2017, Education and Security - Information Management Today

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Access

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. ” reads the alert published by the FBI. To nominate, please visit:?.

Sales

Sales Education Phishing Passwords

DePriMon downloader uses a never seen installation technique

Security Affairs

NOVEMBER 21, 2019

According to a report published by Symantec in 2017, Longhorn is a North American hacking group that has been active since at least 2011. In 2017, Symantec speculated that at least 40 targets in 16 countries have been compromised by the threat actors. The targets were all located in the Middle East, Europe, Asia, and Africa.

Communications

Communications Encryption Education Authentication

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Iran-Linked Seedworm APT target orgs in the Middle East

Security Affairs

OCTOBER 23, 2020

Security experts pointed out that the threat actor started conducting destructive attacks. Also referred to as MuddyWater , MERCURY, and Static Kitten, the cyber-espionage group was initially analyzed in 2017. According to security firm ClearSky and Symantec, Seedworm recently started using a new downloader dubbed PowGoop.

Ransomware

Ransomware Education Security Government

Operators behind Dark Caracal are still alive and operational

Security Affairs

NOVEMBER 29, 2020

The Bandook was spotted last time in 2015 and 2017 campaigns, dubbed “ Operation Manul ” and “ Dark Caracal “, respectively attributed to Kazakh and the Lebanese governments. Samples from the Dark Caracal campaign (2017) utilized around 100 commands, compared to the current 120 command version we analyzed. ” Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Archiving Education

Law enforcement seized the Genesis Market cybercrime marketplace

Security Affairs

APRIL 5, 2023

The FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. Law enforcement seized the Genesis Market black marketplace, a platform focused on the sale of stolen credentials, as part of Operation Cookie Monster.

Marketing

Marketing Education Sales Access

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Security Affairs

AUGUST 13, 2021

Microsoft issued security updates, between June and August, to address the above issues, it also implemented the same changes to the default Point and Print default behavior. reads the security advisory published by Microsoft. A local attacker could exploit the vulnerability to gain SYSTEM privileges on vulnerable systems.

Ransomware

Ransomware IT Education Security

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. What should we learn from this?

Computer and Electronics

Computer and Electronics IT e-Discovery Encryption

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

Security Affairs

OCTOBER 13, 2018

Security experts from Palo Alto Networks warn of fake Adobe Flash update hiding a miner that works as legitimate update and really update the software. One such example from December 2017 named free-mod-menu-download-ps3.exe Security Affairs – fake Adobe Flash update, hacking ). exe also shows osdsoft[.]com

File names

File names Education Cloud Risk

No Jail Time for “WannaCry Hero”

Krebs on Security

JULY 29, 2019

Marcus Hutchins , the “accidental hero” who helped arrest the spread of the global WannaCry ransomware outbreak in 2017, will receive no jail time for his admitted role in authoring and selling malware that helped cyberthieves steal online bank account credentials from victims, a federal judge ruled Friday.

Ransomware

Ransomware Education Government Risk

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog. CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. CISA orders federal agencies to fix this flaw by April 20, 2023.

Cybersecurity

Cybersecurity Education Risk Security

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

The attackers exploited a Raspberry Pi device that was connected to the IT network of the NASA Jet Propulsion Laboratory (JPL) without authorization or implementing proper security measures. The Technology Security Database (ITSDB) is a web-based application used to track and manage physical assets and applications on its network.

IT

IT Data breaches Archiving Education

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

At this time, the vendor has yet to release security patches to address the flaw. In April 2018, security researcher Fernandez Ezequiel published proof-of-concept (PoC) code for this vulnerability. Previously seen to be exploited in the wild through 2017 and on-going.” in MVPower CCTV DVR models.

Authentication

Authentication Retail Education Marketing

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In April 2017, security vulnerabilities in the Hyundai Blue Link mobile apps could have allowed hackers to locate, unlock and start vehicles of the carmaker. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Manufacturing Cybersecurity Education

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

In April 2017, Symantec security experts who analyzed the alleged CIA hacking tools included in the Vault 7 dump that were involved in attacks aimed at least 40 governments and private organizations across 16 countries. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Government

Government Cybersecurity Education Security

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

The Last Watchdog

AUGUST 22, 2024

22, 2024, CyberNewsWire — INE Security , a global cybersecurity training and certification provider, recently launched initiatives with several higher education institutions in an ongoing campaign to invest in the education of aspiring cybersecurity professionals. Cary, NC, Aug.

Cybersecurity

Cybersecurity Education Security Artificial Intelligence

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

Security Affairs

APRIL 10, 2023

MERCURY (aka MuddyWater , SeedWorm and TEMP.Zagros ) has been active since at least 2017, in January 2022 the USCYBERCOM has officially linked the Iran-linked APT group to Iran’s Ministry of Intelligence and Security (MOIS). The attackers were able to interfere with security tools using Group Policy Objects (GPO).

