic in our series – one with a reminder on the best practices when sharing the password of your encrypted file. Unsafe practices like sharing the password over emails and Microsoft Teams' messages may result in hackers gaining access

Serious Vulnerability in Zoom Products for Windows (Feb ’24)

We have observed a new wave of scam emails (known as Business Email Compromise or BEC) in NUS, some of which unfortunately involved individuals falling prey and leading to personal financial loss. Unlike phishing emails, these scams do not require you to click on any link or provide any credentials. Instead, they usually start with an innocuous message like “Are you available” and continue as a plea for help should one reply. Eventually, the scammer will attempt to convince and trick the victim into purchasing iTunes gift cards on their behalf. To add credibility, the emails are seemingly sent from someone of authority like the Head of Department using a spoofed email address.

Join our Data Classification quiz via uNivuS and win $10 Grab Voucher

We have observed a new wave of scam emails (known as Business Email Compromise or BEC) in NUS, some of which unfortunately involved individuals falling prey and leading to personal financial loss. Unlike phishing emails, these scams do not require you to click on any link or provide any credentials. Instead, they usually start with an innocuous message like “Are you available” and continue as a plea for help should one reply. Eventually, the scammer will attempt to convince and trick the victim into purchasing iTunes gift cards on their behalf. To add credibility, the emails are seemingly sent from someone of authority like the Head of Department using a spoofed email address.

OIDC and OAuth Checklist

In late 2016, we have observed many hacking activities with the intent to exploit vulnerabilities of outdated Content Management System (CMS) and the plugins. CMS is a software used to manage the content of a website. Commonly used CMS includes WordPress, Joomla,…

Critical vulnerabilities requiring updates on Apple devices (Dec 2023)

We have observed a new wave of scam emails (known as Business Email Compromise or BEC) in NUS, some of which unfortunately involved individuals falling prey and leading to personal financial loss. Unlike phishing emails, these scams do not require you to click on any link or provide any credentials. Instead, they usually start with an innocuous message like “Are you available” and continue as a plea for help should one reply. Eventually, the scammer will attempt to convince and trick the victim into purchasing iTunes gift cards on their behalf. To add credibility, the emails are seemingly sent from someone of authority like the Head of Department using a spoofed email address.