2018, Education and Security - Information Management Today

CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild

Security Affairs

NOVEMBER 11, 2018

CVE-2018-15961) affecting the Adobe ColdFusion has been exploited in the wild. Security experts from Volexity reported that attackers in the wild are exploiting a recently patched remote code execution vulnerability affecting the Adobe ColdFusion. Experts at Volexity discovered that a recently patched remote code execution flaw.

Education

Education Authentication Security Government

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

MARCH 28, 2019

The vulnerability, tracked as CVE-2018-20250, was discovered by experts at Check Point in February, it could allow an attacker to gain control of the target system. This campaign was carried out by threat actors impersonating an educational accreditation council to hit users in the United States. Pierluigi Paganini.

Archiving

Archiving File names Education Libraries

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. The number of leaked cards increased in 2018 by 56%. The total underground market value of Singaporean banks’ cards compromised in 2018 is estimated at nearly $640 000.

Sales

Sales Passwords Government Marketing

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Georgia Tech security breach exposed up to 1.3 million individuals

Security Affairs

APRIL 3, 2019

The Georgia Institute of Technology (Georgia Tech) announced to have suffered a security breach, “an unknown outside entity” had access to data of up to 1.3 Exposed data includes names, addresses, social security numbers, dates of birth, and internal identification numbers of up to 1.3 million people. million individuals.

Security

Security Data breaches Access Education

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Guy Fawkes Day, November 5th 2018 – LulzSec Italy announced credit a string of hacks and leaks targeting numerous systems and websites across Italy. In celebration of Guy Fawkes Day, November 5th 2018, LulzSec Italy announced credit for a massive string of hacks and leaks targeting numerous systems and websites across Italy.

Passwords

Passwords Archiving Mining Education

UK Research and Innovation (UKRI) discloses ransomware attack

Security Affairs

JANUARY 30, 2021

At the time of writing, it is not clear if threat actors exfiltrated data from the UK agency that reported the incident to the National Crime Agency, the National Cyber Security Centre and Information Commissioner’s Office. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Ransomware

Ransomware Education Personal data Encryption

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

APRIL 1, 2020

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet , tracked as Vollgar botnet , that is targeting MSSQL databases since 2018. ” reads the analysis published by Guardicore.

Mining

Mining Passwords Education Cybersecurity

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices. The CVE-2018-9995 flaw is due to an error when handling a maliciously crafted HTTP cookie. At this time, the vendor has yet to release security patches to address the flaw.

Authentication

Authentication Retail Education Marketing

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Security Affairs

FEBRUARY 24, 2020

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. The global median dwell time (the number of days an attacker remains undetected on the victim’s network) has continued to drop, from 78 days in 2018 to 56 days in 2019.

Data breaches

Data breaches GDPR Education Cybersecurity

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) revealed that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data.

Government

Government Passwords Access Cybersecurity

Shade Ransomware gang shut down operations and releases 750K decryption keys

Security Affairs

APRIL 27, 2020

The Shade infections increased during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size. Moth of the victims belongs to high-tech, wholesale and education sectors. Pierluigi Paganini.

Ransomware

Ransomware File names Education Encryption

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

With this, they deceived the employees of phone stores to obtain duplicate SIM cards and, in this way, have access to the bank’s security confirmation messages. In this way they could operate in online banking and access bank accounts to empty them after receiving security confirmation messages from the banks.”

Passwords

Passwords Authentication Access Retail

American Bar Association (ABA) suffered a data breach,1.4 million members impacted

Security Affairs

APRIL 21, 2023

The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018. The security breach was detected on March 17, 2003 and according to the company the intrusion begun on or about March 6, 2023. million members impacted appeared first on Security Affairs.

Data breaches

Data breaches Passwords Education Cybersecurity

‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals

Security Affairs

NOVEMBER 1, 2018

Security experts from Cisco Talos have uncovered two recent sextortion scam campaigns that appear to leverage on the Necurs botnet infrastructure. 30, 2018 through Oct. 26, 2018 — 58 days’ worth of spam.” Security Affairs – sextortion, cybercrime). ” reads the analysis published by Talos.

Data breaches

Data breaches Education Archiving Phishing

British Council exposed 144,000 files containing student details?

Security Affairs

FEBRUARY 1, 2022

The British Council is a British organisation specialising in international cultural and educational opportunities. It operates in over 100 countries: promoting a wider knowledge of the United Kingdom and the English language; encouraging cultural, scientific, technological and educational co-operation with the United Kingdom.

