Education, Groups and Security - Information Management Today

APT36 Running Espionage Ops Against India's Education Sector

Data Breach Today

APRIL 14, 2023

Pakistan-Linked APT Group Using Spear-Phishing to Plant Info Stealer Malware A suspected Pakistan espionage threat actor that relies on phishing emails is expanding to the education sector after years of focusing on the Indian military and government.

Education

Education Military Phishing Government

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Access

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education

Education Ransomware Encryption Communications

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. In recent years, multiple threat actors, including the group TA569 , have been observed using the software as a Remote Access Trojan (RAT).

Education

Education Government Business Services Archiving

Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

Krebs on Security

OCTOBER 14, 2021

Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state education website that exposed the Social Security numbers of 100,000 elementary and secondary teachers. Louis Post-Dispatch for reporting a security vulnerability that exposed teacher SSNs.

Security

Security Education Computer and Electronics Access

Cybercrime group exploits Windows zero-day in ransomware attacks

Security Affairs

APRIL 11, 2023

Microsoft fixed the issue with the release of Patch Tuesday security updates for April 2023. The experts pointed out that while the majority of zero-days they have discovered in the past were used by APT groups, this zero-day was exploited by a sophisticated cybercrime group. ” reads the analysis published by Kaspersky.

Ransomware

Ransomware Education Cybersecurity Security

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Phishing

Phishing Military Ransomware Education

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert Insight into Email Threats,” delves into the cutting-edge tactics and technologies embraced by cybercriminals this year. million as malicious.

Security

Security Phishing Communications Financial Services

Money Message ransomware group claims to have hacked IT giant MSI

Security Affairs

APRIL 6, 2023

The ransomware group added the company to the list of victims on its Tor leak site, it claims to have stolen the source code from the company, including a framework to develop bios, and private keys. MSI is headquartered in Taipei, Taiwan.

Ransomware

Ransomware IT Manufacturing Education

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw. Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028.

Military

Military File names Education Phishing

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. Google experts are tracking ARCHIPELAGO since 2012 and have observed the group targeting individuals with expertise in North Korea policy issues. ” reads the analysis published by Google TAG.

Phishing

Phishing Passwords Military Education

Pro-Russia hacking group executed a disruptive attack against a Canadian gas pipeline

Security Affairs

APRIL 26, 2023

Pro-Russia hacking group Zarya caused a cybersecurity incident at a Canadian gas pipeline, the critical infrastructure sector is on alert. A Canadian gas pipeline suffered a cyber security incident, Canada’s top cyber official and Pro-Russia hacking group Zarya claimed the attack could have caused an explosion.

Cybersecurity

Cybersecurity Education Authentication Security

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

China-linked APT41 group used the open-source red teaming tool GC2 in an attack against a Taiwanese media organization. Google Threat Analysis Group (TAG) team reported that the China-linked APT41 group used the open-source red teaming tool Google Command and Control ( GC2 ) in an attack against an unnamed Taiwanese media organization.

Phishing

Phishing Cloud Government Education

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

Security Affairs

JUNE 26, 2023

China-linked APT group VANGUARD PANDA, aka Volt Typhoon, was spotted observing a novel tradecraft to gain initial access to target networks. CrowdStrike researchers observed the China-linked APT group VANGUARD PANDA, aka Volt Typhoon , using a novel tradecraft to gain initial access to target networks.

Cleanup

Cleanup Libraries Access Manufacturing

Pro-Russia group NoName057(16) targets Ukraine and NATO countries

Security Affairs

JANUARY 13, 2023

A Pro-Russian group named NoName057(16) is targeting organizations in Ukraine and NATO countries with DDoS attacks. A Pro-Russian cybercrime group named NoName057 (16) (aka 05716nnm or Nnm05716) is behind a wave of DDoS attacks against organizations in Ukraine and NATO countries, SentinelOne researchers reported.

Education

Education Government Security IT

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

However, there’s still a long way to go to achieve deep interoperability of interconnected services in a way that preserves privacy and is very secure. It’s important that as consumers are shopping for these smart home devices that they learn to recognize the Matter trademark so that they can make educated decisions.”

Security

Security Manufacturing Authentication Marketing

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals.

Phishing

Phishing Education Authentication Passwords

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

The company received two vulnerability reports from the cybersecurity firm Trend Micro ) for high/critical severity security issues in PaperCut MF/NG. Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities Catalog. ” reads the advisory published by PaperCut. Last week, the U.S.

Cybersecurity

Cybersecurity Ransomware Education Authentication

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware

Ransomware Encryption Government Retail

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

Security Affairs

APRIL 20, 2023

North Korea-linked APT group Lazarus employed new Linux malware in attacks that are part of Operation Dream Job. North Korea-linked APT group Lazarus is behind a new campaign tracked as Operation DreamJob (aka DeathNote or NukeSped ) that employed Linux malware.

Archiving

Archiving Education Phishing Cybersecurity

North Korea-linked TA406 cyberespionage group activity in 2021

Security Affairs

NOVEMBER 19, 2021

North Korea-linked TA406 APT group has intensified its attacks in 2021, particularly credential harvesting campaigns. A report published by Proofpoint revealed that the North Korea-linked TA406 APT group ( Kimsuky , Thallium , and Konni , Black Banshee, Velvet Chollima) has intensified its operations in 2021. ” reads the report.

Government

Government Education Phishing IT

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

MARCH 25, 2020

The China-linked group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and ManageEngine in a campaign on a global scale. The China-linked cyberespionage group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and Zoho ManageEngine in a campaign on a global scale. Pierluigi Paganini.

Healthcare

Healthcare Education Manufacturing Government

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. The ransomware group added the company to the list of victims on its Tor leak site, it claims to have stolen the source code from the company, including a framework to develop bios, and private keys.

Ransomware

Ransomware Security Manufacturing Cybersecurity

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

The Last Watchdog

JULY 11, 2023

Boston, July 7, 2023 — CybSafe, the human risk management platform, has today announced CEO Oz Alashe MBE has been named as a SecurityInfoWatch.com , Security Business and Security Technology Executive magazines’ 2023 Security Industry Innovator Award winner. We are developing intelligent software to help them.”

Security

Security Risk Education Marketing

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Experts from Kaspersky explained that in February 2019, multiple antivirus companies received a collection of malware samples, some of them cannot be associated with the activity of known APT groups. . These malware strains did not present any similarities with malware associated with other APT groups.

Cybersecurity

Cybersecurity Government Education Security

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. The issue was listed by CISA as known to be used in ransomware campaigns, but the agency did not reveal which ransomware groups are actively exploiting the issue.

Ransomware

Ransomware Cybersecurity Education Passwords

Shiny Hunters group is selling data from 11 companies on the Dark Web

Security Affairs

MAY 10, 2020

Shiny Hunters hacking group is offering for sale on a dark web marketplace databases containing over 73.2 A hacking group named Shiny Hunters is attempting to sell on a dark web hacking marketplace databases containing more than 73.2 Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link].

Passwords

Passwords Data breaches Cybersecurity Sales

Ransomware Groups Turn to Intermittent Encryption to Speed Attack Times

eSecurity Planet

SEPTEMBER 22, 2022

To accelerate the ransomware encryption process and make it harder to detect, cybercriminal groups have begun using a new technique: intermittent encryption. Sentinel Labs reported the new trend earlier this month, as ransomware groups have adopted the latest technology. Some are written on Go and can be customized.

Encryption

Encryption Ransomware Cybersecurity Education

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Alex Holden is founder of Hold Security , a Milwaukee-based cybersecurity firm. “ TA505 “), and a newer ransom group known as Venus.

Ransomware

Ransomware Metadata Insurance Encryption

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. National Security Agency and Microsoft addressed it with the release of Microsoft October 2022 Patch Tuesday security updates.

IT

IT Education Cybersecurity Risk

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Cybersecurity Authentication

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

News alert: Reken raises $10M from Greycroft to protect against generative AI-enabled fraud

The Last Watchdog

JANUARY 31, 2024

Ghosemajumder “Generative AI cybercrime poses the greatest security challenge of our time,” said Shuman Ghosemajumder, co-founder & CEO of Reken. While billions have been spent on security products, the impact of cybercrime has actually been getting worse. For more information, please visit [link].

Artificial Intelligence

Artificial Intelligence Education Cybersecurity Analytics

Western Digital took its services offline due to a security breach

Security Affairs

APRIL 3, 2023

Western Digital disclosed a security breach, according to the company an unauthorized party gained access to multiple systems. Western Digital has shut down several of its services after discovering a security breach, the company disclosed that an unauthorized party gained access to multiple systems. We apologize for any inconvenience.

IT

IT Security Cloud Ransomware

News alert: Harter Secrest & Emery announces designation as NetDiligence-authorized Breach Coac

The Last Watchdog

FEBRUARY 15, 2024

Paul Greene , CIPP/US, CIPP/E, CIPM, FIP, Harter Secrest & Emery’s Privacy and Data Security practice group helps clients respond to data security incidents of all kinds. NetDiligence-authorized Breach Coach ® firms are selected based on their experience, competency, thought leadership, and industry engagement.

Data breaches

Data breaches Financial Services Big data Retail

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Security Affairs

NOVEMBER 7, 2023

Iran-linked Agonizing Serpens group has been targeting Israeli organizations with destructive cyber attacks since January. Based on our telemetry, the most targeted organizations belong to the education and technology sectors.” ” concludes the report that also includes indicators of compromise (IoCs).

Education

Education Ransomware Access Security

Hacker education site – iR0nin – makes it easy for those interested in cyber security to get started

IG Guru

NOVEMBER 1, 2019

Check out iRonin.com if you are interested to learn more about and keep up with cyber security. iR0nin is not a movement, an organization, a group, a collective, etc… It is the concept that if ONE person can make a difference […]. The about page says the following: “Let us be clear right at the beginning.

Education

Education IT Security Information governance

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. The group has allegedly exfiltrated more than 10 million files. Data breached: 41,500,000 records.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

6 Ways to Protect Your Organization Against LAPSUS$

Dark Reading

DECEMBER 29, 2022

Businesses need to educate employees the type of social engineering attacks used by hacking group DEV-0537 (LAPSUS$) and strengthen their security posture.

Education

Education Security

Episode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple

The Security Ledger

OCTOBER 4, 2023

Tanya Janca of the group We Hack Purple, talks with Security Ledger host Paul Roberts about the biggest security mistakes that DevSecOps teams make, and application development’s “tragedy of the commons,” as more and more development teams lean on open source code. Read the whole entry. »

Education

Education IoT Security IT

Exclusive interview with the Powerful Greek Army (PGA) hacker group

Security Affairs

FEBRUARY 3, 2022

Our old Twitter account, which was suspended, had pretty much many attacks on government agencies, corporations, educational institutions, ministries, and many, many other things around the world (which we still do, just on a smaller scale). We are a really mixed group. How were you born and approximately how many you are?

Education

Education Ransomware Government Access

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. The report is part of the ongoing #StopRansomware effort that disseminates advisories about tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with ransomware groups.

Ransomware

Ransomware Manufacturing Education Passwords

What Are You Doing for Cyber Security Awareness Month?

IT Governance

OCTOBER 6, 2022

This October is Cyber Security Awareness Month, an event designed to educate people about information security and the steps they can take to stay safe online. Now in its nineteenth year, the campaign provides tools and resources to help people learn more about the cyber security industry and the ways they can get involved.

Security awareness

Security awareness Security Phishing Passwords

APT36 Running Espionage Ops Against India's Education Sector

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Webinars

Trending Sources

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Webinars

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

Cybercrime group exploits Windows zero-day in ransomware attacks

Google TAG warns of Russia-linked APT groups targeting Ukraine

Unmasking 2024’s Email Security Landscape

Money Message ransomware group claims to have hacked IT giant MSI

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Pro-Russia hacking group executed a disruptive attack against a Canadian gas pipeline

China-linked APT41 group spotted using open-source red teaming tool GC2

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

Pro-Russia group NoName057(16) targets Ukraine and NATO countries

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

PYSA ransomware gang is the most active group in November

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

North Korea-linked TA406 cyberespionage group activity in 2021

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

MSI confirms security breach after Money Message ransomware attack

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

Purple Lambert, a new malware of CIA-linked Lambert APT group

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Shiny Hunters group is selling data from 11 companies on the Dark Web

Ransomware Groups Turn to Intermittent Encryption to Speed Attack Times

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

New Ransom Payment Schemes Target Executives, Telemedicine

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

FBI chief says China is preparing to attack US critical infrastructure

News alert: Reken raises $10M from Greycroft to protect against generative AI-enabled fraud

Western Digital took its services offline due to a security breach

News alert: Harter Secrest & Emery announces designation as NetDiligence-authorized Breach Coac

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Hacker education site – iR0nin – makes it easy for those interested in cyber security to get started

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

6 Ways to Protect Your Organization Against LAPSUS$

Episode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple

Exclusive interview with the Powerful Greek Army (PGA) hacker group

FBI and CISA warn of attacks by Rhysida ransomware gang

What Are You Doing for Cyber Security Awareness Month?

Stay Connected