Access, Education and Military - Information Management Today

US govt is hunting a Chinese malware that can interfere with its military operations

Security Affairs

AUGUST 1, 2023

The US newspaper refers to the malware as a “ticking time bomb” that could be activated to disrupt the military. military operations in the event of a conflict, including if Beijing moves against Taiwan in coming years.” military operations in the event of a conflict, including if Beijing moves against Taiwan in coming years.”

Military

Military IT Communications Government

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

MAY 30, 2022

Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. Yet, there’s still work to be done to make this path more accessible and known among the veteran and transitioning military community. This experience can also be helpful when training cybersecurity talent.

Cybersecurity

Cybersecurity Military Education Government

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

Also in attendance were Access Living, The College of Lake County, CyberSkills2Work, and Task Force Movement. Access Living is committed to launching an Independent Living Technology Program to address the gap in digital skills in the disability community to reach 150 disabled participants by the end of 2024. Chicago, Ill.,

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

Military

Military File names Education Phishing

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

News Alert: ThriveDX’s Cyber Academy for Enterprise meets addresses talent shortage, promotes inclusion

The Last Watchdog

JUNE 20, 2023

Our Cyber Academy for Enterprise creates unprecedented educational opportunities for all, irrespective of their background or skill level,” Zur continued. Holistic training The academy offers a holistic training experience, with rigorous learning supplemented with access to virtualized cyber labs and challenges.

Education

Education Cybersecurity Military Access

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

Data Protection Report

MARCH 7, 2024

government, including the military and Intelligence Community.” government, including the military and Intelligence Community.” (at The IT services provided under the contract involve access to the medical facility’s systems containing the bulk personal health data. What types of data brokerage transactions are in-scope?

Access

Access Military Compliance Personal data

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. “the U.S. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Catches of the Month: Phishing Scams for March 2022

IT Governance

MARCH 8, 2022

The Ukrainian government and its military were targeted by DDoS (distributed denial-of-service) attacks, while a pro-Ukrainian group attacked the Belarusian railway system with ransomware after discovering that it was being used by Russia to transport tanks and weapons. Beware of remote access takeover scams.

Phishing

Phishing Military Access Education

“Edited by Laura Thornburgh,” Pioneer of Motion Picture Education

Unwritten Record

SEPTEMBER 16, 2021

Today, we take for granted that moving images are used to educate. It might be surprising to learn that there was a time when the case had to be made for the value of motion pictures in education. The book is cited by scholars of educational film as one of the first major works focused on the subject.

Education

Education Libraries Military Archiving

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report.

Energy and Utilities

Energy and Utilities Military Government Phishing

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In fact, the U.S.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Start by assessing what critical information your organization needs to protect and maintain access to in order to provide services. Educate employees. Many security programs focus on employee education (creating a strong password, being aware of phishing, etc.). Evaluate data inventory.

Passwords

Passwords Cybersecurity Education Phishing

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Merit is an acronym for the Michigan Educational Research Information Triad. Other hubs followed at military bases, other state universities and even a high school and a non-profit community arts and tech center. A key to this was persuading Merit Network , Ann Arbor-based nonprofit organization, to supply the infrastructure.

Cybersecurity

Cybersecurity Military Education Government

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats.

IT

IT Military Phishing Passwords

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. All the user needs is a strong password to access to the data. But in certain cases the cloud is not readily accessible.

Encryption

Encryption Military Passwords Authentication

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Endpoint: Enables access for human users and computer services and commonly includes PCs, laptops, Internet of Things (IoT), and operational technology (OT). Security Elements Security elements protect each element within the network, network access, and the data transmissions. or segregated as cloud or network attached storage (NAS).

Security

Security Cloud Cybersecurity Risk

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs

APRIL 30, 2023

“Unauthorised access to these systems can cause serious damage to the satellite or lead to a loss of control over its mission.” ” The Thales team demonstrated how to access the onboard system of the satellite, then used standard access rights to gain control of its application environment.

Cybersecurity

Cybersecurity Military Access Education

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. “In 2021, APT28 used infrastructure to masquerade Simple Network Management protocol (SNMP) access into Cisco routers worldwide.”

Military

Military Access Cybersecurity Education

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Systems administration

Systems administration Military Phishing Government

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

Security Affairs

APRIL 21, 2023

The organisation works with national authorities, air navigation service providers, civil and military airspace users, airports, and other organisations. A senior Eurocontrol official told The Wall Street Journal , that the Pro-Russia hackers cannot access systems for aviation safety because these systems are air-gapped.

Military

Military Education Access Cybersecurity

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Italian Military Personnel and National Association of Professional Educators. Italian Military Personnel and National Association of Professional Educators. Administrator Username & Password To Access Archive: [link]. Military Personnel. National Association of Professional Educators.

