This Week’s Cybersecurity News, 07/22/2025

Share on

Today I want to let you know about some important information if you are looking to attend a conference or event. I also want to assure you that the SharePoint Server threat that was in the news had no effect on UTIA or UTK.

Current Threats

  • Conference Registration and Hotel Booking
    • Please be aware of imposters when you are making plans to attend a conference or event.
    • There are LOTS of wonderful conferences and events we can attend related to our jobs, but please take caution when signing up for one.
    • If you get an email about a conference or event that interests you, make sure you are registering for the real thing.
    • Cybercriminals can follow social media, websites, etc., to learn what your interests are, then send you an email about something that looks real but is not.
    • Instead of clicking on the link, do a search on the conference name.
    • In the list of search returns make sure you NEVER click links for anything marked as “Sponsored,” which are listed first and are usually paid for by someone to entice searchers to click on that top link.
    • If you click the links in the sponsored search returns, you will often be directed to a fake site that looks a lot like the real site but will steal your data when you enter it.
    • Instead, find the real site and manually type in the address to ensure you are going to the actual site with no redirects.
    • When you register for the conference or event, please make sure you fully understand the registration payment and only pay on secure sites (i.e., https).
    • There will often be hotel booking information on the site where the registration information is.
    • Many conferences and events have a third party partner doing the hotel reservations, usually offering special rates for attendees.
    • This is the only place you should find the official information for booking hotels, including the link for the reservations.
    • If you receive an email from someone claiming to be the booking agent, please delete the email.
    • There are cybercriminals who will obtain attendee information for conferences and will send emails to trick you into clicking to book.
    • Please do not click these links and do not enter your personal or credit card information, as these are fraudulent.
    • If you do fall victim to registration or booking scams, please report the fraud to
  • SharePoint Servers
    • Microsoft announced that a critical security vulnerability in Microsoft SharePoint Server was weaponized as a part of an “active, large-scale” exploitation campaign.
    • The attack targeted unpatched on-premise SharePoint Servers.
    • The zero-day flaw allowed a code injection and remote code execution bug that was addressed by Microsoft as part of its July 2025 Patch Tuesday.
    • According to The Hacker News, deserialization of untrusted data in on-premise Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network.
    • Again, this targeted on-prem SharePoint Servers.
    • In 2023, UTIA decommissioned its SharePoint Servers.
    • I did verify that all UTK SharePoint Servers are Microsoft cloud hosted.
    • While this attack did not affect any of our SharePoint data, I did want to mention it so you would know our data is secure.

Thank you so much for everything you do to protect the Institute and its data, students, employees, clients, and yourself!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is, and I can include it. I do this as a blind copy so student names and addresses will not show up!