2019, Education and Government - Information Management Today

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. The malicious code appended the extension .

Education

Education Ransomware Encryption Government

Nation-state actors target Australia, Government warns

Security Affairs

JUNE 19, 2020

A state-based actor is launching cyber attacks against government, public services and businesses, Australia ‘s prime minister said. Australia ‘s prime minister Scott Morrison said that a “state-based actor” is targeting government, public services, and businesses.

Government

Government Risk Education Passwords

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

“According to the indictment, Ptitsyn facilitated the worldwide use of a dangerous ransomware strain to target corporations and various organizations, including government agencies, healthcare facilities, educational institutions, and critical infrastructure.

Ransomware

Ransomware Education Sales Government

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks. . Hackers also targeted Exim mail agents ( CVE 2019-10149 ) and Fortinet SSL VPNs ( CVE-2018-13379 ).

Government

Government Passwords Access Cybersecurity

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking devices that could be compromised with exploits for recently disclosed vulnerabilities.

Government

Government Energy and Utilities Healthcare Access

Belgium Interior Ministry said it was hit by a sophisticated cyber attack

Security Affairs

MAY 26, 2021

The attack took place in 2019, but it was discovered only in March. In early May , a massive distributed denial of service (DDoS) attack hit most of the Belgium government ’s IT network, according to the media the attack also knocked offline internal systems.

IT

IT Education Government Communications

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

and foreign government organizations. and foreign government organizations. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.” The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. ” reads the alert.

Ransomware

Ransomware Encryption Passwords Government

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. “In September 2019, we started a repository of Critical Infrastructures Ransomware Attacks (CIRWAs).

Ransomware

Ransomware Data collection Education Security

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

DECEMBER 21, 2020

“In July and August 2020, government operatives used NSO Group ’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. These surgical attacks took place between July and August 2020, but experts speculate the attack are going on since at least October 2019.

Government

Government Security awareness Education Sales

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

The malware has been active at least since August 2019, over the months the NetWalker ransomware was made available through a ransomware-as-a-service (RaaS) model attracting criminal affiliates. “Since 2019, NetWalker ransomware has reached a vast number of different targets, mostly based in western European countries and the US.

Ransomware

Ransomware Phishing Encryption Education

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

MARCH 25, 2020

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. The hackers initially exploited the CVE-2019-19781 flaw in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances.

Healthcare

Healthcare Education Manufacturing Government

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Security Affairs

MARCH 2, 2024

The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors. Phobos operation uses a ransomware-as-a-service (RaaS) model, it has been active since May 2019.

Ransomware

Ransomware Education Phishing Government

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 LockBit is a prominent ransomware operation that first emerged in September 2019. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

MARCH 30, 2024

Most affected organizations are educational institutions such as schools and universities, healthcare facilities including clinics and doctors’ practices, nursing services, legal and tax advisory firms, local governments, and a multitude of medium-sized enterprises. ” reads the alert published by the BSI.

Information Security

Information Security Cybersecurity Education Authentication

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

Google sued by New Mexico attorney general for collecting student data through its Education Platform. ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia. FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019. ISS reveals malware attack impacted parts of the IT environment.

Security

Security Ransomware Military Data breaches

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Experts from Kaspersky explained that in February 2019, multiple antivirus companies received a collection of malware samples, some of them cannot be associated with the activity of known APT groups. . In November 2019, ESET researchers discovered a new downloader, dubbed DePriMon, that used new “Port Monitor” methods in attacks in the wild.

Government

Government Cybersecurity Education Security

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

Experts observed a 400% increase in the number of attacks, compared with October, that hit government organizations. PYSA ransomware operators focus on large or high-value finance, government and healthcare organisations. The PYSA ransomware group (aka Mespinoza) recorded an increase of 50% in November.

Ransomware

Ransomware Encryption Government Retail

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. Microsoft’s initial advisory about the Exchange flaws credited Reston, Va.

Cybersecurity

Cybersecurity Government Cleanup Cloud

Data leak exposes sensitive data of all Ecuador ‘citizens

Security Affairs

SEPTEMBER 16, 2019

Data were left unsecured online on a misconfigured Elasticsearch server, exposed data includes full PII, marital status and date of marriage, level of education, financial info, and more. . The data base was secured on September 11, 2019, after vpnMentor notifies its discovery to the Ecuador CERT (Computer Emergency Response Team) team.

Data breaches

Data breaches Education Government Security

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

The name Fxmsp refers a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information. Since March 2019, Fxmsp announced in cybercrime forums the availability of information stolen from major antivirus companies located in the U.S. Attorney Brian T.

Access

Access Passwords Education Government

Newcastle University becomes latest ransomware victim as education sector fails to heed warnings

IT Governance

SEPTEMBER 10, 2020

This incident is the latest in a long line of cyber attacks on the education sector. It followed August’s ransomware attack on the education administrator Blackbaud , in which students’ phone numbers, donation history and events attendance were all compromised. Ransomware epidemic.

Education

Education Ransomware Government Security

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

MARCH 18, 2019

UK intelligence agency GCHQ, as part of the celebration of its centenary , has released emulators for World War II cipher machines that can be executed in the encryption app CyberChef released for educational purposes. link] #GCHQ100 pic.twitter.com/t2ixVE6j7H — GCHQ (@GCHQ) March 14, 2019. Try them out for yourself!

Encryption

Encryption Military Education Communications

Critical flaws affect Jira Service Desk and Jira Service Desk Data Center

Security Affairs

SEPTEMBER 22, 2019

The flaw, tracked as CVE-2019-14994, could lead to information disclosure, it could be exploited by anyone with access to the portal, including customers. The following versions of Service Desk Server and Service Desk Data Center address the CVE-2019-14994: 3.9.16, 3.16.8, The flaw tracked as CVE-2019-15001 affects version 7.0.10

Access

Access Manufacturing Education Security

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. Ivan Neculiti, as pictured on LinkedIn.

Cloud

Cloud Education Government Communications

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes. government officials as well as European security authorities, which have warned of the risks associated with Chinese telecoms equipment.” In November 2019, the U.S.

Government

Government Communications Risk Cybersecurity

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. LockBit is a prominent ransomware operation that first emerged in September 2019. ” reads the press release published by the U.S.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Group-IB specialists discovered 19 928 of Singaporean banks’ cards that have shown up for sale in the dark web in 2018 and found hundreds of compromised government portals’ credentials stolen by hackers throughout past 2 years. Users’ logins and passwords from the Government Technology Agency ( [link] [.] Underground market economy.

Sales

Sales Passwords Government Marketing

Singapore proposes Governance Framework for Generative AI

Data Protection Report

FEBRUARY 4, 2024

The Draft GenAI Governance Framework may be accessed here. Views on the Draft GenAI Governance Framework may be provided to the IMDA at info@aiverify.sg. A brief summary of, and our key takeaways from, the Draft GenAI Governance Framework are set out below. The National AI Strategy was last updated in 2023.

Government

Government Personal data Paper Education

T-Mobile suffered the second data breach in 2023

Security Affairs

MAY 1, 2023

” The exposed information varied for each of the affected customers, it could include full name, contact information, account number and associated phone numbers, T-Mobile account PIN, social security number, government ID, date of birth, balance due, T-Mobile internal codes, and the number of lines. .”

Data breaches

Data breaches Access Education Government

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

The malware has been active at least since August 2019, over the months the NetWalker ransomware was made available through a ransomware-as-a-service (RaaS) model attracting criminal affiliates. “Since 2019, NetWalker ransomware has reached a vast number of different targets, mostly based in western European countries and the US.

Ransomware

Ransomware Phishing Encryption Education

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

LockBit is a prominent ransomware operation that first emerged in September 2019. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

Why has there been increase in cyber risks for the education sector?

IT Governance

SEPTEMBER 17, 2020

The coronavirus pandemic has arguably affected the education sector more than any other, with schools, colleges and universities around the globe having been forced to close their doors and deliver classes remotely. The most common threat that the education sector faces are downloaders, adware and Trojan horses. Adware and malware.

Education

Education Risk Ransomware Government

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. link] #MSFTatBlackHat — Security Response (@msftsecresponse) August 5, 2019. ” concludes Microsoft.

IoT

IoT Military Access Education

Arrest in ‘Ransom Your Employer’ Email Scheme

Krebs on Security

NOVEMBER 22, 2021

In June 2021, the Nigerian government officially placed an indefinite ban on Twitter , restricting it from operating in Nigeria after the social media platform deleted tweets by the Nigerian president. percent in 2019 to 33 percent in 2020, according to the National Bureau of Statistics.

Ransomware

Ransomware Phishing Government Education

No Jail Time for “WannaCry Hero”

Krebs on Security

JULY 29, 2019

In April 2019, Hutchins pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices. “Once t[h]ings settle down I plan to focus on educational blog posts and livestreams again.” At his sentencing hearing July 26, U.S. ” .

Ransomware

Ransomware Education Government Risk

List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked

IT Governance

JULY 31, 2019

Croatian government targeted by mysterious hackers (unknown). LaPorte, Indiana, government pays $132 after its systems crippled by ransomware (unknown). New Bedford, MA, and Syracuse, NY, governments also hit by ransomware (unknown). NV, becomes latest US government to be hit by ransomware (unknown). Data breaches.