Passwords

Passwords Archiving Mining Education

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

IT Governance

APRIL 22, 2024

GhostR says it obtained the records from a Singapore-based company with access to the database. Mobile Guardian, which is used to help parents manage their children’s device usage, was hacked on 19 April, according to the Singaporean Ministry of Education. Account records from the United States were also accessed.

Data Privacy

Data Privacy Privacy Manufacturing Security

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

JUNE 22, 2020

Expand the definition of a breach to include login credentials, meaning “a consumer’s user name or e-mail address, in combination with a password or an answer to a security question, that together permit access to an online account.” The law is enforceable by the Vermont Attorney General.

Data breaches

Data breaches Privacy Education Data Privacy

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

Security Affairs

APRIL 19, 2023

“Microsoft assesses that Mint Sandstorm is associated with an intelligence arm of Iran’s military, the Islamic Revolutionary Guard Corps (IRGC), an assessment that has been corroborated by multiple credible sources including Mandiant , Proofpoint , and SecureWorks.” ” reads the report published by Microsoft.

Energy and Utilities

Energy and Utilities Military Education Phishing

List of Data Breaches and Cyber Attacks in September 2022 – 35.6 Million Records Breached

IT Governance

OCTOBER 3, 2022

If you’re facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process. million).

Data breaches

Data breaches Ransomware Education Phishing

China Issues Draft Data Security Law

Hunton Privacy

JULY 7, 2020

The Draft includes seven sections and 55 articles in total, covering data security and industrial development, the data security regulatory system, data security protection obligations and government data security and access. The Central Military Commission will develop the measures regulating military Data Activities.

Security

Security Military Government Risk

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

However, the attackers chose a domain name that gives the impression of a connection to the South African military. Alloy Taurus is known for leveraging the SoftEther VPN service to facilitate access and maintain persistence to their targeted network. Experts added that the IP 196.216.136[.]139 139 resolved to vpn729380678.softether[.]net

Communications

Communications Military Government Libraries

Biden AI Order Enables Agencies to Address Key Risks

Hunton Privacy

OCTOBER 31, 2023

AI use by the military and intelligence community. The National Security Council and White House Chief of Staff will develop a National Security Memorandum to guide safe and ethical use of AI by the military and intelligence community. The Administration will also support the expansion of AI-enabled tools in education.

Risk

Risk Artificial Intelligence Privacy Military

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM Russia-linked APT group is compromising common IoT devices to gain access to several corporate networks. Researchers at Microsoft observed the Russia-linked APT group STRONTIUM abusing IoT devices to gain access to several corporate networks. ” reads the analysis published by Microsoft. ” continues Microsoft.

IoT

IoT Military Access Education

List of Data Breaches and Cyber Attacks in July 2023 – 146 Million Records Breached

IT Governance

AUGUST 1, 2023

million) Milliman Solutions notifies patients of third-party breach involving MOVEit (1.2 million) Milliman Solutions notifies patients of third-party breach involving MOVEit (1.2 million) Milliman Solutions notifies patients of third-party breach involving MOVEit (1.2

Data breaches

Data breaches Ransomware Insurance Education

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The group has continued launching attacks against entities in Southeast Asia, including military, satellite communications, media and educational organizations. Sagerunex is a custom backdoor providing remote access to the attackers, while Catchamas is a custom-build Trojan used in targeted attacks to steal information.

Military

Military Communications Government Education

President Biden issues sweeping artificial intelligence directives targeting safety, security and trust

Data Protection Report

NOVEMBER 9, 2023

Such issues include safety and security, privacy, equity and civil rights, healthcare, employment and education in addition to promoting innovation, developing international standards and ensuring responsible government AI use. Studying and identifying options for strengthening federal support for workers facing labor disruptions from AI.

Artificial Intelligence

Artificial Intelligence Security Privacy Risk

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

Source (New) Real estate USA Yes 46,906 Hampton-Newport News Community Services Board Source 1 ; source 2 ; source 3 (New) Healthcare USA Yes 44,312 Air Methods Source 1 ; source 2 (New) Healthcare USA Yes 34,016 GREYHOURS Source (New) Retail France Yes 18,700 Groveport Madison Schools Source 1 ; source 2 ; source 3 (Update) Education USA Yes 15.5

Data Privacy

Data Privacy Privacy Manufacturing Retail

What is personal information under the CCPA?

Collibra

NOVEMBER 2, 2020

Characteristics of protected classifications under California or federal law such as race, ancestry, national origin, religion, age, mental and physical disability, sex, sexual orientation, gender identity, medical condition, genetic information, marital status, or military status. Biometric information.

