Clik here to view.
How To Train Your POODLE part I – Clients
As you may be aware, a serious vulnerability dubbed ‘POODLE’ has been discovered in SSL version 3.0. A successful POODLE attack could allow a malicious person (with network access) to decrypt an...
View ArticleClik here to view.
How To Train Your POODLE part II – Servers and Infrastructure
In our previous blog post, we gave a quick overview of the ‘POODLE’ SSLv3.0 vulnerability, followed by tips for mitigating the risks on client applications. In this post, we will focus our attention on...
View ArticleClik here to view.
New Malware Campaign –‘Dyre’ Banking Trojan
In recent days OxCERT have witnessed a sharp rise in the incidence of emails associated with the ‘Dyre’ banking malware family. This strain of malware concerns itself with the theft of financial data...
View ArticleBodleian Libraries Targeted Phish
OxCERT have received reports of very convincing looking phishing emails appearing to originate from an @bodleian.ox.ac.uk email address. The phishing emails use the subject “Library Account Access” and...
View ArticleClik here to view.
‘CTB-Locker’ Ransomware Campaign
Over the last several days, Oxford users have reported a growing number of suspicious emails to the OxCERT team; this has coincided with the discovery of a number of personal and University machines...
View ArticleTargeted financial fraud
We were recently alerted to an example of an attempted highly-targeted financial fraud. Now, we see fraudulent emails all the time, but fortunately most are immediately apparent to the recipients. In...
View ArticleClik here to view.
CVE-2015-3456 ‘VENOM’– And it was all going so well…
After a relatively long period without a potentially-catastrophic vulnerability to report, we must again break out the hard hats as the numerically-improbable ‘CVE-2015-3456‘ is here and it wants to...
View ArticleClik here to view.
Financial Fraud Targeting University Departments
OxCERT have received an escalating number of reports of highly convincing financial fraud emails directed at University Finance Officers and others responsible for issuing large financial payments....
View ArticleClik here to view.
Major Dridex Banking Malware Outbreak
Beginning Friday and continuing through the weekend, OxCERT’s network security monitoring has picked up an extreme number of PCs infected with the ‘Dridex’ family of banking malware. This malware is a...
View ArticlePhishing campaigns targeting students
Everyone is busy at Christmas. As the old year ends people’s thoughts turn to making plans for traveling, for shopping, for celebrations and for what the new year might hold. We are distracted and...
View Article