Education, Military and Security - Information Management Today

APT36 Running Espionage Ops Against India's Education Sector

Data Breach Today

APRIL 14, 2023

Pakistan-Linked APT Group Using Spear-Phishing to Plant Info Stealer Malware A suspected Pakistan espionage threat actor that relies on phishing emails is expanding to the education sector after years of focusing on the Indian military and government.

Education

Education Military Phishing Government

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Security Affairs

FEBRUARY 24, 2023

This year, 750 cyber specialists have participated in the military cyberwarfare exercise. We must innovate to stay ahead of those that would wish us harm and Defence Cyber Marvel 2 is the next evolution of our pioneering collective education.” ” reads the press release published by the UK Ministry of Defence.

Military

Military Education Government IT

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

Military

Military File names Education Phishing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

MAY 30, 2022

Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. Yet, there’s still work to be done to make this path more accessible and known among the veteran and transitioning military community. This experience can also be helpful when training cybersecurity talent. And it works.

Cybersecurity

Cybersecurity Military Education Government

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. Cybersecurity and Infrastructure Security Agency (CISA) has started a campaign to increase awareness of these risks to U.S.

Cybersecurity

Cybersecurity Military Passwords Education

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

As a part of this effort, each organization made the following commitments: MxD , in collaboration with the University of Maryland, Baltimore County, created the Cybersecurity for Manufacturing Operational Technology (CyMOT) program to increase the security of U.S.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

China Issues Draft Data Security Law

Hunton Privacy

JULY 7, 2020

China has lacked a comprehensive data protection and data security law that regulates in detail requirements and procedures relating to the collection, processing, control and storage of personal data. Recently, another significant draft law on data security was issued by the Chinese legislative authority.

Security

Security Military Government Risk

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! billion rubles.

Security

Security Computer and Electronics Ransomware Marketing

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities

Energy and Utilities Military Government Phishing

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

The best news of the week with Security Affairs. Google sued by New Mexico attorney general for collecting student data through its Education Platform. European Commission has chosen the Signal app to secure its communications. Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates.

Security

Security Ransomware Military Data breaches

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. hacking tools and electronics appeared first on Security Affairs. His illegal acquisitions of sophisticated U.S.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Security Affairs

APRIL 23, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Cybersecurity

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926 , to its Known Exploited Vulnerabilities Catalog. The goal of this activity is assessed to be gaining access to the emails of military, government, and diplomatic organizations across Europe involved in the Russia Ukrainian War.”

IT

IT Military Phishing Passwords

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

The Last Watchdog

SEPTEMBER 27, 2021

To minimize their impact, implementing preventive security measures into these advanced systems is crucial. Businesses across all industries can function adequately without worrying about would-be hackers with malicious intent when they secure their networks. Related: How Russia uses mobile apps to radicalize U.S. As a result, the U.S.

Cybersecurity

Cybersecurity Military Encryption Risk

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. The group targeted multiple sectors, including government, defense, energy, transportation/logistics, education, and humanitarian organizations.

Phishing

Phishing Military Ransomware Education

Ministry of Defence academy hit by state-sponsored hackers

Security Affairs

MARCH 22, 2021

The Defence Academy of the United Kingdom provides higher education for personnel in the British Armed Forces, Civil Service, other government departments and service personnel from other nations. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Teaching continues.”. Pierluigi Paganini.

Education

Education Military Government IT

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Systems administration

Systems administration Military Phishing Government

Catches of the Month: Phishing Scams for March 2022

IT Governance

MARCH 8, 2022

As the Russian invasion continues, many cyber security experts have advised that conflicts could play out in cyberspace. Meanwhile, the CERT-UA posted on Facebook that it had detected a widespread phishing campaign targeting Ukrainian military personnel.

Phishing

Phishing Military Access Education

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security

Security Data breaches Ransomware Military

Another Massive Russian Hack of US Government Networks

Schneier on Security

DECEMBER 15, 2020

Several said national security-related agencies were also targeted, though it was not clear whether the systems contained highly classified material. […]. The motive for the attack on the agency and the Treasury Department remains elusive, two people familiar with the matter said.

Government

Government Military Education IT

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. You need to rely on external storage to securely transport your data. DataLocker actually got traction, early on, selling to the military.

Encryption

Encryption Military Passwords Authentication

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Snyder says his experience as head of Gateway Computers and as an investor in tech security startups, prior to entering politics, gave him an awareness of why putting Michigan ahead of the curve, dealing with cyber threats, would be vital. “I Merit is an acronym for the Michigan Educational Research Information Triad.

Cybersecurity

Cybersecurity Military Education Government

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

Compromised data includes policyholders’ and their families’ civil status, dates of birth and social security numbers, as well as the name of their health insurer and information relating to their contracts. It has since been confirmed by Anukul Peedkaew, the permanent secretary of social development and human security.

Data Privacy

Data Privacy Manufacturing Privacy Security

Attention U.S. Veterans: The CIP Exam Has Been Approved for Reimbursement Under the GI Bill

AIIM

MAY 15, 2019

I am very pleased to announce that the Certified Information Professional (CIP) exam has been approved for reimbursement under the Veterans Education Benefit program for Licensing and Certification reimbursements administered by the U.S. Department of Veterans Affairs - aka the GI Bill. This is something that is intensely personal to me.

Education

Education Military IT Security

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Access Cybersecurity Education

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Italian Military Personnel and National Association of Professional Educators. Italian Military Personnel and National Association of Professional Educators. Military Personnel. National Association of Professional Educators. Security Affairs – LulzSec Italy, hacktivism). 38 Databases Total: [link].

Passwords

Passwords Archiving Mining Education

Kevin Mitnick, Hacker Turned Cybersecurity Leader, Dies at 59

eSecurity Planet

JULY 20, 2023

military systems and launch nuclear missiles through mere whistling. Mitnick understood where the greatest cybersecurity dangers were, and he used his platform at KnowBe4 to promote training all employees to be aware of attack vectors and to educate organizations worldwide.

Cybersecurity

Cybersecurity Education Military Government

Cybercriminals Have a Heyday with WinRAR Bug in Fresh Campaigns

Threatpost

MARCH 27, 2019

With new attacks on the Israeli military and social-work educators, exploitation of the 19-year-old flaw shows no signs of slowing down.

Military

Military Education Security

Biden AI Order Enables Agencies to Address Key Risks

Hunton Privacy

OCTOBER 31, 2023

President Biden issued an Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence. Standards for AI Safety and Security Red-teaming requirements. AI use by the military and intelligence community. The Administration will also support the expansion of AI-enabled tools in education. New standards.

Risk

Risk Artificial Intelligence Privacy Military

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs

APRIL 30, 2023

Cyber security of satellite systems is becoming crucial due to the growing number of commercial and military applications that rely on them. .” Thales pointed out that throughout the entire exercise, ESA had access to the satellite’s systems to retain control. ” said Pierre-Yves Jolivet, VP Cyber Solutions, Thales.

Cybersecurity

Cybersecurity Military Access Education

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. . Threat actors carried out a highly-sophisticated supply chain attack.

Military

Military Cybersecurity Communications Government

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

JUNE 22, 2020

Security Breach Notice Act. The amendments to Vermont’s Security Breach Notice Act include expanding the definition of Personally Identifiable Information (“PII”), expanding the definition of a breach to include login credentials and narrowing the permissible circumstances under which substitute notice may be used.

Data breaches

Data breaches Privacy Education Data Privacy

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) is warning of the North Korea-linked ARCHIPELAGO group that is targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea, the US and elsewhere.

Phishing

Phishing Passwords Military Education

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

Security Affairs

APRIL 19, 2023

“Microsoft assesses that Mint Sandstorm is associated with an intelligence arm of Iran’s military, the Islamic Revolutionary Guard Corps (IRGC), an assessment that has been corroborated by multiple credible sources including Mandiant , Proofpoint , and SecureWorks.” ” reads the report published by Microsoft.

Energy and Utilities

Energy and Utilities Military Education Phishing

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

However, the attackers chose a domain name that gives the impression of a connection to the South African military. This domain has been hosted on eight other IPs throughout its history, none of these IPs were directly affiliated with the South African government. Experts added that the IP 196.216.136[.]139 139 resolved to vpn729380678.softether[.]net

Communications

Communications Military Government Libraries

UK Foreign Office targeted by ‘serious’ cyber attack

IT Governance

FEBRUARY 10, 2022

The UK’s FCDO (Foreign, Commonwealth and Development Office) was recently hit by a “serious cyber security incident”, according to a public tender document. According to the BBC , the attackers were able to breach the FCDO but were detected thanks to the support of third-party cyber security experts, who were called in “with extreme urgency”.

Military

Military Government Paper Security

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

Experts at Symantec first exposed the activity of the Chinese-linked APT Thrip in 2018, now the security firm confirms that cyber espionage group has continued to carry out attacks in South East Asia. Security experts at Symantec speculate that Thrip is a sub-group of Billbug. ” concludes the report. . Pierluigi Paganini.

Military

Military Communications Government Education

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

KnowBe4

APRIL 4, 2023

But, according to security researchers at Abnormal Security, cybercriminals are becoming brazen and are taking their shots at very large prizes. According to Abnormal Security, nearly every aspect of the request looked legitimate. Blog post with screenshots and links: [link] A Master Class on IT Security: Roger A.

Phishing

Phishing Security awareness Cybersecurity Education

Episode 255: EDM, Meet CDM – Cyber Dance Music with Niels Provos

The Security Ledger

JANUARY 23, 2024

In this episode of The Security Ledger Podcast (#255) host Paul Roberts interviews Niels Provos of Lacework about his mission to use EDM to teach people about cybersecurity. The post Episode 255: EDM, Meet CDM – Cyber Dance Music with Niels Provos appeared first on The Security Ledger with Paul F. Click the icon below to listen.

Honeypots

Honeypots Cybersecurity Digital transformation Military

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. link] #MSFTatBlackHat — Security Response (@msftsecresponse) August 5, 2019. ” concludes Microsoft.

IoT

IoT Military Access Education

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

The groups targeted organizations in the business services, financial, health, retail/consumer, aero-military, engineering and manufacturing, government, education, transportation, and utilities industries. orgs with 3 malware appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing

Manufacturing Phishing Military Retail

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

MARCH 18, 2019

UK intelligence agency GCHQ, as part of the celebration of its centenary , has released emulators for World War II cipher machines that can be executed in the encryption app CyberChef released for educational purposes. Security Affairs – GCHQ , CyberChef ). We even tested them against the real thing! Pierluigi Paganini.

Encryption

Encryption Military Education Communications

APT36 Running Espionage Ops Against India's Education Sector

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Webinars

Trending Sources

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Webinars

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

China Issues Draft Data Security Law

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs newsletter Round 253

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

FBI chief says China is preparing to attack US critical infrastructure

Google TAG warns of Russia-linked APT groups targeting Ukraine

Ministry of Defence academy hit by state-sponsored hackers

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Catches of the Month: Phishing Scams for March 2022

2022 Cyber Security Review of the Year

Another Massive Russian Hack of US Government Networks

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

Attention U.S. Veterans: The CIP Exam Has Been Approved for Reimbursement Under the GI Bill

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Kevin Mitnick, Hacker Turned Cybersecurity Leader, Dies at 59

Cybercriminals Have a Heyday with WinRAR Bug in Fresh Campaigns

Biden AI Order Enables Agencies to Address Key Risks

White hat hackers showed how to take over a European Space Agency satellite

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

UK Foreign Office targeted by ‘serious’ cyber attack

Symantec uncovered the link between China-Linked Thrip and Billbug groups

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

Episode 255: EDM, Meet CDM – Cyber Dance Music with Niels Provos

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

GCHQ implements World War II cipher machines in encryption app CyberChef

Stay Connected