Critical News

  • Critical - Dell systems running Windows: eDellRoot certificate compromise


    The eDellRoot certificate installed on certain Dell laptops and PCs has introduced a security vulnerability on those systems with it installed. This threat is that private keys were leaked for a Dell root certificate. This means attackers can use this certificate to modify your browsing experience and steal sensitive information.

    Please ensure Windows Defender for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 is running and up-to-date. Both these packages are free. If either of those packages are up to date and running, it has probably already removed the vulnerable certificate. 
    Alternatively you can manually remove this certificate.
    Contact if you have a Dell PC running Windows and cannot do either of the steps above, help desk can assist you in installing and updating the correct software.


    Win32/CompromisedCert.C is a Dell root certificate for which the private keys were leaked online.

    The certificates can be found in Dell PCs running these OS: Windows 10, Windows 8.1, Windows 8, Windows 7

    If your Dell PC contains this certificate, it most likely vulnerable to this threat. A PC with this certificate could be vulnerable to SSL/TLS spoofing attacks, allowing an attacker to digitally sign binaries so that they are trusted by the affected PC. An attacker could gain control over your PC and browsing experience. An attacker can exploit a certificate using phishing or man-in-the-middle attacks to decrypt, modify or spoof HTTPS websites, such as banking, social media, or email websites. This could allow a malicious hacker to steal your account names, passwords, and confidential data. They could also carry out transactions without your knowledge, even when it seems like you have a secure browser connection to a website.

    Posted Nov 30, 2015, 10:58 AM by Ken Gribble
  • Malicious Email with - Do Not Open!
    From Caryn DeMorna of IET, Sending on behalf of Cheryl Washington, Chief Security Officer….


    Security administrators have identified a malicious email that is being delivered via email.  The teams are working on blocking the malicious messages.  If you receive a message with a zip attachment please do not open the attachment and delete the message from your email.  The attachment that has been identified thus far is  However, you should not open any .zip attachment.


    Caryn DeMoura

    University of California, Davis

    Information and Educational Technology

    Posted Jun 5, 2015, 12:33 PM by Ken Gribble
  • University Employee Payroll Scam

    University employees are receiving fraudulent e-mails indicating a change in their human resource status. The e-mail contains a link directing the employee to login to their human resources website to identify this change. The website provided appears very similar to the legitimate site in an effort to steal the employee’s credentials. Once the employee enters his/her login information, the scammer takes that information and signs into the employee’s official human resources account to change the employee’s direct deposit information. This redirects the employee’s paycheck to the bank account of another individual involved in the scam.

    Consequences of this Scam:

    • The employee’s paycheck can be stolen.
    • The money may not be returned in full to the employee.
    • The scammers can take the employee’s log-in credentials and attempt to log into other accounts that belong to the employee.

    If you have been a victim of this scam, you may file a complaint with the FBI’s Internet Crime Complaint Center at Please reference this PSA number in your complaint.

    The IC3 produced a PSA in May 2014 titled “Cyber-related Scams Targeting Universities, Employees, and Students,” which mentioned this scam. The PSA can be viewed at

    Tips on how to Protect Yourself from this Scam

    • Look for poor use of the English language in e-mails such as incorrect grammar, capitalization, and tenses. Many of the scammers who send these messages are not native English speakers.
    • Roll your cursor over the links received via e-mail and look for inconsistencies. If it is not the website the e-mail claims to be directing you to then the link is to a fraudulent site.
    • Never provide credentials of any sort via e-mail. This includes after clicking on links sent via e-mail. Always go to an official website rather than from a link sent to you via e-mail.
    • Contact your personnel department if you receive suspicious e-mail.


    Posted Jan 15, 2015, 9:34 AM by Ken Gribble
Showing posts 1 - 3 of 3. View more »

SSG Graduate Student Presentation 2015

posted Sep 21, 2015, 4:58 PM by Ken Gribble

Campus and CS Wireless Service Changes

posted Jun 5, 2015, 9:41 AM by Ken Gribble   [ updated Jun 5, 2015, 12:00 PM ]

Because MoobilenetX will be depreciated in the near future, the Computer Science department now advises eduroam* for wireless needs. Choose your OS from the Campus Wireless Access page, and then use the eduroam instructions.

The wireless networks on campus support most wireless devices (802.11 a/b/g/n) and are available to all UC Davis computing account holdersUC Davis Guests, sponsored guests, and Eduroam account holders.


eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community.

Having started in Europe, eduroam has gained momentum throughout the research and education community and is now available in 74 territories.

eduroam allows students, researchers and staff from participating institutions to obtain Internet connectivity across campus and when visiting other participating institutions by simply opening their laptop.

SSG Graduate Student Presentation 2014

posted Sep 29, 2014, 1:51 PM by Ken Gribble   [ updated Sep 29, 2014, 2:01 PM ]

Thanks to everyone who listened!

Appointment Slots in Google Calendar

posted Sep 16, 2014, 11:43 AM by Ken Gribble

Did you know you can make appointment slots in Google Calendar? 

