Education, Hacking and Information Security

Alabama State Department of Education suffered a data breach following a blocked attack

Security Affairs

JULY 7, 2024

Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped.

Education

Education Data breaches Banking Hacking

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, NetSupport RAT)

Education

Education Government Business Services Software

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. Local governments, small and medium-sized businesses, large international corporations, healthcare facilities, and educational institutions are the common targets.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Hacking Engineering Manufacturing

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Hacking

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education

Education Ransomware Encryption Malware

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Security Affairs

DECEMBER 16, 2023

The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch).

Ransomware

Ransomware Hacking Insurance Healthcare

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Related: High-profile healthcare hacks in 2021. Educate employees. Many security programs focus on employee education (creating a strong password, being aware of phishing, etc.). These six areas will help improve your security program. As technology and threats evolve, so must the security organization.

Healthcare

Healthcare Cyber Attacks Education Social Engineering

Quishing, an insidious threat to electric car owners

Security Affairs

SEPTEMBER 5, 2024

Unless someone hacks the charging station. ” How to Protect Yourself To protect yourself from this scam, it is advisable to take some precautions: Use recharge cards: Many operators offer cards that provide greater security than QR codes. Education improves awareness” is his slogan. “That’s safe.

Scams

Scams Education Phishing Hacking

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data.

VPN

VPN Ransomware Hacking Education

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

In addition, cryptocurrency exchange platforms are implementing more stringent security measures, such as two-factor authentication and advanced encryption, to protect users’ funds. Educate and protect users and investors To effectively counter cybercrime, it is essential to understand the nature and techniques used by criminals.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Security Affairs

JUNE 24, 2021

The malware was recently employed in attacks against large US schools and education organizations. . “Healthcare and education organizations also host large volumes of sensitive data, making them more valuable targets. .” SecurityAffairs – hacking, ransomware). Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Education DNS Backups

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. If convicted, the man could face up to 20 years in prison for each wire fraud count, 10 years for each computer hacking charge, and 5 years for conspiracy to commit computer fraud and abuse.

Cybercrime

Cybercrime Ransomware Healthcare Education

“My Slice”, an Italian adaptive phishing campaign

Security Affairs

JANUARY 22, 2024

Organizations and individuals should be aware of adaptive phishing techniques and implement cybersecurity training to educate users on how to recognize and avoid online scams. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”. Education improves awareness” is his slogan.

Phishing

Phishing Education Social Engineering Media

Insurance scams via QR codes: how to recognise and defend yourself

Security Affairs

MARCH 12, 2024

Credit: Truffe assicurative tramite QR code: come riconoscerle e difendersi About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security.

Insurance

Insurance Scams Education Engineering

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Security Affairs

AUGUST 6, 2024

The Ministry of Education (MOE) in Singapore confirmed that the incident heavily impacted students in the country. Some students who use iPads or Chromebooks as personal learning devices claimed they were unable to access their applications and information stored on their devices.

Mobile

Mobile Education Hacking Cybercrime

Credential Flusher, understanding the threat and how to protect your login data

Security Affairs

SEPTEMBER 18, 2024

About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. Education improves awareness” is his slogan.

Passwords

Passwords Identity Theft Education Authentication

App used by hundreds of schools leaking children’s data

Security Affairs

NOVEMBER 24, 2023

The leaked data about minors could have dire consequences, as this information can put children at physical risk by revealing their daily whereabouts. It can also be used by someone with malicious intent to impersonate school officials or manipulate children and parents,” said Vincentas Baubonis, Information Security Researcher at Cybernews.

Identity Theft

Identity Theft Internet Internet Education

National Student Clearinghouse data breach impacted approximately 900 US schools

Security Affairs

SEPTEMBER 24, 2023

educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. The security breach resulted from a cyber attack exploiting a vulnerability in the MOVEit managed file transfer (MFT).- reads the message published by the gang.

Data breaches

Data breaches Education Ransomware Software

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Microsoft Exchange) There is an urgent need for action!”

Information Security

Information Security Internet Internet Healthcare

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI has observed incidents of stolen higher education credential information posted on publically accessible online forums or listed for sale on criminal marketplaces.

Cybercrime

Cybercrime Education Accountability Phishing

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

Blackbaud is a cloud computing provider that serves the social good community — nonprofits, foundations, corporations, education institutions, healthcare organizations, religious organizations, and individual change agents.

Cyber Attacks

Cyber Attacks Healthcare Education Data breaches

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

AUGUST 28, 2024

The group continued to carry out password spray attacks targeting the educational sector for infrastructure procurement and focused on the satellite, government, and defense sectors for intelligence gathering. They also leveraged compromised accounts from educational institutions to create additional Azure tenants.

Malware

Malware Social Engineering Education Government

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, enterprise network equipment ) The post Hackers can hack organizations using data found on their discarded enterprise network equipment appeared first on Security Affairs.

Hacking

Hacking VPN Marketing Authentication

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost. Cisco investigated the hacking campaign with the help of Rapid7. concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

Cybersecurity, why a hotline number could be important?

Security Affairs

OCTOBER 6, 2023

No less important, an emergency cybersecurity number would encourage the spread of digital education. About the author: Salvatore Lombardo Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security.

Cybersecurity

Cybersecurity Cybercrime Computers and Electronics Education

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. .” continues the report. CISA orders federal agencies to fix this vulnerability CVE-2020-3259 by March 7, 2024.

Ransomware

Ransomware VPN Education Hacking

A zero-day in Atlas VPN Linux Client leaks users’ IP address

Security Affairs

SEPTEMBER 6, 2023

A Reddit user with the handle ‘Educational-Map-8145’ published a proof of concept exploit for a zero-day flaw in the Linux client of Atlas VPN. “The client does not connect via a local socket or any other secure means but instead it opens an API on localhost on port 8076. It does not have ANY authentication.

VPN

VPN Education Authentication Engineering

Online job offers, the reshipping and money mule scams

Security Affairs

JUNE 17, 2024

About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. Education improves awareness” is his slogan.

Scams

Scams Marketing Education Banking

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

Security Affairs

OCTOBER 16, 2023

Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. According to the IT giant, its cyber defense solution is able to automatically disrupt human-operated attacks like ransomware without needing to deploy any other capabilities.

Engineering

Engineering Ransomware Hacking Education

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

Education

Education Government Hacking Risk

DEF CON 31 – Panel: ‘Hack the Future – Why Congress & White House Support AI Red Teaming’

Security Boulevard

NOVEMBER 20, 2023

Permalink The post DEF CON 31 – Panel: ‘Hack the Future – Why Congress & White House Support AI Red Teaming’ appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Hacking

Hacking Architecture Education Information Security

X will collect biometric data from its premium users

Security Affairs

SEPTEMBER 4, 2023

X also announced that it may collect and use your Job Applications / Recommendations (such as your employment history, educational history, employment preferences, skills and abilities, job search activity and engagement, and so on).

Media

Media Education Advertising Government

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Security Affairs

NOVEMBER 7, 2023

Iran-linked Agonizing Serpens group (aka Agrius , BlackShadow , Pink Sandstorm , DEV-0022 ) has been targeting Israeli organizations in higher education and tech sectors with destructive cyber attacks since January 2023. Based on our telemetry, the most targeted organizations belong to the education and technology sectors.”

Cyber Attacks

Cyber Attacks Education Technology Internet

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost. Cisco investigated the hacking campaign with the help of Rapid7. concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The Krispy Kreme hack is a sobering reminder that no industry is immune to cyber threats.

Password Management

Password Management Passwords CISO Cybersecurity

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Security Affairs

DECEMBER 19, 2024

. “While we found it to be popular with State, Local, and Education (SLED) and healthcare focused customers, luckily the internet exposure is fairly limited to around 15 instances.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,FortiWLM)

Wireless

Wireless Authentication Healthcare Education

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

Ransomware

Ransomware Data breaches Financial Services Scams

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide. concludes the advisory that includes indicators of compromise (IoCs).”

Ransomware

Ransomware Encryption Antivirus VPN

Most Common Causes of Data Breach and How to Prevent It

Security Affairs

MAY 3, 2021

Hacking Well, this is the top reason behind approximately half of the data breaches in the world. From SQL injection to DDoS attacks, a wide range of methods has been used to hack into secure networks and steal critical data. They must educate their employees about cybersecurity, social engineering, and phishing.

Data breaches

Data breaches Social Engineering Engineering Network Security

Lehigh Valley Health Network hospital network has agreed to a $65 million settlement after data breach

Security Affairs

SEPTEMBER 13, 2024

The network also includes a children’s hospital, rehabilitation centers, and partnerships with academic institutions to support medical education and research. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach) ” reported the law firm.

Data breaches

Data breaches Healthcare Ransomware Hacking

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

The IT giant has seized the domains used by the threat actors employed in its attacks aimed at organizations in tech, transportation, government, and education sectors located in the U.S., Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. SecurityAffairs – hacking, Bohrium).

Phishing

Phishing Manufacturing Education Hacking

Alabama State Department of Education suffered a data breach following a blocked attack

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Trending Sources

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Rhysida ransomware gang claimed China Energy hack

Rhysida ransomware group hacked Abdali Hospital in Jordan

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

Quishing, an insidious threat to electric car owners

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Cryptocurrencies and cybercrime: A critical intermingling

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Russian Phobos ransomware operator faces cybercrime charges

“My Slice”, an Italian adaptive phishing campaign

Insurance scams via QR codes: how to recognise and defend yourself

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Credential Flusher, understanding the threat and how to protect your login data

App used by hundreds of schools leaking children’s data

National Student Clearinghouse data breach impacted approximately 900 US schools

German BSI warns of 17,000 unpatched Microsoft Exchange servers

FBI: Compromised US academic credentials available on various cybercrime forums

Save the Children confirms it was hit by cyber attack

Iran-linked group APT33 adds new Tickler malware to its arsenal

Hackers can hack organizations using data found on their discarded enterprise network equipment

Akira ransomware targets Finnish organizations

Cybersecurity, why a hotline number could be important?

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

A zero-day in Atlas VPN Linux Client leaks users’ IP address

Online job offers, the reshipping and money mule scams

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

DEF CON 31 – Panel: ‘Hack the Future – Why Congress & White House Support AI Red Teaming’

X will collect biometric data from its premium users

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Akira ransomware targets Finnish organizations

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Akira ransomware received $42M in ransom payments from over 250 victims

Most Common Causes of Data Breach and How to Prevent It

Lehigh Valley Health Network hospital network has agreed to a $65 million settlement after data breach

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Stay Connected