Education, Hacking and Information Security

Pennsylvania State Education Association data breach impacts 500,000 individuals

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. PSEA is affiliated with the National Education Association (NEA).

Education

Education Data breaches Identity Theft Insurance

Digital nomads and risk associated with the threat of infiltred employees

Security Affairs

MARCH 4, 2025

About the author: Salvatore Lombardo ( X @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. Education improves awareness is his slogan.

Risk

Risk Education Scams VPN

Alabama State Department of Education suffered a data breach following a blocked attack

Security Affairs

JULY 7, 2024

Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped.

Education

Education Data breaches Banking Hacking

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

.” The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the group hasdeveloped a Linux encryptorto target VMware ESXi servers.

Ransomware

Ransomware IoT Encryption Passwords

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. If convicted, the man could face up to 20 years in prison for each wire fraud count, 10 years for each computer hacking charge, and 5 years for conspiracy to commit computer fraud and abuse.

Cybercrime

Cybercrime Ransomware Healthcare Education

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The Krispy Kreme hack is a sobering reminder that no industry is immune to cyber threats.

Password Management

Password Management Passwords CISO Cybersecurity

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, NetSupport RAT)

Education

Education Government Business Services Software

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. Local governments, small and medium-sized businesses, large international corporations, healthcare facilities, and educational institutions are the common targets.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Hacking Engineering Manufacturing

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Hacking

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education

Education Ransomware Encryption Malware

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Security Affairs

DECEMBER 19, 2024

. “While we found it to be popular with State, Local, and Education (SLED) and healthcare focused customers, luckily the internet exposure is fairly limited to around 15 instances.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,FortiWLM)

Wireless

Wireless Authentication Healthcare Education

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.”

Phishing

Phishing Authentication Telecommunications Accountability

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations. ” reads the press release published by the Spanish Police.

Cybercrime

Cybercrime Government Data breaches Information Security

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Security Affairs

DECEMBER 16, 2023

The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch).

Ransomware

Ransomware Hacking Insurance Healthcare

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

Computer Education System Inc., “The vulnerability is caused by the use of a custom PE loader instead of using the standard and secure UEFI functions LoadImage and StartImage. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,UEFI) SANFONG Inc.,

Firmware

Firmware Technology Software Manufacturing

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

VPN

VPN Government Malware Manufacturing

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Related: High-profile healthcare hacks in 2021. Educate employees. Many security programs focus on employee education (creating a strong password, being aware of phishing, etc.). These six areas will help improve your security program. As technology and threats evolve, so must the security organization.

Healthcare

Healthcare Cyber Attacks Education Social Engineering

Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites

Security Affairs

FEBRUARY 17, 2025

” “During a conference at an educational institution, the Italian president claimed that Russia could be equated with the Third Reich. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,NoName057) This cannot and will never be left without consequences.”

DDOS

DDOS Banking Government Education

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data.

VPN

VPN Ransomware Hacking Education

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

In addition, cryptocurrency exchange platforms are implementing more stringent security measures, such as two-factor authentication and advanced encryption, to protect users’ funds. Educate and protect users and investors To effectively counter cybercrime, it is essential to understand the nature and techniques used by criminals.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Security Affairs

JUNE 24, 2021

The malware was recently employed in attacks against large US schools and education organizations. . “Healthcare and education organizations also host large volumes of sensitive data, making them more valuable targets. .” SecurityAffairs – hacking, ransomware). Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Education DNS Backups

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Microsoft warns that China-backed APT Silk Typhoon linked to US Treasury hack, is now targeting global IT supply chains, using IT firms to spy and move laterally. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,APT)

Energy and Utilities

Energy and Utilities Passwords VPN Healthcare

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Security Affairs

AUGUST 6, 2024

The Ministry of Education (MOE) in Singapore confirmed that the incident heavily impacted students in the country. Some students who use iPads or Chromebooks as personal learning devices claimed they were unable to access their applications and information stored on their devices.

Mobile

Mobile Education Hacking Cybercrime

App used by hundreds of schools leaking children’s data

Security Affairs

NOVEMBER 24, 2023

The leaked data about minors could have dire consequences, as this information can put children at physical risk by revealing their daily whereabouts. It can also be used by someone with malicious intent to impersonate school officials or manipulate children and parents,” said Vincentas Baubonis, Information Security Researcher at Cybernews.

Identity Theft

Identity Theft Internet Internet Education

Credential Flusher, understanding the threat and how to protect your login data

Security Affairs

SEPTEMBER 18, 2024

About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. Education improves awareness” is his slogan.

Passwords

Passwords Identity Theft Education Authentication

National Student Clearinghouse data breach impacted approximately 900 US schools

Security Affairs

SEPTEMBER 24, 2023

educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. The security breach resulted from a cyber attack exploiting a vulnerability in the MOVEit managed file transfer (MFT).- reads the message published by the gang.

Data breaches

Data breaches Education Ransomware Software

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Microsoft Exchange) There is an urgent need for action!”

Information Security

Information Security Internet Internet Healthcare

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI has observed incidents of stolen higher education credential information posted on publically accessible online forums or listed for sale on criminal marketplaces.

Cybercrime

Cybercrime Education Accountability Phishing

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” ” reads the joint advisory.

Ransomware

Ransomware Encryption Cryptocurrency Insurance

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

Blackbaud is a cloud computing provider that serves the social good community — nonprofits, foundations, corporations, education institutions, healthcare organizations, religious organizations, and individual change agents.

Cyber Attacks

Cyber Attacks Healthcare Education Data breaches

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, enterprise network equipment ) The post Hackers can hack organizations using data found on their discarded enterprise network equipment appeared first on Security Affairs.

Hacking

Hacking VPN Marketing Authentication

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

AUGUST 28, 2024

The group continued to carry out password spray attacks targeting the educational sector for infrastructure procurement and focused on the satellite, government, and defense sectors for intelligence gathering. They also leveraged compromised accounts from educational institutions to create additional Azure tenants.

Malware

Malware Social Engineering Education Government

“My Slice”, an Italian adaptive phishing campaign

Security Affairs

JANUARY 22, 2024

Organizations and individuals should be aware of adaptive phishing techniques and implement cybersecurity training to educate users on how to recognize and avoid online scams. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”. Education improves awareness” is his slogan.

Phishing

Phishing Education Social Engineering Media

Cybersecurity, why a hotline number could be important?

Security Affairs

OCTOBER 6, 2023

No less important, an emergency cybersecurity number would encourage the spread of digital education. About the author: Salvatore Lombardo Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security.

Cybersecurity

Cybersecurity Cybercrime Computers and Electronics Education

Insurance scams via QR codes: how to recognise and defend yourself

Security Affairs

MARCH 12, 2024

Credit: Truffe assicurative tramite QR code: come riconoscerle e difendersi About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security.

Insurance

Insurance Scams Education Engineering

Can Cybersecurity Make You a Millionaire?

Hacker's King

OCTOBER 22, 2024

YOU MAY ALSO WANT TO READ ABOUT: Can Cybersecurity Hack Your Phone? Here are some of the positions where individuals can earn top-tier salaries: Chief Information Security Officer (CISO) – As the leader of an organization’s cybersecurity strategy, CISOs can earn well over $200,000 per year.

Cybersecurity

Cybersecurity CISO Engineering Education

A zero-day in Atlas VPN Linux Client leaks users’ IP address

Security Affairs

SEPTEMBER 6, 2023

A Reddit user with the handle ‘Educational-Map-8145’ published a proof of concept exploit for a zero-day flaw in the Linux client of Atlas VPN. “The client does not connect via a local socket or any other secure means but instead it opens an API on localhost on port 8076. It does not have ANY authentication.

VPN

VPN Education Authentication Engineering

Online job offers, the reshipping and money mule scams

Security Affairs

JUNE 17, 2024

About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. Education improves awareness” is his slogan.

Scams

Scams Marketing Education Banking

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

Security Affairs

OCTOBER 16, 2023

Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. According to the IT giant, its cyber defense solution is able to automatically disrupt human-operated attacks like ransomware without needing to deploy any other capabilities.

Engineering

Engineering Ransomware Hacking Education

DEF CON 31 – Panel: ‘Hack the Future – Why Congress & White House Support AI Red Teaming’

Security Boulevard

NOVEMBER 20, 2023

Permalink The post DEF CON 31 – Panel: ‘Hack the Future – Why Congress & White House Support AI Red Teaming’ appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Hacking

Hacking Architecture Education Information Security

Pennsylvania State Education Association data breach impacts 500,000 individuals

Digital nomads and risk associated with the threat of infiltred employees

Trending Sources

Alabama State Department of Education suffered a data breach following a blocked attack

Akira ransomware gang used an unsecured webcam to bypass EDR

Russian Phobos ransomware operator faces cybercrime charges

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Rhysida ransomware gang claimed China Energy hack

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Storm-2372 used the device code phishing technique since August 2024

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

China’s Volt Typhoon botnet has re-emerged

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Cryptocurrencies and cybercrime: A critical intermingling

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

China-linked APT Silk Typhoon targets IT Supply Chain

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

App used by hundreds of schools leaking children’s data

Credential Flusher, understanding the threat and how to protect your login data

National Student Clearinghouse data breach impacted approximately 900 US schools

German BSI warns of 17,000 unpatched Microsoft Exchange servers

FBI: Compromised US academic credentials available on various cybercrime forums

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Save the Children confirms it was hit by cyber attack

Hackers can hack organizations using data found on their discarded enterprise network equipment

Iran-linked group APT33 adds new Tickler malware to its arsenal

“My Slice”, an Italian adaptive phishing campaign

Cybersecurity, why a hotline number could be important?

Insurance scams via QR codes: how to recognise and defend yourself

Can Cybersecurity Make You a Millionaire?

A zero-day in Atlas VPN Linux Client leaks users’ IP address

Online job offers, the reshipping and money mule scams

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

DEF CON 31 – Panel: ‘Hack the Future – Why Congress & White House Support AI Red Teaming’

Stay Connected