Current Threats, Security Awareness Newsletters

This Week’s Cybersecurity News, 01/24/2024

Posted on Jan 24, 2024Share on

Typewriter with page typed that says privacy policy

Good afternoon.

In continuance of Data Privacy Week, today’s e-newsletter contains information about the UT Privacy Notice. If you don’t know about it or haven’t read it you should. There is also information about a current threat, plus new Firefox and Apple updates you need to make sure you have.

Data Privacy Week

  • The University of Tennessee understands the importance of data privacy and maintains a systemwide privacy notice.
  • It is important to read how the University protects privacy expectation of website visitors.
  • This privacy notice explains aggregate information regarding how UT websites commonly collect certain data including the IP address of the computer and the Internet domain used to access the Internet, IP addresses of websites linking directly to sites within the tennessee.edu domain, and pages visited during a session.
  • The privacy notice describes how cookies and third-party tracking are used.
  • This privacy notice also explains personal data and protecting the rights of individuals in compliance with the European Union’s General Data Protection Regulation (EU GDPR) which became effective 05/25/2018.
  • Please take the time to go read UT’s Privacy Notice.
  • And there is a link to the Privacy Notice in the footer of all UTIA websites, as required by UT’s Office of General Counsel.

Current Threats

  • Pet Sitting (phishing email)
    • The sender is using an address with the domain isur.edu.pr, which appears to be used by the Instituto del Sur in Arequipa, Peru.
    • The Subject is PET CARE SERVICES.
    • The message says that the sender is a former alumni of UT and that their aunt is looking for a pet sitter for her two month old pups.
    • The message says that the pay is $750 weekly and around 4 hours a day for 2-3 days a week.
    • While that sounds like great pay for little work and spending time with puppies, this message makes no mention of where the aunt is located.
    • Other things in the message make little sense, as well.
    • Please do not reply to the message, as this is a phishing scam.
    • If you receive this email, please report it using the Reporting Phishing Attempts instructions.

Browser, OS, and Software Updates

  • Firefox
    • Mozilla has released security updates to address vulnerabilities in Firefox.
    • These vulnerabilities could allow an attacker to take control of an affected system.
    • Since your browsers are being managed by UTIA ITS, you should be getting the updates automatically.
    • If you do not close your browser regularly, you may not have the latest updates.
    • In your Firefox browser, go to Settings (the three lines in the upper right-hand corner) and scroll down to Help.
    • Click on Help, then click on About Firefox.
    • A window will open to show you if your browser is up to date and what version you should have.
    • If you don’t have Firefox 122.0, please restart the browser to get the update.
  • Apple
    • Apple has released security updates to address vulnerabilities in multiple products.
    • Please make sure you have applied all available updates for these products:
      • iOS 17.3 and iPadOS 17.3: newer models
      • iOS 16.7.5 and iPadOS 16.7.5: iPhone 8, iPhone 8 Plus, iPad 5th generation, iPad Pro 9.7-inch, iPad Pro 12.9-inch 1st generation
      • iOS 15.8.1 and iPadOS 15.8.1: iPhone 6s (all models), iPhone 7 (all models), iPhone SE 1st generation, iPad Air 2, iPad mini 4th generation, iPod touch 7th generation
      • macOS Sonoma 14.3
      • macOS Ventura 13.6.4
      • macOS Monterey 12.7.3
      • Safari 17.3
      • tvOS 17.3
      • watchOS 10.3
    • Exploitation of these vulnerabilities could allow an attacker to take control of the affected device.

Thanks for all you do to protect the Institute and its data. I want to you to be sure and protect your own data as well. And don’t forget that I post these newsletters to https://UTIAsecurity.tennessee.edu. You can find the most current posts on the home page, while all newsletters are archived and easily searchable by categories and tags.

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu