The help desk will provide phone support until 8pm Monday – Thursday while classes are in session. On May 15 we will be open until 6pm and starting May 16 our hours will be from 8am – 8pm. To contact us call 425-4000.

Hours:
Monday – Thursday 8am – 8pm
Friday 8am – 5pm
Closed: Saturday and Sunday

UTC is currently (50+) experiencing a major infection of the Flashback Trojan via outdated Java.  Apple has released an update to plug the vulnerability, but older OS X versions are still vulnerable.

“The updates are available for OS X 10.6 and 10.7 systems that have Java installed; you can update your system by using the Software Update utility in the Apple menu. Save any current work and do it NOW.

However, so far there have been no updates to patch older versions of OS X such as Tiger and Leopard, which come with Java runtimes installed and therefore are vulnerable to Flashback.”

This link below shows how to protect older macs.  Macs running Lion or Snow Leopard should patch now.

http://reviews.cnet.com/8301-13727_7-57411535-263/java-updates-block-flashback-for-lion-only/

Test to see if you are infected:

http://www.macupdate.com/app/mac/42571/anti-flashback-trojan

Call the ITD Help Desk at 425-4000 during the business work day  if you are unsure how to proceed.

The UT system recommends ClamXAV for protection.  The following is a guide to how to install it.

http://slug.ceca.utc.edu/docs/2011-5-clamXav.pdf

Use the instructions below at your own risk:

Applescript for Removal (Untested)

http://etresoft.org/freeware/MalwareChecker.zip

Manual Removal

http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

Original by Michael Ward, Ed.D

UT Chattanooga – ARCS, IT Security

With edits by Richard Gambrell

Information Systems/ITD

Below are five basic security tips to remember because let’s face it, how well can you trust anyone these days?

1.       If you don’t understand the warning message, say no and consult the UTC HelpDesk. It’s easier to go back and say yes if you need to, than be sorry and have to rebuild your machine.

2.      Certificates: If you don’t understand a website certificate message, say no and consult the UTC  HelpDesk. It is easier to go back and say yes if you need to, than be sorry and have to rebuild your credit.

3.      Antivirus: Running antivirus does not slow your computer down nearly as much as a virus does.

4.      Back-up: Backing up your data may seem like a waste of time —  until you spill coffee all over your laptop.

5.      Passwords: Writing down your password around your desk is about as secure as leaving a $100 bill lying on the dashboard of your car. Don’t do it!

UTC HelpDesk may be contacted by calling  4000  on campus or email helpdesk@utc.edu

The UTC Information Technology organizations across the campus would like to make you aware that this holiday season is bringing about a new wave of malicious activity from a wide variety of “evil-doers.”   Some examples:

• Over this past Thanksgiving Holiday hundreds of people in the area were hit with banking debit/credit card scams;
• UTC is constantly receiving email phishing attempting to collect username, passwords, or other personal information;
• Today the UTC network is being hit frequently with “Delivery-Tracking-Notifications” from DHL Express.  This is just one of the “Delivery-Tracking” examples and it could be from UPS, FedEx or any other.  Also today UTC received several email for an “Adobe update” email with an attached .zip file containing malicious code;
• The common theme of most phishing/malware schemes is some sort of scare tactic — your mail account is full, your bank account is overdrawn, your package delivery is delayed, your computer is infected with a virus [not coming from UTC], or other similar scenarios.  Others may use some reward tactic — someone has sent you a greeting card (just click here), you’ve just won a lottery, you’re due a refund, you have been selected to be a “bonus shopper”, etc.
•  And, at the end of this holiday season there will be a new round of Income Tax schemes trying to phish personal information;

UTC IT departments and systems administrators are monitoring and taking steps to lessen the impact of these threats, but the IT administrators can only do so much.  The most effective protective measures begin with UTC’s “human firewall.”  YOU are the most important factor in UTC’s effort to protect your personal information, your UTC credentials and the UTC network from these attacks.  You can help us help you by following some simple guidelines:

•  Always make sure your computer has the latest operating system updates and application security patches applied.  This includes Microsoft Office, and browser and application add-ons.  If you are not sure about your security patch status, contact your departmental IT Support or the IT Help Desk at 425-4000 for guidance;
• Be vigilant, and be suspicious.  – When you receive email from someone you don’t know or if you believe it is a phishing attempt the best action is to delete the email.
• Never respond to a request for user name, password, social security number, etc.  UTC will never ask you for your UTCID and password or personal information in an email.  Again, if you are unsure contact the Help Desk;
• If your email contains a web link don’t click on it unless you are absolutely sure of the destination.  Open up your browser and manually enter (type in or copy) the destination into the browser address bar.  That way you know you are visiting the correct website.
• Learn to recognize email from within UTC.
• Be wary of attachments from people you know

If you believe you have been the victim of a Phishing or malicious attack you can report it to abuse@utc.edu.

For more information visit:
·        http://security.tennessee.edu/phishing.shtml
·        http://www.hoax-slayer.com/
·        http://www.mozilla.com/plugincheck (visit here to run a plug-in checker for your browser)

Please be very mindful of any “links” you receive from “friends” on Facebook.  Otherwise you could be next in receiving a virus!

Recent report (http://threatpost.com/en_us/blogs/facebook-worm-spreading-installing-zeus-bot-112911):

A new worm has popped up on Facebook, using apparently stolen user credentials to log in to victims’ accounts and then send out malicious links to their friends. The worm also downloads and installs a variety of malware on users’ machines, including a variant of the Zeus bot.
The worm is making the rounds now, and detection of the malicious file that’s being used to drop the malware on victims’ machines is quite low. Researchers at CSIS in Denmark analyzed the worm’s behavior and found that it appears to be using stolen Facebook credentials to log in to user accounts. It then sends out messages to the victim’s Facebook friends with a link that’s supposedly to a photo file.

However, the file that’s linked to is a screensaver that has a JPG extension. If a user opens the file, it will then install a series of malicious programs. CSIS says that the worm’s code was written in Visual Basic and uses a handful of techniques to make analysis in virtual machine environments difficult. After the user executes the malicious file, the infection routine kicks off.

“The worm carries a cocktail of malware onto your machine, including a Zbot / ZeuS variant which is a serious threat and stealing sensitive information from the infected machine.”

There appears to be an incompatibility issue with Firefox 8 and the Exchange 2010 Outlook Web Application.

When attempting to Save or Open attachments in emails viewed through Outlook Web in Firefox 8, the attachments attempt to Save or Open as a file called attachment.ashx.  The attachment is not broken, and you can “Save As” and rename the file and file extension to the correct name and it will work.  Our recommendation, at this time, is to use Internet Explorer when viewing Outlook through a web interface.

All ITD systems maintenance scheduled for this evening, Friday, October 28, 5:30-11:30 pm, has been completed.

Our wireless network is back up.

We are currently experiencing an outage with our wireless network. We are working to resolve this problem. To receive an email notification when it it fixed please visit https://helpdesk.utc.edu/footprints/help.html and subscribe to the Global Issue.

Information Technology Division (ITD) – Scheduled Maintenance Downtime Notification

Scope of impact of change:

1. My MocsNet Update (Outage Expected)
a. System Update to database server for MyMocsNet
2. Web Server Software updates & patches. (Outage Expected)
a. Access to the following services will be impacted during this outage:
i. Production Web (www.utc.edu)
ii. Web Blog (blog.utc.edu)
iii. Housing WebSite (housing.utc.edu)
iv. Wiki (wiki.utc.edu)
v. Library EzProxy (proxy.lib.utc.edu)
vi. WebSpecial (www2.utc.edu)
vii. WebSecure

3. Data Center Technology Update (No Outage expected)
a. Update to the SAN CX4-240
b. F5 Load Balancer System Update

4. Frist Hall UPS replacement (Building outage expected)

Timing of change:
Friday, September 22, 2011, 5:30pm – 11:30pm

Description of change:

1. Patch all the above systems and ensure that all servers have the latest security patches.

Reason for change/Goal:

Routine patching & updates of the various systems listed above to ensure that industry best practices are followed.

Contact:

For any urgent issues and technical difficulties related to this request, please contact the Michael Dinkins at 425-4507 or 4551 during the regular work week.

Monty Wilson
Assistant Vice Chancellor and CIO
University of Tennessee at Chattanooga
615 McCallie Ave 4054
Chattanooga TN 37403