Education

Education Phishing GDPR Passwords

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. According to a report published by the NASA Office of Inspector General, hackers breached the Agency’s network in April 2018 and remained undetected for nearly a year.

IT

IT Data breaches Archiving Education

Researcher published PoC exploit for Ghostscript zero-day

Security Affairs

SEPTEMBER 7, 2021

Security researcher Nguyen The Duc published on GitHub the proof-of-concept exploit code for a Ghostscript zero-day vulnerability. ” wrote the expert that added that his PoC was created only for educational purposes and cannot be used for law violation or personal gain. Here're slides from my talk at ZeroNights X!

Libraries

Libraries Education Security IT

Russian national sentenced to time served for committing money laundering for the Ryuk ransomware operation

Security Affairs

APRIL 19, 2023

According to the indictment, between at least August 2018 and August 2021, Dubnikov and his co-conspirators are alleged to have knowingly and intentionally laundered the proceeds of ransomware attacks on individuals and organizations throughout the United States and abroad.” On February 7, 2023, Dubnikov pleaded guilty in the U.S.

Ransomware

Ransomware Education Cybersecurity Security

GUEST ESSAY: Can Apple’s pricey ‘Business Essentials’ truly help SMBs secure their endpoints?

The Last Watchdog

FEBRUARY 8, 2022

While each of them has its distinguishing features, Apple’s privacy and security are what makes it the typical enterprise’s pick. All this happens while promising cloud backup, prioritized support, and secure data storage. Related: Co ok vs. Zuckerberg on privacy. Apple eyes SMBs.

MDM

MDM Security Marketing Privacy

CarsBlues Bluetooth attack Affects tens of millions of vehicles

Security Affairs

NOVEMBER 18, 2018

The CarsBlues attack leverages security flaws in the infotainment systems installed in several types of vehicles via Bluetooth to access user PII. The CarsBlues attack leverages security flaws in the infotainment systems installed in several types of vehicles via Bluetooth, it affects users who have synced their smartphone to their cars.

Manufacturing

Manufacturing Privacy Education Personal data

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

Experts at Symantec first exposed the activity of the Chinese-linked APT Thrip in 2018, now the security firm confirms that cyber espionage group has continued to carry out attacks in South East Asia. Security experts at Symantec speculate that Thrip is a sub-group of Billbug. ” continues the report. Pierluigi Paganini.

Military

Military Communications Government Education

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

Security Affairs

OCTOBER 13, 2018

Security experts from Palo Alto Networks warn of fake Adobe Flash update hiding a miner that works as legitimate update and really update the software. As early as August 2018, some samples impersonating Flash updates have borrowed pop-up notifications from the official Adobe installer.” Pierluigi Paganini. Pierluigi Paganini.

File names

File names Education Cloud Risk

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

Hunton Privacy

NOVEMBER 7, 2022

On November 2, 2022, the ICO issued to the UK Department for Education (“ DfE ”) a formal reprimand following an investigation into the sharing of personal data stored on the Learning Records Service (“ LRS ”), a database which provides a record of pupils’ qualifications that the DfE has overall responsibility for.

Education

Education Personal data Access IT

Trial Ends in Guilty Verdict for DDoS-for-Hire Boss

Krebs on Security

SEPTEMBER 16, 2021

man charged in 2018 with operating two online services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against Internet users and websites. 2018 , when the FBI joined with law enforcement partners overseas to seize 15 different booter service domains. Charles, Ill.

Education

Education Government Marketing IT

FBI seized 48 domains linked to DDoS-for-Hire service platforms

Security Affairs

DECEMBER 15, 2022

The services were involved in attacks against millions of individuals and organizations in multiple industries, including educational institutions, government agencies, and gaming platforms. In December 2018, the FBI seized other 15 domains associated with DDoS-for-hire services, the U.S. com, ragebooter(.)com, com, downthem(.)org

Education

Education Communications Government Access

Authorities dismantled the card-checking platform Try2Check

Security Affairs

MAY 3, 2023

Over a nine-month period in 2018, the site performed at least 16 million checks, and over a 13-month period beginning in September 2021, the site performed at least 17 million checks.” ” reads the press release published by the DoJ. ” The indictment is the result of a law enforcement operation conducted by the U.S.

