Current Threats, Policies and Procedures, Security Awareness Newsletters

This Week’s Cybersecurity News, 08/27/2025

Posted on Aug 27, 2025Share on

pciture of an AI generated hacker sitting at a computer

Hello, everyone.

Today I have one current threat to share with you. I want to remind everyone that Windows 10 is nearing its end of support. I also want to remind everyone that you are required to use the VPN anytime you are working from any location that is not on the UT or SHIELD secure networks.

Current Threat

  • FakeCAPTCHA Attacks
    • In the past couple of weeks, I have been seeing some computers that have been compromised by FakeCAPTCHA attacks.
    • I know we have all been on a site that asks us to use the CAPTCHA security challenge that distinguishes humans from bot activity.
    • Because of these fake CAPTCHA challenges, you need to know how to identify them.
    • These fake CAPTCHA challenges can be on a real site through ads on the site or some compromised content on the site but are most often found by clicking site links in phishing emails.
    • Through these fake challenges the threat actor will trick users into executing malicious code on the users’ own devices.
    • The malicious code can steal passwords, cookies, data, etc.
    • If you ever get a CAPTCHA challenge that asks you to press the Windows key + R, then has you press CTRL + V, and Enter, this is a fake CAPTCHA.
    • This fake challenge is actually taking you to Windows Run, where pasting something and pressing enter is going to start the malware install.
    • It is very important to remember to never trust being asked to use the Run dialog (Windows key + R) when you are doing any CAPTCHA challenge.

Important Reminders

  • Windows 10 End-of-Support Coming Soon!
    • Windows 10 is officially reaching end of support on October 14, 2025.
    • This means that after this date, Microsoft will no longer provide free software updates, technical assistance, or security patches for Windows 10.
    • Without these updates and security patches, your computer will become more vulnerable to all security threats.
    • If you are using a PC, to find which version of Windows you are using, do the following:
      • Go to the Search box on the taskbar (right beside of the Start button) at the bottom of your screen.
      • In the box, type winver and click Enter.
      • A window will then show what version you are running.
    • If you are still running Windows 10 you need to upgrade to Windows 11 soon.
    • If you are with the UT College of Veterinary Medicine, the CVM Support group will help you will this.
    • If you are with UT Extension or UT AgResearch and Education Centers across the state, your regional IT staff will help you with this.
    • If you are located on the Knoxville campus or one of the Knoxville-area locations that gets assistance from the UTK OIT Desktop Support, please call (865) 974-9900 to request help.
    • This upgrade must be done before 10/14/2025.
    • If you have a computer that is out of warranty, it is likely too old to allow Windows 11 to be installed.
    • Please remember that UTIA UT01xx – System and Services Acquisition Standard states that the Institute has a technology refresh schedule of a maximum of five years for replacing hardware, which is in place due to older systems not being able to be updated and secured properly.
  • VPN Requirement
    • When we all had to work from home when COVID hit in 2020, we all knew that access to any UT system would require the use of UT’s VPN.
    • That requirement has never changed for when you are working from any location other than where you are connecting to the UT network.
    • Any time you are working remotely, whether from home or when traveling, you must use the VPN.
    • In addition, it is absolutely required of the counties who are not part of the SHIELD network.
    • In the past, the VPN made some things a little slow.
    • The current version of the VPN is so much better, so please read This Week’s Cybersecurity News, 01/23/2025, if you need a refresher on how to get this version (and if you need to get this version, it means you haven’t been using the VPN).
    • Please remember that the VPN is establishing a secure connection that creates a tunnel protecting your privacy by encrypting the Institute’s data when not on our secure UT network.

I thank you so much for all you do to protect the Institute and its data, students, employees, clients, and yourself. Please let me know if you ever have any questions or concerns.

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is, and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu