Current Non-Threats, Current Threats, Security Awareness Newsletters

This Week’s Cybersecurity News, 08/26/2022

Posted on Aug 26, 2022Share on

picutre of the globe with coding and a face in the background

This week’s e-newsletter reminds you of a legitimate email from a UT insurance partner reminding you of a benefit that may help you recover from back and joint pain. I also want to tell you about a fairly new phishing scam, some browser updates you need to have, and some interesting numbers on state-sponsored cyberattacks.

Current Non-Threats

  • State health plan benefit reminder: Equipment to help recover from back and joint pain!
    • This email is from RecoveryOne (recoveryone@em1.recoveryone.com).
    • The email has the Partners for Health logo and the RecoveryOne for Cigna logo at the top of the message.
    • The email is a reminder about earlier emails saying that you can get help for muscle, back, or joint issues through the RecoveryOne program at no additional cost to you.
    • The email can come to your UT email address or your personal email address, depending on which one you use for your Partners for Health account.
    • While the RecoveryOne program is for Cigna members, there is another program, Hinge Health, for Blue Cross Blue Shield members.
    • You can go to https://www.tn.gov/partnersforhealth/health-options/included-benefits-extras/exercise-therapy-programs.html to find out more information about each program, as well as to sign up.

Current Threats

  • PayPal Phishing Scam
    • Scammers are using invoices sent through PayPal.com to trick recipients into calling to dispute a pending charge.
    • According to KrebsOnSecurity, the message sent has the subject, “Billing Department of PayPal updated your invoice.”
    • The message shows an updated invoice with a note to the customer saying that your account has been accessed unlawfully.
    • There is a number to call immediately if you suspect you did not make the transaction.
    • If you were to call the number, the person pretending to be from PayPal will ask you to download software which will allow them to assume remote control over your computer.
    • This is definitely a scam so please do not call the number.
    • You can log into your PayPal account using only the way you would manually log into PayPal (via paypal.com or the mobile app if you use it) to check your account.
    • If you get an email from PayPal or anyone else with an invoice that you don’t understand, call the proven phone number that company has on record and never call the one listed in an email that you already question.

Browser, OS, and Software Updates

  • Firefox
    • Mozilla has released security updates to address vulnerabilities in Firefox.
    • These vulnerabilities could allow an attacker to take control of an affected system.
    • Since your browsers are being managed by UTIA ITS, you should be getting the updates automatically.
    • However, if you do not close your browser regularly, you may not have the latest updates.
    • In your Firefox browser, go to Settings (the three lines in the upper right-hand corner) and scroll down to Help.
    • Click on Help and click on About Firefox.
    • A window will open to show you if your browser is up to date and what version you should have.
    • If you don’t have version 104.0, please restart the browser to get the update.
  • VMware
    • VMware has released a security update to address a vulnerability in Tools.
    • Administrators using VMware should review VMware Security Advisory VMSA-2022-0024 and apply to necessary update.

Global Cybersecurity

  • State-sponsored Cyberattacks
    • Digital Information World has released information collected from a US think tank’s examination of cyberattacks that have occurred so far in 2022.
    • According to the Council on Foreign Relations Cyber Operations Tracker, here are the countries sponsoring attacks and the number of attacks:
      • Russia – 27
      • China – 24
      • North Korea – 9
      • Iran – 8
      • Palestine – 3
      • Belarus – 3
      • Ukraine – 3
      • India – 3
      • Israel – 2
      • Other – 9
    • And here are the targets of these state-sponsored cyberattacks and the number of attacks:
      • Government – 44
      • Private sector – 37
      • Civil Society – 29
      • Military – 6
    • This look at cyberattacks shows a major cause for alarm, as the attacks are increasing in severity, but also shows that major utilities are being targeted more, causing blackouts and denial of services across several critical infrastructures.
    • While the US is often a target, more countries are being attacked based on the nation state-sponsored agenda.

Thank you so much for all you do to protect the Institute and its data.  And thanks for sharing this information to help protect your family, friends, students, clients, and others. As always, if you need me and I don’t get back with you quickly enough via email or if it is an emergency, please call my cell number at any time.

Thanks!

Sandy

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu