Education, Hacking and Information Security

Storm-1977 targets education sector with password spraying, Microsoft warns

Security Affairs

APRIL 27, 2025

Microsoft warns that threat actor Storm-1977 is behind password spraying attacksagainst cloud tenants in the education sector. Over the past year, Microsoft Threat Intelligence researchers observed a threat actor, tracked as Storm-1977, using AzureChecker.exe to launch password spray attacks against cloud tenants in the education sector.

Education

Education Passwords Accountability Encryption

Pennsylvania State Education Association data breach impacts 500,000 individuals

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. PSEA is affiliated with the National Education Association (NEA).

Education

Education Data breaches Identity Theft Insurance

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government

Government Ransomware Hacking Manufacturing

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Alabama State Department of Education suffered a data breach following a blocked attack

Security Affairs

JULY 7, 2024

Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped.

Education

Education Data breaches Banking Hacking

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

. “During the half-day meeting in Geneva, Wang Lei, a top cyber official with Chinas Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.s “Wang or the other Chinese officials didnt directly state that China was responsible for the hacking, the U.S. ” states the WSJ.

Hacking

Hacking Manufacturing Education Government

Digital nomads and risk associated with the threat of infiltred employees

Security Affairs

MARCH 4, 2025

About the author: Salvatore Lombardo ( X @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. Education improves awareness is his slogan.

Risk

Risk Education Scams VPN

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. If convicted, the man could face up to 20 years in prison for each wire fraud count, 10 years for each computer hacking charge, and 5 years for conspiracy to commit computer fraud and abuse.

Cybercrime

Cybercrime Ransomware Healthcare Education

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

.” The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the group hasdeveloped a Linux encryptorto target VMware ESXi servers.

Ransomware

Ransomware IoT Encryption Passwords

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The Krispy Kreme hack is a sobering reminder that no industry is immune to cyber threats.

Password Management

Password Management Passwords CISO Cybersecurity

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, NetSupport RAT)

Education

Education Government Business Services Software

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. Local governments, small and medium-sized businesses, large international corporations, healthcare facilities, and educational institutions are the common targets.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Hacking Engineering Manufacturing

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Hacking

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Cybercrime Artificial Intelligence

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education

Education Ransomware Encryption Malware

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware.

Ransomware

Ransomware Hacking Manufacturing Healthcare

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

AutoZone disclosed a data breach resulting from the hack of their MOVEit Transfer installation. The car parts giant is notifying 184,995 individuals that the massive MOVEit hacking campaign compromised their personal information. ” reads the Notice Letter published by the Main Attorney General. percent, Canada-based 2.6

Data breaches

Data breaches Hacking Retail Identity Theft

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Security Affairs

DECEMBER 19, 2024

. “While we found it to be popular with State, Local, and Education (SLED) and healthcare focused customers, luckily the internet exposure is fairly limited to around 15 instances.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,FortiWLM)

Wireless

Wireless Authentication Healthcare Education

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.”

Phishing

Phishing Authentication Telecommunications Accountability

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations. ” reads the press release published by the Spanish Police.

Cybercrime

Cybercrime Government Data breaches Information Security

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Security Affairs

DECEMBER 16, 2023

The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch).

Ransomware

Ransomware Hacking Insurance Healthcare

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

Computer Education System Inc., “The vulnerability is caused by the use of a custom PE loader instead of using the standard and secure UEFI functions LoadImage and StartImage. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,UEFI) SANFONG Inc.,

Firmware

Firmware Technology Software Manufacturing

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. The Port holds very little information about airport or maritime passengers, and systems processing payments were not affected.” ” concludes the notice.

Data breaches

Data breaches Ransomware Cyber Attacks Manufacturing

The source code of Zeppelin Ransomware sold on a hacking forum

Security Affairs

JANUARY 5, 2024

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Hacking Encryption Malware

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

VPN

VPN Government Malware Manufacturing

Quishing, an insidious threat to electric car owners

Security Affairs

SEPTEMBER 5, 2024

Unless someone hacks the charging station. ” How to Protect Yourself To protect yourself from this scam, it is advisable to take some precautions: Use recharge cards: Many operators offer cards that provide greater security than QR codes. Education improves awareness” is his slogan. “That’s safe.

Scams

Scams Education Phishing Hacking

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data.

VPN

VPN Ransomware Hacking Education

Russian APT Nomadic Octopus hacked Tajikistani carrier

Security Affairs

MAY 1, 2023

Russian APT group Nomadic Octopus hacked a Tajikistani carrier to spy on government officials and public service infrastructures.

Hacking

Hacking Telecommunications Government Firewall

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 4, 2025

Every week the best security articles from Security Affairs are free in your email box. Rhysida Ransomware gang claims the hack of the Government of Peru DragonForce group claims the theft of data after Co-op cyberattack U.S. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Cyber Attacks Malware Phishing

Pro-Russia hacking group executed a disruptive attack against a Canadian gas pipeline

Security Affairs

APRIL 26, 2023

Pro-Russia hacking group Zarya caused a cybersecurity incident at a Canadian gas pipeline, the critical infrastructure sector is on alert. A Canadian gas pipeline suffered a cyber security incident, Canada’s top cyber official and Pro-Russia hacking group Zarya claimed the attack could have caused an explosion.

