2017 and Education - Information Management Today

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Access

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. ” reads the alert published by the FBI.

Sales

Sales Education Phishing Passwords

DePriMon downloader uses a never seen installation technique

Security Affairs

NOVEMBER 21, 2019

According to a report published by Symantec in 2017, Longhorn is a North American hacking group that has been active since at least 2011. In 2017, Symantec speculated that at least 40 targets in 16 countries have been compromised by the threat actors. The targets were all located in the Middle East, Europe, Asia, and Africa.

Communications

Communications Encryption Education Authentication

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Iran-Linked Seedworm APT target orgs in the Middle East

Security Affairs

OCTOBER 23, 2020

Also referred to as MuddyWater , MERCURY, and Static Kitten, the cyber-espionage group was initially analyzed in 2017. The first MuddyWater campaign was observed in late 2017, then researchers from Palo Alto Networks were investigating a mysterious wave of attacks in the Middle East.

Ransomware

Ransomware Education Security Government

Operators behind Dark Caracal are still alive and operational

Security Affairs

NOVEMBER 29, 2020

The Bandook was spotted last time in 2015 and 2017 campaigns, dubbed “ Operation Manul ” and “ Dark Caracal “, respectively attributed to Kazakh and the Lebanese governments. Samples from the Dark Caracal campaign (2017) utilized around 100 commands, compared to the current 120 command version we analyzed. ” Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Archiving Education

My (somewhat unreliable) data protection predictions for 2017

Data Protector

DECEMBER 31, 2016

I’ve recently had a quiet year on the blogging front – my professional duties have prevented me from playing a more active role on the Internet during this year than I would have liked, but that is set to change in 2017.

GDPR

GDPR Communications Financial Services Education

Law enforcement seized the Genesis Market cybercrime marketplace

Security Affairs

APRIL 5, 2023

The FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. Law enforcement seized the Genesis Market black marketplace, a platform focused on the sale of stolen credentials, as part of Operation Cookie Monster.

Marketing

Marketing Education Sales Access

No Jail Time for “WannaCry Hero”

Krebs on Security

JULY 29, 2019

Marcus Hutchins , the “accidental hero” who helped arrest the spread of the global WannaCry ransomware outbreak in 2017, will receive no jail time for his admitted role in authoring and selling malware that helped cyberthieves steal online bank account credentials from victims, a federal judge ruled Friday.

Ransomware

Ransomware Education Government Risk

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. Twitter @Slvlombardo.

Computer and Electronics

Computer and Electronics IT e-Discovery Encryption

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Group-IB Threat Intelligence team identified hundreds of compromised credentials from Singaporean government agencies and educational institutions over the course of 2017 and 2018. gov.sg/ ), Ministry of Education ( [link] [.] According to Group-IB data, compared to 2017, the number of leaked cards increased in 2018 by 56%.

Sales

Sales Passwords Government Marketing

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Security Affairs

AUGUST 13, 2021

This group focuses on public school districts and other educational institutions, like other ransomware gangs it implements a double extortion model and publishes data stolen from the victims on a data leak site. ” concludes Talos. ” Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware IT Education Security

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

Security Affairs

OCTOBER 13, 2018

One such example from December 2017 named free-mod-menu-download-ps3.exe Organizations with decent web filtering and educated users have a much lower risk of infection by these fake updates. This domain was associated with updaters or installers pushing cryptocurrency miners. exe also shows osdsoft[.]com

File names

File names Education Cloud Risk

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

Google TAG shared indicators of compromise (IoCs) for both campaigns.

Cybersecurity

Cybersecurity Education Risk Security

Expert discovered RoboCent AWS S3 bucket containing US voters’ records exposed online

Security Affairs

JULY 18, 2018

Demographics based on ethnicity, language, education. “We’re a small shop (I’m the only developer) so keeping track of everything can be tough” This isn’t the first case of unsecured Amazon S3 buckets exposed online, in June 2017 DRA firm left 1.1 Age and birth year. ” wrote Diachenko.

Education

Education Sales Cloud Security

Homebuyers Being Targeted by Money Transfer Scam

Security Affairs

SEPTEMBER 21, 2018

After reporting $5 million in loss from Utah residents in 2017 , every citizen is encouraged to take preventive measures to protect themselves from scams. Before purchasing a home, potential buyers would benefit by educating themselves about the latest scams in circulation by criminals. Assessing the Danger.

Passwords

Passwords Education Communications Security

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

Previously seen to be exploited in the wild through 2017 and on-going.” . “Another notable spike to mention is IPS detections related to MVPower CCTV DVR models (CVE-2016-20016) also known as JAWS webserver RCE. ” continues the advisory.

Authentication

Authentication Retail Education Marketing

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In April 2017, security vulnerabilities in the Hyundai Blue Link mobile apps could have allowed hackers to locate, unlock and start vehicles of the carmaker. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Manufacturing Cybersecurity Education

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. The group targeted multiple sectors, including government, defense, energy, transportation/logistics, education, and humanitarian organizations.

Phishing

Phishing Military Ransomware Education

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Archiving

Archiving Education Authentication Ransomware

BlueCharlie changes attack infrastructure in response to reports on its activity

Security Affairs

AUGUST 6, 2023

The APT group has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft. The APT primarily targets NATO countries, but experts also observed campaigns targeting the Baltics, Nordics, and Eastern Europe regions, including Ukraine.

IT

IT Phishing Authentication Education

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

“APT28 has been known to access vulnerable routers by using default and weak SNMP community strings, and by exploiting CVE-2017-6742 (Cisco Bug ID: CSCve54313) as published by Cisco.” UK and US agencies are warning of Russia-linked APT28 group exploiting vulnerabilities in Cisco networking equipment.

Military

Military Access Cybersecurity Education

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The group has continued launching attacks against entities in Southeast Asia, including military, satellite communications, media and educational organizations. This custom-built backdoor has been used since at least January 2017 to achieve persistence on compromised networks.

Military

Military Communications Government Education

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

Security Affairs

APRIL 10, 2023

MERCURY (aka MuddyWater , SeedWorm and TEMP.Zagros ) has been active since at least 2017, in January 2022 the USCYBERCOM has officially linked the Iran-linked APT group to Iran’s Ministry of Intelligence and Security (MOIS). Threat actors masqueraded the attacks as a standard ransomware operation.

Ransomware

Ransomware File names Access Education

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

SEABORGIUM has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft. The UK agency reported ongoing spear-phishing campaigns carried out by Russia-based group SEABORGIUM and Iran-based group TA453 to gather intelligence on the victims.

Phishing

Phishing Education Passwords Authentication

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

Truebot has been active since 2017 and some researchers linked it to the Russian Silence Group , while a recent investigation linked it to threat actor TA505 (aka Evil Corp). .” The researchers noticed that the domain hosting the tools employed in the attack, windowservicecemter[.]com, com, was registered on April 12, 2023.

Cybersecurity

Cybersecurity Ransomware Education Access

North Korea-linked TA444 group turns to credential harvesting activity

Security Affairs

JANUARY 25, 2023

According to Proofpoint the group is targeting cryptocurrencies since at least 2017. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, it has been active since at least 2014 and it has been observed targeting over 16 organizations across 11 countries. ” continues the report.

Blockchain

Blockchain Phishing Education Government

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

The gateway was used to allow external users and its partners, including foreign space agencies, contractors, and educational institutions, to remotely access to a shared environment for specific missions and data. ” the NASA OIG said. In December the U.S.

IT

IT Data breaches Archiving Education

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

Between 2017 and 2018, Fxmsp created a network of trusted proxy resellers to promote their breaches on the criminal underground. Attorney Brian T. ” According to BleepingComputer , sources familiar with the case told it that local authorities detained the man in Kazakhstan.

Access

Access Passwords Education Government

What a Difference a Year Makes

AIIM

JANUARY 10, 2018

For AIIM, 2017 began with this provocative question: In an Artificial Intelligence world, where deep learning completely shrinks the development time while amping up the computing power, do content management capabilities become irrelevant and obsolete? Intelligent Information Management: defining a new age ” released in September, 2017.

ECM

ECM Digital transformation Customer Experience Analytics

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

In April 2017, Symantec security experts who analyzed the alleged CIA hacking tools included in the Vault 7 dump that were involved in attacks aimed at least 40 governments and private organizations across 16 countries.

Government

Government Cybersecurity Education Security

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

In early 2017, Babam confided to another Verified user via private message that he is from Lithuania. com (2017). “These types of grammatical errors are often found among people who did not receive sufficient education at school or if Russian is their second language,” the analysis continues.

Access

Access Ransomware Passwords Sales

2.6 billion records exposed in 2,308 disclosed data breaches in H1

Security Affairs

AUGUST 18, 2018

This amazing figure is the result of 2,308 publicly disclosed data breaches, anyway, it represents a drop from 6 billion data records exposed in 2,439 breaches reported for the first half of 2017. After the wild ride of 2017, we became accustomed to seeing a lot of breaches, exposing extraordinary amounts of information.

Data breaches

Data breaches Phishing Risk GDPR

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections: The Teacher – Most Educational Blog The Entertainer – Most Entertaining Blog The Tech Whizz – Best Technical Blog Best Social Media Account to Follow (@securityaffairs) Please nominate Security Affairs as your favorite blog.

Systems administration

Systems administration Military Phishing Government

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

Since 2017, the group was observed launching attacks using RTF lure documents with political content related to Vietnam. ” Kaspersky states that 80% of the affected organizations are based in Vietnam and belong to the government or military sector, or are otherwise related to the health, diplomacy, education, or political verticals.

Military

Military Government Phishing Libraries

ECM vs. Content Services vs. Intelligent Information Management

AIIM

JUNE 25, 2020

In recent years, nothing has sparked more controversy in the information management industry than the 2017 Gartner post officially retiring the term “Enterprise Content Management (ECM)” in favor of a new term, content services. Here at AIIM, we’ve been providing independent research, educational training, and certification for over 70 years.

Content services

Content services ECM Analytics Cloud

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe.

Energy and Utilities

Energy and Utilities Education Ransomware IT

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

For example, many Stark address ranges were most recently assigned to a Russian government entity whose full name is the “ Federal State Autonomous Educational Establishment of Additional Professional Education Center of Realization of State Educational Policy and Informational Technologies.”

Cloud

Cloud Education Government Communications

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

The Last Watchdog

AUGUST 22, 2024

22, 2024, CyberNewsWire — INE Security , a global cybersecurity training and certification provider, recently launched initiatives with several higher education institutions in an ongoing campaign to invest in the education of aspiring cybersecurity professionals. Cary, NC, Aug.

Cybersecurity

Cybersecurity Education Security Artificial Intelligence

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

Hunton Privacy

JULY 1, 2020

The sanction was imposed following a data breach that took place between April 2016 and July 2017 that the banking institution notified to the Garante at the end of July 2017.

Data breaches

Data breaches GDPR Personal data Education

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

The WordPress sets only exposed user names and avatar pictures, but all four Siemens WordPress-based subdomains were vulnerable to a flaw that WordPress itself fixed in 2017, leaving researchers wondering whether there are more severe vulnerabilities on these sites.

IoT

IoT Manufacturing Authentication Ransomware

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Merit is an acronym for the Michigan Educational Research Information Triad. The early Cyber Range hubs were mainly used to help educate and certify military technicians and cybersecurity professionals at selected companies. And some 13,160 tech jobs cropped up in 2017, third only to California and Texas.

Cybersecurity

Cybersecurity Military Education Government

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

“As threat actors become increasingly sophisticated and aggressive in their attacks, we are constantly educating employees about new tactics that might be used against them and adopting new security measures to prevent future attacks,” GoDaddy said in a written statement back in 2020.

Phishing

Phishing Passwords Authentication Security

[Podcast] Supporting Women in Information Management

AIIM

AUGUST 2, 2018

Since its inception at The AIIM Conference in 2017, the WIIM program's purpose has been to advance women in information management by providing an online community to foster leadership, mentoring, advocacy, networking, industry education, and professional development. But, don't just take my word for it.

Libraries

Libraries Education Access IT

The Sheriffs are in Town: Recent Developments in Initial Coin Offerings (ICO) Enforcement and Investor Education

Data Matters

SEPTEMBER 11, 2018

According to the SEC’s order, Tomahawk Exploration LLC (Tomahawk or Company) and its founder attempted to raise money for its oil and gas exploration business through the offer and sale of blockchain tokens called “Tomahawkcoins” from July through September 2017. Conclusion.

Education

Education Blockchain Sales Mining

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

FBI: Compromised US academic credentials available on various cybercrime forums

Webinars

Trending Sources

DePriMon downloader uses a never seen installation technique

Webinars

Iran-Linked Seedworm APT target orgs in the Middle East

Operators behind Dark Caracal are still alive and operational

My (somewhat unreliable) data protection predictions for 2017

Law enforcement seized the Genesis Market cybercrime marketplace

No Jail Time for “WannaCry Hero”

Wannacry, the hybrid malware that brought the world to its knees

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Expert discovered RoboCent AWS S3 bucket containing US voters’ records exposed online

Homebuyers Being Targeted by Money Transfer Scam

Fortinet warns of a spike in attacks against TBK DVR devices

Hyundai suffered a data breach that impacted customers in France and Italy

Google TAG warns of Russia-linked APT groups targeting Ukraine

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

BlueCharlie changes attack infrastructure in response to reports on its activity

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

North Korea-linked TA444 group turns to credential harvesting activity

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

DOJ indicts Fxmsp hacker for selling access to hacked businesses

What a Difference a Year Makes

Purple Lambert, a new malware of CIA-linked Lambert APT group

Who Is the Network Access Broker ‘Babam’?

2.6 billion records exposed in 2,308 disclosed data breaches in H1

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

ECM vs. Content Services vs. Intelligent Information Management

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Stark Industries Solutions: An Iron Hammer in the Cloud

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

Siemens Metaverse exposes sensitive corporate data

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

When Low-Tech Hacks Cause High-Impact Breaches

[Podcast] Supporting Women in Information Management

The Sheriffs are in Town: Recent Developments in Initial Coin Offerings (ICO) Enforcement and Investor Education

Stay Connected