Data, Education, Groups and Security - Information Management Today

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Access

APT36 Running Espionage Ops Against India's Education Sector

Data Breach Today

APRIL 14, 2023

Pakistan-Linked APT Group Using Spear-Phishing to Plant Info Stealer Malware A suspected Pakistan espionage threat actor that relies on phishing emails is expanding to the education sector after years of focusing on the Indian military and government.

Education

Education Military Phishing Government

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education

Education Ransomware Encryption Communications

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Seiko confirmed a data breach after BlackCat attack

Security Affairs

OCTOBER 26, 2023

On August 10, 2023, the Japanese maker of watches Seiko disclosed a data breach following a cyber attack. Seiko Group Corporation (hereinafter referred to as “the Company” or “we”) has confirmed that on July 28th of this year, the Company suffered a possible data breach.

Data breaches

Data breaches Ransomware Cybersecurity Personal data

Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

Krebs on Security

OCTOBER 14, 2021

Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state education website that exposed the Social Security numbers of 100,000 elementary and secondary teachers. Louis Post-Dispatch for reporting a security vulnerability that exposed teacher SSNs.

Security

Security Education Computer and Electronics Access

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The company refused to pay the ransom and the ransomware gang threatened to leak the alleged stolen documents, including project data, clients’ and partners’ info, and NDAs. and nissan.co.nz.

Ransomware

Ransomware Data breaches Financial Services Archiving

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Phishing

Phishing Military Ransomware Education

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks: in the spotlight Hathaway breached, 41.5 The compromised data allegedly includes names, email addresses and phone numbers.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

National Student Clearinghouse data breach impacted approximately 900 US schools

Security Affairs

SEPTEMBER 24, 2023

educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. The security breach resulted from a cyber attack exploiting a vulnerability in the MOVEit managed file transfer (MFT).-

Data breaches

Data breaches Education Ransomware Cybersecurity

The State of Maine disclosed a data breach that impacted 1.3M people

Security Affairs

NOVEMBER 12, 2023

The State of Maine disclosed a data breach that impacted about 1.3 The Government organization disclosed a data breach that impacted about 1.3 Threat actors exploited the zero-day vulnerability CVE-2023-34362 to hack the file transfer platform and steal the data of the organization. million individuals.

Data breaches

Data breaches Insurance Education Cybersecurity

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert Insight into Email Threats,” delves into the cutting-edge tactics and technologies embraced by cybercriminals this year. million as malicious.

Security

Security Phishing Communications Financial Services

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog.

Ransomware

Ransomware Agriculture Encryption Access

Shiny Hunters group is selling data from 11 companies on the Dark Web

Security Affairs

MAY 10, 2020

Shiny Hunters hacking group is offering for sale on a dark web marketplace databases containing over 73.2 A hacking group named Shiny Hunters is attempting to sell on a dark web hacking marketplace databases containing more than 73.2 ChatBooks confirmed the data breach and started sending data breach notifications to their users.

Passwords

Passwords Data breaches Cybersecurity Sales

Money Message ransomware group claims to have hacked IT giant MSI

Security Affairs

APRIL 6, 2023

The ransomware group added the company to the list of victims on its Tor leak site, it claims to have stolen the source code from the company, including a framework to develop bios, and private keys. MSI is headquartered in Taipei, Taiwan.

Ransomware

Ransomware IT Manufacturing Education

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Financial information, medical data, health reimbursements, postal addresses, telephone numbers and emails are not thought to have been compromised.

Data Privacy

Data Privacy Manufacturing Privacy Security

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone disclosed a data breach resulting from the hack of their MOVEit Transfer installation. AutoZone is an American retailer and distributor of automotive parts and accessories.

Data breaches

Data breaches Retail Education Ransomware

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. Google experts are tracking ARCHIPELAGO since 2012 and have observed the group targeting individuals with expertise in North Korea policy issues. ” reads the analysis published by Google TAG.

Phishing

Phishing Passwords Military Education

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Data breached: 2.7 Date breached: 384,658,212 records.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

China-linked APT41 group used the open-source red teaming tool GC2 in an attack against a Taiwanese media organization. Google Threat Analysis Group (TAG) team reported that the China-linked APT41 group used the open-source red teaming tool Google Command and Control ( GC2 ) in an attack against an unnamed Taiwanese media organization.

Phishing

Phishing Cloud Government Education

LockBit leaks data stolen from the South Korean National Tax Service

Security Affairs

APRIL 1, 2023

The LockBit ransomware gang announced the publishing of data stolen from the South Korean National Tax Service. The group added the South Korean agency to its Tor leak site and announced the release of stolen data by April 1st, 2023 in case the ransom was not paid.

Ransomware

Ransomware Education Privacy Cybersecurity

Welltok data breach impacted 8.5 million patients in the U.S.

Security Affairs

NOVEMBER 23, 2023

Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 It provides a platform that leverages data-driven insights to engage individuals in their health and well-being. The company disclosed a data breach that exposed the personal data of nearly 8.5 million patients in the U.S.

Data breaches

Data breaches Insurance Ransomware Education

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

However, there’s still a long way to go to achieve deep interoperability of interconnected services in a way that preserves privacy and is very secure. It’s important that as consumers are shopping for these smart home devices that they learn to recognize the Matter trademark so that they can make educated decisions.”

Security

Security Manufacturing Authentication Marketing

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals.

Phishing

Phishing Education Authentication Passwords

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Alex Holden is founder of Hold Security , a Milwaukee-based cybersecurity firm. “ TA505 “), and a newer ransom group known as Venus.

Ransomware

Ransomware Metadata Insurance Encryption

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware

Ransomware Encryption Government Retail

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. The issue was listed by CISA as known to be used in ransomware campaigns, but the agency did not reveal which ransomware groups are actively exploiting the issue.

Ransomware

Ransomware Cybersecurity Education Passwords

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

The Last Watchdog

JULY 11, 2023

Boston, July 7, 2023 — CybSafe, the human risk management platform, has today announced CEO Oz Alashe MBE has been named as a SecurityInfoWatch.com , Security Business and Security Technology Executive magazines’ 2023 Security Industry Innovator Award winner. We are developing intelligent software to help them.”

Security

Security Risk Education Marketing

News alert: Harter Secrest & Emery announces designation as NetDiligence-authorized Breach Coac

The Last Watchdog

FEBRUARY 15, 2024

15, 2024 – Harter Secrest & Emery LLP , a full-service business law firm with offices throughout New York, is pleased to announce that it has been selected as a NetDiligence-authorized Breach Coach ® , a designation only extended to law firms that demonstrate competency and sophistication in data breach response. Greene Led by partner F.

Data breaches

Data breaches Financial Services Big data Retail

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

The company disclosed the security incident after the ransomware gang BianLian listed the organization on its Tor leak site. The BianLian extortion group claims to have stolen 6,8 TB of documents, including International HR data, international personal data.

IT

IT Ransomware Education Data breaches

List of Data Breaches and Cyber Attacks – June 2023

IT Governance

JULY 4, 2023

IT Governance found 79 publicly disclosed security incidents in June 2023, accounting for 14,353,113 breached records. You can find the full list below, divided into four categories: cyber attacks, ransomware, data breaches, and malicious insiders and miscellaneous incidents.

Data breaches

Data breaches Ransomware Government Insurance

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

Hyundai disclosed a data breach that impacted Italian and French car owners and clients who booked a test drive. Hyundai has suffered a data breach that impacted Italian and French car owners and customers who booked a test drive. According to the letter, financial data were not exposed.

Data breaches

Data breaches Manufacturing Cybersecurity Education

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Security Affairs

NOVEMBER 7, 2023

Iran-linked Agonizing Serpens group has been targeting Israeli organizations with destructive cyber attacks since January. Palo Alto Networks’ s Unit 42 researchers reported that threat actors first attempt to steal sensitive data (i.e. The tool sqlextractor (binary name sql.net4.exe)

Education

Education Ransomware Access Security

Ransomware Groups Turn to Intermittent Encryption to Speed Attack Times

eSecurity Planet

SEPTEMBER 22, 2022

To accelerate the ransomware encryption process and make it harder to detect, cybercriminal groups have begun using a new technique: intermittent encryption. Sentinel Labs reported the new trend earlier this month, as ransomware groups have adopted the latest technology. Some are written on Go and can be customized.

Encryption

Encryption Ransomware Cybersecurity Education

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide. Threat actors use FileZilla, WinRAR, WinSCP, and RClone for data exfiltration.

Ransomware

Ransomware Encryption Education Phishing

Vice Society gang is using a custom PowerShell tool for data exfiltration

Security Affairs

APRIL 17, 2023

Vice Society ransomware operators have been spotted using a PowerShell tool to exfiltrate data from compromised networks. Palo Alto Unit 42 team identified observed the Vice Society ransomware gang exfiltrating data from a victim network using a custom-built Microsoft PowerShell (PS) script. ” concludes the report.

Ransomware

Ransomware Education Cybersecurity Security

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. The ransomware group added the company to the list of victims on its Tor leak site, it claims to have stolen the source code from the company, including a framework to develop bios, and private keys.

Ransomware

Ransomware Security Manufacturing Cybersecurity

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Cybersecurity Authentication

Vice Society ransomware gang adds the Italian City of Palermo to its data leak site

Security Affairs

JUNE 10, 2022

The Vice Society group has claimed responsibility for the ransomware attack that hit the Italian city of Palermo forcing the IT admins to shut down its infrastructure. The Vice Society ransomware group has claimed responsibility for the recent cyber attack that hit the city of Palermo in the South of Italy.

Ransomware

Ransomware IT Data breaches Education

Ukraine cyber police arrested a man for selling data of 300M people

Security Affairs

APRIL 28, 2023

The Ukrainian cyber police arrested a Ukraine man for selling the data of over 300 million people from different countries. The Ukrainian cyber police have arrested a man (36) from the city of Netishyn for selling the personal data and sensitive information of over 300 million people from different countries.

Sales

Sales Personal data Education Access

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Nominate Pierluigi Paganini and Security Affairs here here: [link] Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. We are in the final !

Security

Security Data breaches Ransomware Artificial Intelligence

Personal Data and docs of Swiss town Rolle available on the dark web

Security Affairs

AUGUST 26, 2021

The Swiss town Rolle disclosed the data breach after a ransomware attack, personal details of all its 6,200 inhabitants were stolen by threat actors. ” The attack was orchestrated by the Vice Society ransomware group which hit Lake Geneva. “Gigabytes of data stolen from Rolle’s vaudois community and posted on darknet.

Personal data

Personal data Ransomware Data breaches Education

News alert: Reken raises $10M from Greycroft to protect against generative AI-enabled fraud

The Last Watchdog

JANUARY 31, 2024

Ghosemajumder “Generative AI cybercrime poses the greatest security challenge of our time,” said Shuman Ghosemajumder, co-founder & CEO of Reken. While billions have been spent on security products, the impact of cybercrime has actually been getting worse. For more information, please visit [link].

Artificial Intelligence

Artificial Intelligence Education Cybersecurity Analytics

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Security Affairs

DECEMBER 16, 2023

The ransomware gang has added the organization to its dark web leak site and is threatening the victim to leak the alleged stolen data. Its mission is to improve the lives of people worldwide through research, clinical care and education. The center’s research focuses on cancer prevention, diagnosis, treatment and survivorship.

Ransomware

Ransomware Insurance Education Marketing

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Security Affairs

APRIL 23, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Cybersecurity

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

APT36 Running Espionage Ops Against India's Education Sector

Webinars

Trending Sources

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Webinars

Seiko confirmed a data breach after BlackCat attack

Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Google TAG warns of Russia-linked APT groups targeting Ukraine

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

National Student Clearinghouse data breach impacted approximately 900 US schools

The State of Maine disclosed a data breach that impacted 1.3M people

Unmasking 2024’s Email Security Landscape

REvil Ransomware Gang Starts Auctioning Victim Data

Shiny Hunters group is selling data from 11 companies on the Dark Web

Money Message ransomware group claims to have hacked IT giant MSI

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

China-linked APT41 group spotted using open-source red teaming tool GC2

LockBit leaks data stolen from the South Korean National Tax Service

Welltok data breach impacted 8.5 million patients in the U.S.

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

New Ransom Payment Schemes Target Executives, Telemedicine

PYSA ransomware gang is the most active group in November

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

News alert: Harter Secrest & Emery announces designation as NetDiligence-authorized Breach Coac

Save the Children confirms it was hit by cyber attack

List of Data Breaches and Cyber Attacks – June 2023

Hyundai suffered a data breach that impacted customers in France and Italy

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Ransomware Groups Turn to Intermittent Encryption to Speed Attack Times

Akira ransomware received $42M in ransom payments from over 250 victims

Vice Society gang is using a custom PowerShell tool for data exfiltration

MSI confirms security breach after Money Message ransomware attack

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Vice Society ransomware gang adds the Italian City of Palermo to its data leak site

Ukraine cyber police arrested a man for selling data of 300M people

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Personal Data and docs of Swiss town Rolle available on the dark web

News alert: Reken raises $10M from Greycroft to protect against generative AI-enabled fraud

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Stay Connected