Hacking

Hacking Cyber Attacks Education Media

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Security Affairs

JUNE 24, 2021

The malware was recently employed in attacks against large US schools and education organizations. . “Healthcare and education organizations also host large volumes of sensitive data, making them more valuable targets. .” SecurityAffairs – hacking, ransomware). Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Education DNS Backups

Cybersecurity Certifications: The Key to Advancing Your Career in 2025

SecureWorld News

FEBRUARY 27, 2025

As global cybersecurity threats continue to rise, information security professionals must enroll in continuous education and training programs to acquire current knowledge and skills that help organizations thwart these costly risks. It focuses on enterprise security programs.

Cybersecurity

Cybersecurity Information Security Penetration Testing Backups

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

In addition, cryptocurrency exchange platforms are implementing more stringent security measures, such as two-factor authentication and advanced encryption, to protect users’ funds. Educate and protect users and investors To effectively counter cybercrime, it is essential to understand the nature and techniques used by criminals.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Security Affairs

AUGUST 6, 2024

The Ministry of Education (MOE) in Singapore confirmed that the incident heavily impacted students in the country. Some students who use iPads or Chromebooks as personal learning devices claimed they were unable to access their applications and information stored on their devices.

Mobile

Mobile Education Hacking Cybercrime

App used by hundreds of schools leaking children’s data

Security Affairs

NOVEMBER 24, 2023

The leaked data about minors could have dire consequences, as this information can put children at physical risk by revealing their daily whereabouts. It can also be used by someone with malicious intent to impersonate school officials or manipulate children and parents,” said Vincentas Baubonis, Information Security Researcher at Cybernews.

Identity Theft

Identity Theft Internet Internet Education

Credential Flusher, understanding the threat and how to protect your login data

Security Affairs

SEPTEMBER 18, 2024

About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. Education improves awareness” is his slogan.

Passwords

Passwords Identity Theft Education Authentication

National Student Clearinghouse data breach impacted approximately 900 US schools

Security Affairs

SEPTEMBER 24, 2023

educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. The security breach resulted from a cyber attack exploiting a vulnerability in the MOVEit managed file transfer (MFT).- reads the message published by the gang.

Data breaches

Data breaches Education Ransomware Software

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI has observed incidents of stolen higher education credential information posted on publically accessible online forums or listed for sale on criminal marketplaces.

Cybercrime

Cybercrime Education Accountability Phishing

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

To share knowledge and encourage information security researchers to combat malicious code, Resecurity’s HUNTER unit has prepared an educational video demonstrating the.NET reverse engineering and deobfuscation techniques used for the Agent Tesla analysis. . SecurityAffairs – hacking, malware). Pierluigi Paganini.

Cyber threats

Cyber threats Engineering Malware Financial Services

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

Blackbaud is a cloud computing provider that serves the social good community — nonprofits, foundations, corporations, education institutions, healthcare organizations, religious organizations, and individual change agents.

Cyber Attacks

Cyber Attacks Healthcare Education Data breaches

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Microsoft warns that China-backed APT Silk Typhoon linked to US Treasury hack, is now targeting global IT supply chains, using IT firms to spy and move laterally. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,APT)

Energy and Utilities

Energy and Utilities Passwords VPN Healthcare

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

AUGUST 28, 2024

The group continued to carry out password spray attacks targeting the educational sector for infrastructure procurement and focused on the satellite, government, and defense sectors for intelligence gathering. They also leveraged compromised accounts from educational institutions to create additional Azure tenants.

Malware

Malware Social Engineering Education Government

“My Slice”, an Italian adaptive phishing campaign

Security Affairs

JANUARY 22, 2024

Organizations and individuals should be aware of adaptive phishing techniques and implement cybersecurity training to educate users on how to recognize and avoid online scams. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”. Education improves awareness” is his slogan.

Phishing

Phishing Education Social Engineering Media

Storm-1977 targets education sector with password spraying, Microsoft warns

Pennsylvania State Education Association data breach impacts 500,000 individuals

Webinars

Trending Sources

Rhysida Ransomware gang claims the hack of the Government of Peru

Webinars

Alabama State Department of Education suffered a data breach following a blocked attack

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Digital nomads and risk associated with the threat of infiltred employees

Russian Phobos ransomware operator faces cybercrime charges

Akira ransomware gang used an unsecured webcam to bypass EDR

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Rhysida ransomware gang claimed China Energy hack

Rhysida ransomware group hacked Abdali Hospital in Jordan

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Storm-2372 used the device code phishing technique since August 2024

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Port of Seattle ‘s August data breach impacted 90,000 people

The source code of Zeppelin Ransomware sold on a hacking forum

China’s Volt Typhoon botnet has re-emerged

Quishing, an insidious threat to electric car owners

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Russian APT Nomadic Octopus hacked Tajikistani carrier

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

Pro-Russia hacking group executed a disruptive attack against a Canadian gas pipeline

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Cybersecurity Certifications: The Key to Advancing Your Career in 2025

Cryptocurrencies and cybercrime: A critical intermingling

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

App used by hundreds of schools leaking children’s data

Credential Flusher, understanding the threat and how to protect your login data

National Student Clearinghouse data breach impacted approximately 900 US schools

FBI: Compromised US academic credentials available on various cybercrime forums

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Save the Children confirms it was hit by cyber attack

China-linked APT Silk Typhoon targets IT Supply Chain

Iran-linked group APT33 adds new Tickler malware to its arsenal

“My Slice”, an Italian adaptive phishing campaign

Stay Connected