Data breaches

Data breaches Ransomware Personal data Government

List of data breaches and cyber attacks in May 2019 – 1.39 billion records leaked

IT Governance

MAY 30, 2019

The cyber security story for May 2019 is much the same as it was last month, with one mammoth breach raising the monthly total. Hackers breach the Philippines United Student Financial System for Tertiary Education (unknown). UK government commits email privacy blunder (300). which breached sixteen years’ worth of insurance data.

Data breaches

Data breaches Personal data Ransomware Phishing

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

LockBit is a prominent ransomware operation that first emerged in September 2019. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Krebs on Security

MARCH 31, 2020

We have taken steps across our technology, processes and employee education, to help prevent these types of attacks in the future.” Any actions done by the threat actor have been reverted and the impacted customers have been notified. The employee involved in this incident fell victim to a spear-fishing or social engineering attack.

Phishing

Phishing Encryption Passwords Access

Preservica congratulates 2019 Emmett Leahy Award winner

Preservica

NOVEMBER 5, 2019

Preservica, the market leader in active digital preservation software, is proud to extend its support for the Emmett Leahy Award , and offer congratulations to 2019 winner, Simon Fook-Keung Chu of Hong Kong. A complete list of past winners can be found at www.emmettleahyaward.org ). Visit: www.preservica.com Twitter: @preservica.

Digital preservation

Digital preservation Archiving Libraries Education

Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security

Krebs on Security

JANUARY 31, 2020

11, 2019, two security experts at a company that had been hired by the state of Iowa to test the physical and network security of its judicial system were arrested while probing the security of an Iowa county courthouse, jailed in orange jumpsuits, charged with burglary, and held on $100,000 bail. On Thursday Jan. Zach Whiting.

Security

Security Education Access IT

BEST PRACTICES: Mock attacks help local agencies, schools prepare for targeted cyber scams

The Last Watchdog

APRIL 6, 2020

Cyber criminals who specialize in plundering local governments and school districts are in their heyday. More than 70 state and local governments were hit by a ransomware attack in 2019, according to IT security company Barracuda Networks. Intensifying attacks Texas is by no means alone.

Ransomware

Ransomware Education Government Security

We Infiltrated a Counterfeit Check Ring! Now What?

Krebs on Security

JUNE 30, 2021

In a report released in 2019 (PDF), Agari profiled a group it dubbed “ Scattered Canary ” that is operating principally out of West Africa and dabbles in a dizzying array of schemes, including BEC and romance scams, FEMA and SBA loans, unemployment insurance fraud, counterfeit checks and of course money laundering.

Insurance

Insurance IT Education Government

Our Data Governance Is Broken. Let’s Reinvent It.

John Battelle's Searchblog

JANUARY 25, 2019

Most of my career has been spent evangelizing the power of technology to positively transform business, education, and politics. My current work is split between two projects: One has to do with data governance, the other political media. And second… Governance. But Governance? Data Governance. So let’s go.

Government

Government IT Marketing ROT

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Nation-state actors target Australia, Government warns

Webinars

Trending Sources

Russian Phobos ransomware operator faces cybercrime charges

Webinars

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Belgium Interior Ministry said it was hit by a sophisticated cyber attack

FBI issued a flash alert about Netwalker ransomware attacks

CIRWA Project tracks ransomware attacks on critical infrastructure

Zero-day exploit used to hack iPhones of Al Jazeera employees

NetWalker ransomware operators have made $25 million since March 2020

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Operation Cronos: law enforcement disrupted the LockBit operation

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs newsletter Round 253

Purple Lambert, a new malware of CIA-linked Lambert APT group

PYSA ransomware gang is the most active group in November

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Data leak exposes sensitive data of all Ecuador ‘citizens

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Newcastle University becomes latest ransomware victim as education sector fails to heed warnings

GCHQ implements World War II cipher machines in encryption app CyberChef

Critical flaws affect Jira Service Desk and Jira Service Desk Data Center

Stark Industries Solutions: An Iron Hammer in the Cloud

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Singapore proposes Governance Framework for Generative AI

T-Mobile suffered the second data breach in 2023

NetWalker ransomware operators have made $25 million since March 2020

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Why has there been increase in cyber risks for the education sector?

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Arrest in ‘Ransom Your Employer’ Email Scheme

No Jail Time for “WannaCry Hero”

List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked

List of data breaches and cyber attacks in May 2019 – 1.39 billion records leaked

More details about Operation Cronos that disrupted Lockbit operation

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Preservica congratulates 2019 Emmett Leahy Award winner

Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security

BEST PRACTICES: Mock attacks help local agencies, schools prepare for targeted cyber scams

We Infiltrated a Counterfeit Check Ring! Now What?

Our Data Governance Is Broken. Let’s Reinvent It.

Stay Connected