Privacy

Privacy Education Insurance GDPR

AI Risks

Schneier on Security

OCTOBER 9, 2023

Superpower nations automating military interventions as tools of imperialism and, someday, killer robots. Integrity experts call for the development of responsible AI, for civic education to ensure AI literacy and for keeping humans front and center in AI systems. Sexist labor systems that rate feminine-coded résumés lower.

Risk

Risk Military Artificial Intelligence Paper

Corporate Involvement in International Cybersecurity Treaties

Schneier on Security

MAY 6, 2022

It’s not real to the older military veterans, or to the even older politicians who confuse Facebook with TikTok and use the same password for everything. It provides and controls access to healthcare , space , the military, water , energy , education , and nuclear weaponry. The Internet is critical infrastructure.

Cybersecurity

Cybersecurity Military Government Security

Finding Family in Images of Liberation at Buchenwald

Unwritten Record

JANUARY 26, 2021

The record, part of Record Group 111: Records of the Office of the Chief Signal Officer, 1860-1985 , was filmed by Signal Corps members attached to military units tasked with rehabilitating and relocating liberated camp survivors. It is rare to locate and positively identify specific people who appear in the footage shot by the US military.

Military

Military Archiving Education Government

Driving Conversations Around Careers In Telematics

Information Governance Perspectives

APRIL 5, 2023

In 2015, he successfully transitioned from a military career as a trial attorney for the JAG Corps to working in telematics in corporate America for State Farm Insurance. In the military, he got his first exposure to telematics when they asked him what he wanted to do after being a prosecutor, and he exclaimed, “convoys!”

Insurance

Insurance Military Artificial Intelligence Manufacturing

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

KnowBe4

APRIL 4, 2023

The voices of third sector representatives (NGOs, foundations, and educational institutions) are considered by government officials when justifying policy positions and determining how resources and political capital are spent. Education about cybersecurity needs to start early," Karabin says. Erika has been a pleasure to work with.

Phishing

Phishing Security awareness Cybersecurity Education

The Production File Tells the Story: How “Death Mills” Came to U.S. Audiences

Unwritten Record

JANUARY 23, 2024

Signal Corps cameramen recorded the conditions, the dead, and the survivors at Dachau and other liberated camps as a record of events, for troop education, use in war crimes trials , and for other educational purposes. In all, the National Archives holds 228 reels of this film, comprising 200,000 feet, or more than 37 hours of footage.

Education

Education Authentication Archiving Military

Preservica - 2022 highlights & momentum looking ahead

Preservica

DECEMBER 29, 2022

Preserving our digital memory is the backbone of how we educate ourselves, advocate for change, and support each other and our institutions for future generations to come. Collections Manager at the Military Women’s Memorial , Amy Poe, faced a wide range of challenges in making their collections easily accessible and secure online.

Digital preservation

Digital preservation Archiving Records Management e-Discovery

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

billion rubles. billion rubles.

Security

Security Computer and Electronics Ransomware Marketing

The Week in Cyber Security and Data Privacy: 1 – 7 April 2024

IT Governance

APRIL 9, 2024

Germany to launch cyber military branch to combat Russian cyber aggression As part of a military restructuring programme, Germany will introduce a fourth independent branch of its armed forces – the German Cyber and Information Domain Service.

Data Privacy

Data Privacy Privacy Security Manufacturing

US govt is hunting a Chinese malware that can interfere with its military operations

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

Webinars

Trending Sources

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

Webinars

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

News Alert: ThriveDX’s Cyber Academy for Enterprise meets addresses talent shortage, promotes inclusion

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Catches of the Month: Phishing Scams for March 2022

“Edited by Laura Thornburgh,” Pioneer of Motion Picture Education

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

FBI chief says China is preparing to attack US critical infrastructure

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

Network Security Architecture: Best Practices & Tools

White hat hackers showed how to take over a European Space Agency satellite

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

List of Data Breaches and Cyber Attacks in September 2022 – 35.6 Million Records Breached

China Issues Draft Data Security Law

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Biden AI Order Enables Agencies to Address Key Risks

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

List of Data Breaches and Cyber Attacks in July 2023 – 146 Million Records Breached

Symantec uncovered the link between China-Linked Thrip and Billbug groups

President Biden issues sweeping artificial intelligence directives targeting safety, security and trust

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

What is personal information under the CCPA?

AI Risks

Corporate Involvement in International Cybersecurity Treaties

Finding Family in Images of Liberation at Buchenwald

Driving Conversations Around Careers In Telematics

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

The Production File Tells the Story: How “Death Mills” Came to U.S. Audiences

Preservica - 2022 highlights & momentum looking ahead

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

The Week in Cyber Security and Data Privacy: 1 – 7 April 2024

Stay Connected