Ransomware

Ransomware File names Access Education

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. ” reads the joint advisory.

Military

Military Access Cybersecurity Education

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

The company received two vulnerability reports from the cybersecurity firm Trend Micro ) for high/critical severity security issues in PaperCut MF/NG. Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities Catalog. ” reads the advisory published by PaperCut. Last week, the U.S.

Cybersecurity

Cybersecurity Ransomware Education Access

Homebuyers Being Targeted by Money Transfer Scam

Security Affairs

SEPTEMBER 21, 2018

After reporting $5 million in loss from Utah residents in 2017 , every citizen is encouraged to take preventive measures to protect themselves from scams. No security is 100 percent reliable. Before purchasing a home, potential buyers would benefit by educating themselves about the latest scams in circulation by criminals.

Passwords

Passwords Education Communications Security

Expert discovered RoboCent AWS S3 bucket containing US voters’ records exposed online

Security Affairs

JULY 18, 2018

A security researcher has discovered that the US political robocall firm RoboCent exposed personal details of hundreds of thousands of US voters. The researcher Bob Diachenko from Kromtech Security discovered the company database exposed online. Demographics based on ethnicity, language, education. Age and birth year.

Education

Education Sales Cloud Security

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. The group targeted multiple sectors, including government, defense, energy, transportation/logistics, education, and humanitarian organizations. ” concludes the report.

Phishing

Phishing Military Ransomware Education

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. Group-IB Threat Intelligence team identified hundreds of compromised credentials from Singaporean government agencies and educational institutions over the course of 2017 and 2018.

Sales

Sales Passwords Government Marketing

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Archiving

Archiving Education Authentication Ransomware

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals.

Phishing

Phishing Education Passwords Authentication

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

Experts at Symantec first exposed the activity of the Chinese-linked APT Thrip in 2018, now the security firm confirms that cyber espionage group has continued to carry out attacks in South East Asia. This custom-built backdoor has been used since at least January 2017 to achieve persistence on compromised networks. Pierluigi Paganini.

Military

Military Communications Government Education

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Systems administration

Systems administration Military Phishing Government

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

Between 2017 and 2018, Fxmsp created a network of trusted proxy resellers to promote their breaches on the criminal underground. In 2019, Fxmsp confirmed to have breached the networks of some security companies and to have obtained long-term access. Attorney Brian T. Pierluigi Paganini. SecurityAffairs – hacking, Fxmsp).

Access

Access Passwords Education Government

BlueCharlie changes attack infrastructure in response to reports on its activity

Security Affairs

AUGUST 6, 2023

The APT group has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft. The APT primarily targets NATO countries, but experts also observed campaigns targeting the Baltics, Nordics, and Eastern Europe regions, including Ukraine.

IT

IT Phishing Authentication Education

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

Since 2017, the group was observed launching attacks using RTF lure documents with political content related to Vietnam. The former collects environment information from the victim machine and sends it to DropBox, the latter runs code to evade detection by security products. Follow me on Twitter: @securityaffairs and Facebook.

Military

Military Government Phishing Libraries

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

In reality, the caller had just tricked a GoDaddy employee into giving away their credentials, and he could see from the employee’s account that Escrow.com required a specific security procedure to complete a domain transfer. One multifactor option — physical security keys — appears to be immune to these advanced scams.

Phishing

Phishing Passwords Authentication Security

2.6 billion records exposed in 2,308 disclosed data breaches in H1

Security Affairs

AUGUST 18, 2018

According to a report from cyber threat intelligence firm Risk Based Security some 2.6. According to a new report titled “ Mid-Year 2018 Data Breach QuickView ” published by the cyber threat intelligence company Risk Based Security some 2.6. billion data records have been exposed in data breached in the first half of 2018. The post 2.6

Data breaches

Data breaches Phishing Risk GDPR

North Korea-linked TA444 group turns to credential harvesting activity

Security Affairs

JANUARY 25, 2023

According to Proofpoint the group is targeting cryptocurrencies since at least 2017. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, it has been active since at least 2014 and it has been observed targeting over 16 organizations across 11 countries. ” continues the report.

Blockchain

Blockchain Phishing Education Government

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe.

Energy and Utilities

Energy and Utilities Education Ransomware IT

SHARED INTEL: Mobile apps are riddled with security flaws, many of which go unremediated

The Last Watchdog

SEPTEMBER 4, 2019

Some fresh evidence of this encouraging trend comes to us by way of shared intelligence from WhiteHat Security. Based on 17 million application security scans carried out in 2018, WhiteHat found a 20% increase in vulnerabilities found in the applications that organizations tested for security flaws.

Security

Security Customer Experience Access Security awareness

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

The WordPress sets only exposed user names and avatar pictures, but all four Siemens WordPress-based subdomains were vulnerable to a flaw that WordPress itself fixed in 2017, leaving researchers wondering whether there are more severe vulnerabilities on these sites.

IoT

IoT Manufacturing Authentication Ransomware

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

A report from the security firm Team Cymru found the DDoS attack infrastructure used in NoName campaigns is assigned to two interlinked hosting providers: MIRhosting and Stark Industries. The agency traces its origins to the USSR’s Ninth Directorate of the KGB, and later the presidential security service. Image: SentinelOne.com.

Cloud

Cloud Education Government Communications

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

In early 2017, Babam confided to another Verified user via private message that he is from Lithuania. com (2017). “These types of grammatical errors are often found among people who did not receive sufficient education at school or if Russian is their second language,” the analysis continues.

Access

Access Ransomware Passwords Sales

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

Hunton Privacy

JULY 1, 2020

The sanction was imposed following a data breach that took place between April 2016 and July 2017 that the banking institution notified to the Garante at the end of July 2017.

Data breaches

Data breaches GDPR Personal data Education

News Alert: INE Security enables CISOs to secure board support for cybersecurity training

The Last Watchdog

MAY 28, 2024

Cary, NC, May 28, 2024, CyberNewsWire — If there is a single theme circulating among Chief Information Security Officers (CISOs) right now, it is the question of how to get stakeholders on board with more robust cybersecurity training protocols. Human error remains one of the leading causes of security breaches.

Cybersecurity

Cybersecurity Security Data breaches Cloud

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Snyder says his experience as head of Gateway Computers and as an investor in tech security startups, prior to entering politics, gave him an awareness of why putting Michigan ahead of the curve, dealing with cyber threats, would be vital. “I Merit is an acronym for the Michigan Educational Research Information Triad.

Cybersecurity

Cybersecurity Military Education Government

Law firms report increase in staff-related security incidents

IT Governance

MAY 14, 2019

Staff can jeopardise a firm’s security with a single moment of carelessness. 2018 saw a significant rise in the number of law firms reporting security incidents concerning their own staff, up from 33% in 2017 to 46% in 2018 according to research by PwC. Look closer to home – insider threats.

Security

Security Education Phishing GDPR

Microsoft says Russian hackers continue targeting 2018 midterm elections

Security Affairs

AUGUST 21, 2018

Taken together, this pattern mirrors the type of activity we saw prior to the 2016 election in the United States and the 2017 election in France.” When verifiable threats are detected, Microsoft will provide personal and expedited recommendations to campaigns and campaign staff to secure their systems. Pierluigi Paganini.

Military

Military Education Phishing Authentication

FTC Releases 2017 Privacy and Data Security Update

Hunton Privacy

JANUARY 22, 2018

On January 18, 2018, the Federal Trade Commission (“FTC”) released its 2017 Privacy & Data Security Update (the “Report”).

Privacy

Privacy Security Education IT

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

FBI: Compromised US academic credentials available on various cybercrime forums

Webinars

Trending Sources

DePriMon downloader uses a never seen installation technique

Webinars

Iran-Linked Seedworm APT target orgs in the Middle East

Operators behind Dark Caracal are still alive and operational

Law enforcement seized the Genesis Market cybercrime marketplace

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Wannacry, the hybrid malware that brought the world to its knees

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

No Jail Time for “WannaCry Hero”

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Fortinet warns of a spike in attacks against TBK DVR devices

Hyundai suffered a data breach that impacted customers in France and Italy

Purple Lambert, a new malware of CIA-linked Lambert APT group

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Homebuyers Being Targeted by Money Transfer Scam

Expert discovered RoboCent AWS S3 bucket containing US voters’ records exposed online

Google TAG warns of Russia-linked APT groups targeting Ukraine

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

DOJ indicts Fxmsp hacker for selling access to hacked businesses

BlueCharlie changes attack infrastructure in response to reports on its activity

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

When Low-Tech Hacks Cause High-Impact Breaches

2.6 billion records exposed in 2,308 disclosed data breaches in H1

North Korea-linked TA444 group turns to credential harvesting activity

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

SHARED INTEL: Mobile apps are riddled with security flaws, many of which go unremediated

Siemens Metaverse exposes sensitive corporate data

Stark Industries Solutions: An Iron Hammer in the Cloud

Who Is the Network Access Broker ‘Babam’?

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

News Alert: INE Security enables CISOs to secure board support for cybersecurity training

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

Law firms report increase in staff-related security incidents

Microsoft says Russian hackers continue targeting 2018 midterm elections

FTC Releases 2017 Privacy and Data Security Update

Stay Connected