Education

Education Cybersecurity Government Security

0x20k of Ghost Squad Hackers Releases ODay Exploit Targeting Apache Hadoop

Security Affairs

NOVEMBER 1, 2018

In direct response to the publication of Radware’s analysis of the new discovery of the DemonBot malware strain effecting Hadoop clusters earlier the week, October 25th, 2018, 0x20k of Ghost Squad Hackers has released the full source code of the 0day exploit used to build his newest model; the FICORA Botnet.

e-Discovery

e-Discovery Passwords Security Education

The Problem With the Small Business Cybersecurity Assistance Act

Security Affairs

JULY 18, 2019

The Small Business Cybersecurity Assistance Act may provide business owners with access to government-level tools to secure small business against attacks. had almost 140,000 Starbucks locations in 2018, despite the company employing under 200,000 people that year. What Does the SBCAA Seek to Accomplish? state and territory.

Cybersecurity

Cybersecurity Education Government Risk

FIN12 ransomware gang don’t implement double extortion to prioritize speed

Security Affairs

OCTOBER 7, 2021

Researchers from Mandiant published a detailed report on the activities of a financially motivated ransomware group tracked as FIN12 that has been active since at least October 2018. The post FIN12 ransomware gang don’t implement double extortion to prioritize speed appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Encryption Education Risk

2.6 billion records exposed in 2,308 disclosed data breaches in H1

Security Affairs

AUGUST 18, 2018

According to a report from cyber threat intelligence firm Risk Based Security some 2.6. billion data records have been exposed in data breached in the first half of 2018. According to a new report titled “ Mid-Year 2018 Data Breach QuickView ” published by the cyber threat intelligence company Risk Based Security some 2.6.

Data breaches

Data breaches Phishing Risk GDPR

North Korea-linked TA406 cyberespionage group activity in 2021

Security Affairs

NOVEMBER 19, 2021

Since 2018, Proofpoint researchers tracked the activity associated with TA406 as three distinct threat actors, namely TA406, TA408 and TA427. Since the beginning of 2021, the TA406 group has carried out multiple credential theft campaigns targeting research, education, government, media and other organizations. Pierluigi Paganini.

Government

Government Education Phishing IT

Iran-Linked Seedworm APT target orgs in the Middle East

Security Affairs

OCTOBER 23, 2020

Security experts pointed out that the threat actor started conducting destructive attacks. In September 2018, experts from Symantec found evidence of Seedworm and the espionage group APT28 on a computer in the Brazil-based embassy of an oil-producing nation. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Education Security Government

T-Mobile suffered the second data breach in 2023

Security Affairs

MAY 1, 2023

The security breach impacted a limited number of customers, only 836 individuals. The carrier states that personal financial account information and call records were not affected by the security breach. Below is the list of previous incidents suffered by T-Mobile: In August 2021, a security breach impacted 54 million customers.

Data breaches

Data breaches Access Education Government

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

Our online security team has uncovered a massive data breach originating from a misconfigured Amazon Bucket, which was operated by a Turkish Legal advising company, INOVA YÖNETIM & AKTÜERYAL DANI? While Amazon offers the necessary tools to secure their services, Inova has not implemented these measures properly. What’s Going On?

Data breaches

Data breaches Insurance Paper Access

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

The security officials told lawmakers that the ministry’s investigation has been triggered by an energy management component from Huawei, two lawmakers present at the briefing who spoke under the condition of anonymity told POLITICO. . ” reported POLITICO. “Berlin has previously been criticized over its stance by U.S.

Government

Government Communications Risk Cybersecurity

SILENTFADE a long-running malware campaign targeted Facebook AD platform

Security Affairs

OCTOBER 3, 2020

Facebook spotted the campaign in December 2018 when noticed a surge in suspicious traffic across a number of Facebook endpoints. Only through user education and strong partnerships across the security industry will we measure the scale of malicious campaigns and effectively respond to them.”. Pierluigi Paganini.

Healthcare

Healthcare Paper Authentication Metadata

New ‘PyXie’ Python RAT targets multiple industries

Security Affairs

DECEMBER 9, 2019

PyXie has been first observed in the wild in 2018, but it was underestimated by cybersecurity firms. “Analysts have observed evidence of the threat actors attempting to deliver ransomware to the healthcare and education industries with PyXie.” ” reads the analysis published by Cylance. Pierluigi Paganini.

Education

Education Encryption Ransomware Communications

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

Between 2017 and 2018, Fxmsp created a network of trusted proxy resellers to promote their breaches on the criminal underground. In 2019, Fxmsp confirmed to have breached the networks of some security companies and to have obtained long-term access. Attorney Brian T. Pierluigi Paganini. SecurityAffairs – hacking, Fxmsp).