The appointment slots feature lets you set one period of time on your calendar, divided into available time slots for people to reserve. For instance, professors or staff can have their students reserve time during office hours each week. These appointment calendars can also be shared on the web.

Here's a video that explains how to create and reserve appointment slots.

UC Davis Wireless Certificate Update (September 2014)

posted Sep 2, 2014, 9:58 AM by Ken Gribble   [ updated Sep 2, 2014, 3:20 PM ]

The UC Davis wireless networks, MoobileNetX and ResNetX, have updated security certificates. Because of this change, 
UC Davis wireless network users may be prompted to accept a new certificate.

Please see this UC Davis IT Knowledge Base article for details:  UC Davis Wireless Certificate Update (September 2014)

If you are currently not using MoobileNetX, and are instead using MoobileNet, now's a good time to try it. MoobileNetX employs an encryption for authentication (802.1x). It also means you won't have to login every time you need to use wireless on campus.

For more information about MoobileNetX, click here.

Microsoft Home Use Program Now Available

posted Aug 12, 2014, 3:51 PM by Ken Gribble

Microsoft’s Office Home Use Program (HUP) is now available for departments that participate in the Microsoft UC-MCCA software leasing program (which includes all primary Engineering departments, including Computer Science). You are now eligible to participate in Microsoft's Software Assurance Home Use Program (HUP). This program enables you to get a licensed copy of Microsoft Office for desktop PC to install and use on your personally-owned home computer.

Under the Home Use Program, you and our other employees who are users of qualifying applications at work (e.g. Office Enterprise) may acquire a licensed copy of the corresponding Home Use Program software (e.g. Office Enterprise) to install and use on a home computer. You may continue using HUP software while you are under our employment and as long as the corresponding software you use at work has active Software Assurance coverage.

For more information, see the CoE IT Shared Services new COE Software Site

Windows XP is no longer safe enough to use

posted Jun 19, 2014, 10:47 AM by Ken Gribble

Microsoft stopped maintaining the 13-year-old operating system software on April 8, 2014. 

That means XP is no longer secure enough to use on the UC Davis network—or to use online, period. If you still use XP, you need to move to a newer operating system.

UC Davis policy prohibits use of unsupported OS or application software on machines that connect to the campus network. Unmaintained software is a common entry point for viruses and malware, which can then spread to other UC Davis computers.

See the UC Davis Windows XP Security page for more information.


New Advice on Heartbleed Internet Security Bug Released from Campus - Change your Kerberos Passphrase

posted Apr 15, 2014, 3:18 PM by Ken Gribble

Campus is now advising everyone to change our Kerberos passphrasesGo to, select "Change your passphrase," and follow the instructions.

You should not use your Kerberos passphrase for any non-UC services. Re-using passwords increases the risk of a breach.

Seriously consider changing your passphrases for other services, such as banks and retailers, once they have fixed their own vulnerabilities.

Do not respond to suspicious email messages, especially when they ask you for your passphrase or other personal information. More information is available at

Campus and SSG assess 'Heartbleed' Internet security risk - What should I do?

posted Apr 10, 2014, 1:04 PM by Ken Gribble   [ updated Apr 15, 2014, 3:11 PM ]

Information and Educational Technology is distributing a message yesterday in response to the "Heartbleed" Internet hack. Note that Campus is "
not requiring campus users to change their campus Kerberos passphrase". Campus has changed their position on this and advises changing your Kerberos passphrase.

Other websites are suggesting passphrase changes, see below.

In response to this issue, the CS Systems Support Group (SSG) has performed network scans on all CS and IDAV networks and have contacted those people with systems that are vulnerable to this risk.

What Should I do?
Experts are advising to change any passphrase on a site that was vulnerable, after they patch for the issue. If you used a passphrase on multiple sites, and one was vulnerable, change all of those website passphrases as well. While you are doing that, remember, it's best to make a unique passphrase for every site. More information on passphrases.

Places that have reported patching and are advising passphrase changes

These websites are reporting they had the Heartbleed vulnerability, and it is now patched. It is suggested you change your passphrase on these sites now. For other websites, check the Websites Reporting on Heartbleed Patching, below.

Amazon Web Services (for website operators only, was not affected)

Websites Reporting on Heartbleed patching

Backing up your Life: Download your Google

posted Jan 30, 2014, 10:00 AM by Ken Gribble   [ updated Jan 30, 2014, 10:11 AM ]

You are the best person to ascertain what holds value in your life. This includes your electronic data. Whether it’s documents you have spent hours on, presentations you use monthly, email correspondence that you cherish, calendar events, contact information, you should not rely solely on others to backup this data.

Download your Google

With many Google products, you can download an archive of your data:

After clicking “Create an Archive” choose the products you want an archive for, or choose all of them, then click “Create Archive”.

Archives can take hours or even days to create, but if you leave the checkbox alone for “Email me when the archive is ready” you will get an email when it’s done.


When you are done downloading the archive put it in a safe place. For the least risk, put it in two places, so if disaster strikes one location, your data will be safe in the other.

For more information on this Google Service, read here: Download your data: FAQ

1-10 of 25