Security Alerts & Warnings | UVA Information Security

This page lists current warnings regarding suspicious email messages and other cybersecurity hazards at the University of Virginia. For guidance on how to secure yourself against these hazards, be sure to visit our tip of the month.

Regarding Suspicious Email Alerts

Messages similar to the suspicious emails listed below may be related to phishing scams, schemes to commit identity theft, or other attempts to compromise users’ machines or personal information.

If you receive an email similar to any of the suspicious emails on this page, DO NOT respond—delete it immediately!
Do not click any links in the email, and do not “unsubscribe” or acknowledge the email in any way.
If you receive an email that appears “phishy” and are unsure if it’s legitimate, and it is not listed below, please report it to us by forwarding it to [email protected].

Security Alerts and Suspicious Items Currently Affecting UVA:

Part-Time Intern!

Posted: April 10, 2022 - 8:03am

rom: Typical User
Date: Sun, Apr 10, 2022 at 3:22 AM
Subject: Re: Part-Time Intern!
To:

AHEAD in conjunction with "The University of Virginia" is looking for
dynamic college students interns to join our team as paid interns which
will also gain valuable work experience and we work with interns to gain
academic credit if applicable.
AHEAD is a nonprofit organization dedicated to saving lives and responsible
for providing protection and advocacy for the rights of students with
disabilities

Interns at AHEAD are paid $620 weekly and can work remotely with a
commitment of approximately 8hrs - 12hrs per week and the working hours are
also flexible with the student schedule.

For employment consideration, all qualified applicants are encouraged to
submit their resume and reply to: saraschiller aheads.org with this
information

Critical Vulnerability in Spring Java framework

Posted: March 31, 2022 - 4:30pm

Action Needed: Critical Vulnerability in Spring Java framework

Threat: CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+

UPDATE 4/8/2022: Trend Micro Threat Research today confirmed that this Spring4Shell vulnerability has been exploited by the Mirai botnet.

Critical Vulnerability in macOS and iOS

Posted: April 4, 2022 - 3:30pm

Two critical zero-day vulnerabilities has been identified that require the immediate attention of anyone using a Macintosh computer, iPhone, or iPad.

Another Chrome Zero-Day flaw: CVE-2022-1096

Posted: March 28, 2022 - 9:30am

Another Zero-Day flaw in the Chrome web browser for Windows, Macintosh, and Linux computers and Microsoft's Chromium-based Edge browser.

A zero-day flaw has been found in the Chrome web browser used on Windows, Macintosh, and Linux computers. The flaw (CVE-2022-1096) is a high severity flaw on the CVSS vulnerability-rating scale. It is a type confusion weakness in the Chrome V8 JavaScript engine reported by an anonymous security researcher.

Log4j Java vulnerability

Posted: December 13, 2021 - 4:15pm

If you and/or your folks are not already working on finding/remediating the Apache log4j Java vulnerability (CVE-2021-44228), please prioritize this issue. It is a critical zero-day exploit.

When this vulnerability is exploited, the bad guy can run commands on your computers or servers, steal data, and/or use your computers to laterally pivot to other computers or servers.

Information about this vulnerability, who it affects, how to search for it, and mitigation strategies if you find it are on our webpage: Action Needed: Critical Vulnerability in Widespread Java Logging Library

We want to make sure that finding and fixing this vulnerability is high priority for everyone.

Thank you for helping to keep everyone’s data and information at UVA secure.

Firefox Zero-Day Alert: CVE-2022-26485 and CVE-2022-26486

Posted: March 8, 2022 - 4:00pm

Zero-Day flaws in the Firefox web browser for Windows, Macintosh, and Linux computers

Two zero-day flaws have been found in the Mozilla Firefox web browser used on Windows, Macintosh, and Linux computers.

EMERGENCY

Posted: March 20, 2022 - 4:50pm

From: User, Typical S (mst3k
Sent: Sunday, March 20, 2022 1:37 PM
Subject: EMERGENCY

Your mailbox storage has reached 98% on the email server. Visit OutlookStorage Access Page to adjust your Mailbox storage.

Note: To access your Outlook account for upgrade a notification call will come through your phone, kindly answer the call and then press 1 on your phone to continue.

Warm Regards,
Webmail Administrator

Payroll Notifications for [email protected] on 07 Mar 2022

Posted: March 7, 2022 - 1:53pm

From: Ticket #9540234 <[email protected]>
Sent: Sunday, March 6, 2022 3:35:21 PM
To: UVA User <[email protected]>

Service Update for 24th Feb #GEESQ-24-14295109

Posted: February 24, 2022 - 8:52pm

From: Package Info
Subject: Service Update for 24th Feb #GEESQ-24-14295109
Date: February 24, 2022 at 3:11:38 PM EST
To: "mst3k [at] virginia.edu"
Your services has been renewed
This emails confirms the renewal of your services with G-Squad. We are glad to inform you that your plan with us has been renewed for $395.49. Please review the summary of your renewal:
Renewal ID
GEESQ-24-14295109
Renewal date
24-Feb-2022 09:15:55 EST

Registered Email – confirmed
[email protected] <mailto:[email protected]

Description   Users   Qty   Amount
Geek Secure Premium
04   01   395.49 USD
Subtotal   395.49 USD
Total   395.49 USD
Payment   395.49 USD

Method used

virginia.edu Email Security Alert!!!

Posted: February 24, 2022 - 9:00am

From: virginia.edu Mail Admin
Sent: Wednesday, February 23, 2022 7:27 PM
To: User, Typical S (mst3k)
Subject: virginia.edu Email Security Alert!!!

Subscribe to Security Alerts & Warnings