2017 and Education - Information Management Today

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Access

Librarian Sues Equifax Over 2017 Data Breach, Wins $600

Krebs on Security

JUNE 13, 2018

And now she’s celebrating a small but symbolic victory after a small claims court awarded her $600 in damages stemming from the 2017 breach. Vermont librarian Jessamyn West sued Equifax over its 2017 data breach and won $600 in small claims court. The 49-year-old librarian from a tiny town in Vermont took Equifax to court.

Data breaches

Data breaches Personal data Privacy Libraries

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. ” reads the alert published by the FBI.

Sales

Sales Education Phishing Passwords

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

DePriMon downloader uses a never seen installation technique

Security Affairs

NOVEMBER 21, 2019

According to a report published by Symantec in 2017, Longhorn is a North American hacking group that has been active since at least 2011. In 2017, Symantec speculated that at least 40 targets in 16 countries have been compromised by the threat actors. The targets were all located in the Middle East, Europe, Asia, and Africa.

Communications

Communications Encryption Education Authentication

Iran-Linked Seedworm APT target orgs in the Middle East

Security Affairs

OCTOBER 23, 2020

Also referred to as MuddyWater , MERCURY, and Static Kitten, the cyber-espionage group was initially analyzed in 2017. The first MuddyWater campaign was observed in late 2017, then researchers from Palo Alto Networks were investigating a mysterious wave of attacks in the Middle East.

Ransomware

Ransomware Education Security Government

Operators behind Dark Caracal are still alive and operational

Security Affairs

NOVEMBER 29, 2020

The Bandook was spotted last time in 2015 and 2017 campaigns, dubbed “ Operation Manul ” and “ Dark Caracal “, respectively attributed to Kazakh and the Lebanese governments. Samples from the Dark Caracal campaign (2017) utilized around 100 commands, compared to the current 120 command version we analyzed. ” Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Archiving Education

Law enforcement seized the Genesis Market cybercrime marketplace

Security Affairs

APRIL 5, 2023

The FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. Law enforcement seized the Genesis Market black marketplace, a platform focused on the sale of stolen credentials, as part of Operation Cookie Monster.

Marketing

Marketing Education Sales Access

No Jail Time for “WannaCry Hero”

Krebs on Security

JULY 29, 2019

Marcus Hutchins , the “accidental hero” who helped arrest the spread of the global WannaCry ransomware outbreak in 2017, will receive no jail time for his admitted role in authoring and selling malware that helped cyberthieves steal online bank account credentials from victims, a federal judge ruled Friday.

Ransomware

Ransomware Education Government Risk

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. Twitter @Slvlombardo.

Computer and Electronics

Computer and Electronics IT e-Discovery Encryption

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Security Affairs

AUGUST 13, 2021

This group focuses on public school districts and other educational institutions, like other ransomware gangs it implements a double extortion model and publishes data stolen from the victims on a data leak site. ” concludes Talos. ” Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware IT Education Security

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Group-IB Threat Intelligence team identified hundreds of compromised credentials from Singaporean government agencies and educational institutions over the course of 2017 and 2018. gov.sg/ ), Ministry of Education ( [link] [.] According to Group-IB data, compared to 2017, the number of leaked cards increased in 2018 by 56%.

Sales

Sales Passwords Government Marketing

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

Security Affairs

OCTOBER 13, 2018

One such example from December 2017 named free-mod-menu-download-ps3.exe Organizations with decent web filtering and educated users have a much lower risk of infection by these fake updates. This domain was associated with updaters or installers pushing cryptocurrency miners. exe also shows osdsoft[.]com

File names

File names Education Cloud Risk

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

Google TAG shared indicators of compromise (IoCs) for both campaigns.

Cybersecurity

Cybersecurity Education Risk Security

Expert discovered RoboCent AWS S3 bucket containing US voters’ records exposed online

Security Affairs

JULY 18, 2018

Demographics based on ethnicity, language, education. “We’re a small shop (I’m the only developer) so keeping track of everything can be tough” This isn’t the first case of unsecured Amazon S3 buckets exposed online, in June 2017 DRA firm left 1.1 Age and birth year. ” wrote Diachenko.

Education

Education Sales Cloud Security

Homebuyers Being Targeted by Money Transfer Scam

Security Affairs

SEPTEMBER 21, 2018

After reporting $5 million in loss from Utah residents in 2017 , every citizen is encouraged to take preventive measures to protect themselves from scams. Before purchasing a home, potential buyers would benefit by educating themselves about the latest scams in circulation by criminals. Assessing the Danger.

Passwords

Passwords Education Communications Security

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

Previously seen to be exploited in the wild through 2017 and on-going.” . “Another notable spike to mention is IPS detections related to MVPower CCTV DVR models (CVE-2016-20016) also known as JAWS webserver RCE. ” continues the advisory.

Authentication

Authentication Retail Education Marketing

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In April 2017, security vulnerabilities in the Hyundai Blue Link mobile apps could have allowed hackers to locate, unlock and start vehicles of the carmaker. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Manufacturing Cybersecurity Education

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. The group targeted multiple sectors, including government, defense, energy, transportation/logistics, education, and humanitarian organizations.

Phishing

Phishing Military Ransomware Education

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Archiving

Archiving Education Authentication Ransomware

BlueCharlie changes attack infrastructure in response to reports on its activity

Security Affairs

AUGUST 6, 2023

The APT group has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft. The APT primarily targets NATO countries, but experts also observed campaigns targeting the Baltics, Nordics, and Eastern Europe regions, including Ukraine.

IT

IT Phishing Authentication Education

Exclusive interview with the Powerful Greek Army (PGA) hacker group

Security Affairs

FEBRUARY 3, 2022

Our old Twitter account, which was suspended, had pretty much many attacks on government agencies, corporations, educational institutions, ministries, and many, many other things around the world (which we still do, just on a smaller scale). How were you born and approximately how many you are? Which is your biggest failure?

Education

Education Ransomware Government Access

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

“APT28 has been known to access vulnerable routers by using default and weak SNMP community strings, and by exploiting CVE-2017-6742 (Cisco Bug ID: CSCve54313) as published by Cisco.” UK and US agencies are warning of Russia-linked APT28 group exploiting vulnerabilities in Cisco networking equipment.

Military

Military Access Cybersecurity Education

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The group has continued launching attacks against entities in Southeast Asia, including military, satellite communications, media and educational organizations. This custom-built backdoor has been used since at least January 2017 to achieve persistence on compromised networks.

Military

Military Communications Government Education

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

Between 2017 and 2018, Fxmsp created a network of trusted proxy resellers to promote their breaches on the criminal underground. Attorney Brian T. ” According to BleepingComputer , sources familiar with the case told it that local authorities detained the man in Kazakhstan.

Access

Access Passwords Education Government

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

In April 2017, Symantec security experts who analyzed the alleged CIA hacking tools included in the Vault 7 dump that were involved in attacks aimed at least 40 governments and private organizations across 16 countries.

Government

Government Cybersecurity Education Security

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

Security Affairs

APRIL 10, 2023

MERCURY (aka MuddyWater , SeedWorm and TEMP.Zagros ) has been active since at least 2017, in January 2022 the USCYBERCOM has officially linked the Iran-linked APT group to Iran’s Ministry of Intelligence and Security (MOIS). Threat actors masqueraded the attacks as a standard ransomware operation.

Ransomware

Ransomware File names Access Education

California-based workforce platform Prosperix leaks drivers licenses and medical records

Security Affairs

JUNE 1, 2023

However, the leaky bucket dates back to 2017. Leaks like this put job seekers at risk, so they should educate themselves on how to spot common job search-related scam techniques. Most of the employment authorization documents and driving licenses that were exposed appear to be expired.

Encryption

Encryption Risk Education Phishing

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

SEABORGIUM has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft. The UK agency reported ongoing spear-phishing campaigns carried out by Russia-based group SEABORGIUM and Iran-based group TA453 to gather intelligence on the victims.

Phishing

Phishing Education Passwords Authentication

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

Truebot has been active since 2017 and some researchers linked it to the Russian Silence Group , while a recent investigation linked it to threat actor TA505 (aka Evil Corp). .” The researchers noticed that the domain hosting the tools employed in the attack, windowservicecemter[.]com, com, was registered on April 12, 2023.

Cybersecurity

Cybersecurity Ransomware Education Access

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

The gateway was used to allow external users and its partners, including foreign space agencies, contractors, and educational institutions, to remotely access to a shared environment for specific missions and data. ” the NASA OIG said. In December the U.S.

IT

IT Data breaches Archiving Education

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

In early 2017, Babam confided to another Verified user via private message that he is from Lithuania. com (2017). “These types of grammatical errors are often found among people who did not receive sufficient education at school or if Russian is their second language,” the analysis continues.

Access

Access Ransomware Passwords Sales

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

SEABORGIUM has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft. Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage.

Phishing

Phishing Education Security IT

2.6 billion records exposed in 2,308 disclosed data breaches in H1

Security Affairs

AUGUST 18, 2018

This amazing figure is the result of 2,308 publicly disclosed data breaches, anyway, it represents a drop from 6 billion data records exposed in 2,439 breaches reported for the first half of 2017. After the wild ride of 2017, we became accustomed to seeing a lot of breaches, exposing extraordinary amounts of information.

Data breaches

Data breaches Phishing Risk GDPR

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

Since 2017, the group was observed launching attacks using RTF lure documents with political content related to Vietnam. ” Kaspersky states that 80% of the affected organizations are based in Vietnam and belong to the government or military sector, or are otherwise related to the health, diplomacy, education, or political verticals.

Military

Military Government Phishing Libraries

What a Difference a Year Makes

AIIM

JANUARY 10, 2018

For AIIM, 2017 began with this provocative question: In an Artificial Intelligence world, where deep learning completely shrinks the development time while amping up the computing power, do content management capabilities become irrelevant and obsolete? Intelligent Information Management: defining a new age ” released in September, 2017.

ECM

ECM Digital transformation Customer Experience Analytics

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections: The Teacher – Most Educational Blog The Entertainer – Most Entertaining Blog The Tech Whizz – Best Technical Blog Best Social Media Account to Follow (@securityaffairs) Please nominate Security Affairs as your favorite blog.

Systems administration

Systems administration Military Phishing Government

ECM vs. Content Services vs. Intelligent Information Management

AIIM

JUNE 25, 2020

In recent years, nothing has sparked more controversy in the information management industry than the 2017 Gartner post officially retiring the term “Enterprise Content Management (ECM)” in favor of a new term, content services. Here at AIIM, we’ve been providing independent research, educational training, and certification for over 70 years.

Content services

Content services ECM Analytics Cloud

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe.

Energy and Utilities

Energy and Utilities Education Ransomware IT

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

For example, many Stark address ranges were most recently assigned to a Russian government entity whose full name is the “ Federal State Autonomous Educational Establishment of Additional Professional Education Center of Realization of State Educational Policy and Informational Technologies.”

Cloud

Cloud Education Government Communications

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

The Last Watchdog

AUGUST 22, 2024

22, 2024, CyberNewsWire — INE Security , a global cybersecurity training and certification provider, recently launched initiatives with several higher education institutions in an ongoing campaign to invest in the education of aspiring cybersecurity professionals. Cary, NC, Aug.

Cybersecurity

Cybersecurity Education Security Artificial Intelligence

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

Hunton Privacy

JULY 1, 2020

The sanction was imposed following a data breach that took place between April 2016 and July 2017 that the banking institution notified to the Garante at the end of July 2017.

Data breaches

Data breaches GDPR Personal data Education

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

The WordPress sets only exposed user names and avatar pictures, but all four Siemens WordPress-based subdomains were vulnerable to a flaw that WordPress itself fixed in 2017, leaving researchers wondering whether there are more severe vulnerabilities on these sites.

IoT

IoT Manufacturing Authentication Ransomware

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Merit is an acronym for the Michigan Educational Research Information Triad. The early Cyber Range hubs were mainly used to help educate and certify military technicians and cybersecurity professionals at selected companies. And some 13,160 tech jobs cropped up in 2017, third only to California and Texas.

Cybersecurity

Cybersecurity Military Education Government

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

“As threat actors become increasingly sophisticated and aggressive in their attacks, we are constantly educating employees about new tactics that might be used against them and adopting new security measures to prevent future attacks,” GoDaddy said in a written statement back in 2020.

Phishing

Phishing Passwords Authentication Security

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Librarian Sues Equifax Over 2017 Data Breach, Wins $600

Webinars

Trending Sources

FBI: Compromised US academic credentials available on various cybercrime forums

Webinars

DePriMon downloader uses a never seen installation technique

Iran-Linked Seedworm APT target orgs in the Middle East

Operators behind Dark Caracal are still alive and operational

Law enforcement seized the Genesis Market cybercrime marketplace

No Jail Time for “WannaCry Hero”

Wannacry, the hybrid malware that brought the world to its knees

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Expert discovered RoboCent AWS S3 bucket containing US voters’ records exposed online

Homebuyers Being Targeted by Money Transfer Scam

Fortinet warns of a spike in attacks against TBK DVR devices

Hyundai suffered a data breach that impacted customers in France and Italy

Google TAG warns of Russia-linked APT groups targeting Ukraine

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

BlueCharlie changes attack infrastructure in response to reports on its activity

Exclusive interview with the Powerful Greek Army (PGA) hacker group

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Symantec uncovered the link between China-Linked Thrip and Billbug groups

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Purple Lambert, a new malware of CIA-linked Lambert APT group

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

California-based workforce platform Prosperix leaks drivers licenses and medical records

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Who Is the Network Access Broker ‘Babam’?

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

2.6 billion records exposed in 2,308 disclosed data breaches in H1

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

What a Difference a Year Makes

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

ECM vs. Content Services vs. Intelligent Information Management

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Stark Industries Solutions: An Iron Hammer in the Cloud

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

Siemens Metaverse exposes sensitive corporate data

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

When Low-Tech Hacks Cause High-Impact Breaches

Stay Connected