Access

Access Passwords Education Government

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

ARCHIPELAGO “browser-in-the-browser” phishing page The ARCHIPELAGO group has shifted its phishing tactics over time to avoid detection, the attackers use phishing messages posing as Google account security alerts. The threat actor employed malware like BabyShark that were hosted on Google Drive in the form of blank files or ISO image files.

Phishing

Phishing Passwords Military Education

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

In 2018, the cyberespionage group targeted once again Vietnam running a spear-phishing campaign that uses weaponized documents featuring Vietnamese-language lures and themes. The former collects environment information from the victim machine and sends it to DropBox, the latter runs code to evade detection by security products.

Military

Military Government Phishing Libraries

SHARED INTEL: Mobile apps are riddled with security flaws, many of which go unremediated

The Last Watchdog

SEPTEMBER 4, 2019

Some fresh evidence of this encouraging trend comes to us by way of shared intelligence from WhiteHat Security. Based on 17 million application security scans carried out in 2018, WhiteHat found a 20% increase in vulnerabilities found in the applications that organizations tested for security flaws.

Security

Security Customer Experience Access Security awareness

Six Charged in Mass Takedown of DDoS-for-Hire Sites

Krebs on Security

DECEMBER 14, 2022

million attacks between 2018 and 2022, and attracted some 50,000 registered users. million attacks between 2018 and 2022. Colon is suspected of running the booter service securityteam[.]io. He was also charged with conspiracy and CFAA violations. The feds say the SecurityTeam stresser service conducted 1.3 astrostress[.]com.

Computer and Electronics

Computer and Electronics Education IT Risk

Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs

Security Affairs

MAY 15, 2023

The highly-targeted attacks aim at organizations in government, aviation, education, and telecom sectors. “Lancefly’s custom malware, which we have dubbed Merdoor, is a powerful backdoor that appears to have existed since 2018.” The intelligence-gathering campaign started in mid-2022 and is likely still ongoing.

Encryption

Encryption Phishing Communications Education

NYC Special Needs Student's Records Found Exposed on Web

Data Breach Today

MARCH 21, 2023

Researcher Says Database Containing Nearly 50,000 Documents Appears Secure Now Nearly 50,000 documents containing personal information of special education students who live in New York City and attend public school there were recently found exposed on the internet in an unsecured database. Some of those records date back to 2018.

Education

Education Security

CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Webinars

Trending Sources

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Webinars

Georgia Tech security breach exposed up to 1.3 million individuals

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

UK Research and Innovation (UKRI) discloses ransomware attack

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Fortinet warns of a spike in attacks against TBK DVR devices

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Shade Ransomware gang shut down operations and releases 750K decryption keys

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

American Bar Association (ABA) suffered a data breach,1.4 million members impacted

‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals

British Council exposed 144,000 files containing student details?

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Researcher published PoC exploit for Ghostscript zero-day

Russian national sentenced to time served for committing money laundering for the Ryuk ransomware operation

GUEST ESSAY: Can Apple’s pricey ‘Business Essentials’ truly help SMBs secure their endpoints?

CarsBlues Bluetooth attack Affects tens of millions of vehicles

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

Trial Ends in Guilty Verdict for DDoS-for-Hire Boss

FBI seized 48 domains linked to DDoS-for-Hire service platforms

Authorities dismantled the card-checking platform Try2Check

0x20k of Ghost Squad Hackers Releases ODay Exploit Targeting Apache Hadoop

The Problem With the Small Business Cybersecurity Assistance Act

FIN12 ransomware gang don’t implement double extortion to prioritize speed

2.6 billion records exposed in 2,308 disclosed data breaches in H1

North Korea-linked TA406 cyberespionage group activity in 2021

Iran-Linked Seedworm APT target orgs in the Middle East

T-Mobile suffered the second data breach in 2023

Data Breach: Turkish legal advising company exposed over 15,000 clients

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

SILENTFADE a long-running malware campaign targeted Facebook AD platform

New ‘PyXie’ Python RAT targets multiple industries

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

SHARED INTEL: Mobile apps are riddled with security flaws, many of which go unremediated

Six Charged in Mass Takedown of DDoS-for-Hire Sites

Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs

NYC Special Needs Student's Records Found Exposed on Web

Stay Connected