2019, Education and Security - Information Management Today

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. The malicious code appended the extension .

Education

Education Ransomware Encryption Government

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Security Affairs

FEBRUARY 24, 2020

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. million malware samples per day in 2019 and identified 1,268 malware families. The post FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019 appeared first on Security Affairs.

Data breaches

Data breaches GDPR Education Cybersecurity

Cyber Defense Magazine – April 2019 has arrived. Enjoy it!

Security Affairs

APRIL 2, 2019

Cyber Defense eMagazine April 2019 Edition has arrived. GARY BERMAN AND HIS TEAM BELIEVE THAT INFOSEC KNOWLEDGE IS POWERFUL – TAKE YOUR AVERAGE EMPLOYEE AND MAKE THEM A CYBER HERO – YOU WILL EMPOWERED THEM AGAINST THE LATEST SPEAR PHISHING ATTACKS AND RANSOMWARE, IN A FUN EDUCATIONAL WAY. InfoSec Knowledge is Power.

IT

IT Libraries Education Phishing

Webinars

Maximizing Profit and Productivity: The New Era of AI-Powered Accounting

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Annual RSA Conference Exclusive 2019 Edition of Cyber Defense Magazine is arrived

Security Affairs

MARCH 4, 2019

We’re honored to bring you our 7th Annual edition of Cyber Defense Magazine (CDM), exclusively in print at the RSA Conference (RSAC) 2019. Cyber Defense eMagazine – Annual RSA Conference 2019 Edition. Setting the Standard in Cyber Training & Education. and by the RSA Conference 2019 Team! Congratulations!

Libraries

Libraries Education Cybersecurity Security

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

The best news of the week with Security Affairs. Google sued by New Mexico attorney general for collecting student data through its Education Platform. FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019. European Commission has chosen the Signal app to secure its communications. Pierluigi Paganini.

Security

Security Ransomware Military Data breaches

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

“According to the indictment, Ptitsyn facilitated the worldwide use of a dangerous ransomware strain to target corporations and various organizations, including government agencies, healthcare facilities, educational institutions, and critical infrastructure.

Ransomware

Ransomware Education Sales Government

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. “In September 2019, we started a repository of Critical Infrastructures Ransomware Attacks (CIRWAs). . ” reads the project description. Pierluigi Paganini.

Ransomware

Ransomware Data collection Education Security

Belgium Interior Ministry said it was hit by a sophisticated cyber attack

Security Affairs

MAY 26, 2021

The attack took place in 2019, but it was discovered only in March. Belnet (or the Belgian National research and education network ) is a Belgian internet provider for educational institutions, research centres, scientific institutes, and government services. We have to do everything, both at a national and EU level.”

IT

IT Education Government Communications

Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security

Krebs on Security

JANUARY 31, 2020

11, 2019, two security experts at a company that had been hired by the state of Iowa to test the physical and network security of its judicial system were arrested while probing the security of an Iowa county courthouse, jailed in orange jumpsuits, charged with burglary, and held on $100,000 bail. On Thursday Jan.

Security

Security Education Access IT

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.”

Ransomware

Ransomware Encryption Passwords Government

Shade Ransomware gang shut down operations and releases 750K decryption keys

Security Affairs

APRIL 27, 2020

The Shade infections increased during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size. Moth of the victims belongs to high-tech, wholesale and education sectors. Pierluigi Paganini.

Ransomware

Ransomware File names Education Encryption

Security Affairs newsletter Round 266

Security Affairs

MAY 31, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 266 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Data breaches Ransomware Sales

Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws

Security Affairs

JANUARY 24, 2020

Danish security researcher Ollypwn has released DOS exploit PoC for critical vulnerabilities in the Windows RDP Gateway. PoC (Denial-of-Service) for CVE-2020-0609 & CVE-2020-0610 Please use for research and educational purpose only. link] pic.twitter.com/R43AHUwGV0 — ollypwn (@ollypwn) January 23, 2020. Pierluigi Paganini.

Education

Education Authentication Access Security

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

DECEMBER 21, 2020

Based on logs from compromised phones, we believe that NSO Group customers also successfully deployed KISMET or a related zero-click, zero-day exploit between October and December 2019.” ” The KISMET exploit chain doesn’t work against iOS 14 and above because the new mobile iOS implements additional security protections.

Government

Government Security awareness Education Sales

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. Despite this, Lazarus has not changed the backdoor much since 2019, when it was initially discovered.” ” concludes the report.

Manufacturing

Manufacturing Education Encryption IT

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. The BSI urges operators running vulnerable instances to install available security updates and configure them securely. ” reads the alert published by the BSI.

Information Security

Information Security Cybersecurity Education Authentication

0patch released micropatch for BearLPE Zero-Day flaw in Windows 10 Task Scheduler

Security Affairs

MAY 31, 2019

The zero-day vulnerability, dubbed BearLPE , was recently disclosed by the security researcher SandboxEscaper. . It's free for home and educational use. link] pic.twitter.com/gvWTpVM52f — 0patch (@0patch) May 31, 2019. I can confirm that this works as-is on a fully patched (May 2019) Windows 10 x86 system.

Education

Education Cybersecurity Security IT

Unprotected Elasticsearch DB exposed 33 Million job profiles in China

Security Affairs

MARCH 17, 2019

Security expert discovered an unprotected Elasticsearch database exposed online that was containing approximately 33 million job profiles in China. . Jain discovering the ElasticSearch database on March 10th, 2019, but he was able to discover who was the owner of the archi ve. The Elasticsearch database was shutdown on March 13, 2019.

Archiving

Archiving Education Security Data breaches

Nation-state actors target Australia, Government warns

Security Affairs

JUNE 19, 2020

“This activity is targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure,” he said. ” reported the Australian broadcaster ABC.

Government

Government Risk Education Passwords

Mysterious open database included ‘BreedReady’ status for 1.8 Million Women

Security Affairs

MARCH 12, 2019

The database also contained GPS coordinates, URLs to photos, ID numbers, marital status, political and education related details, and a ‘HasVideo’ field. The exposed database was discovered by the popular security researcher Victor Gevers, he found 29808 open in China. Million Women appeared first on Security Affairs.

Archiving

Archiving Education Security Data breaches

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) revealed that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data.

Government

Government Passwords Access Cybersecurity

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

The malware has been active at least since August 2019, over the months the NetWalker ransomware was made available through a ransomware-as-a-service (RaaS) model attracting criminal affiliates. “Since 2019, NetWalker ransomware has reached a vast number of different targets, mostly based in western European countries and the US.

Ransomware

Ransomware Phishing Encryption Education

Hackers breach 62 US colleges by allegedly exploiting Ellucian Banner Web flaw

Security Affairs

JULY 21, 2019

US Department of Education warned that hackers have breached at least 62 college and university networks by exploiting a vulnerability in the Ellucian Banner Web Tailor module of the Ellucian Banner ERP. ” reads the security advisory published by the expert. ” reads the security advisory published by the expert.

Education

Education Authentication Access Security

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

MARCH 25, 2020

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. The hackers initially exploited the CVE-2019-19781 flaw in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances. Pierluigi Paganini.

Healthcare

Healthcare Education Manufacturing Government

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security. ” reads the security advisory. CVE-2019-19781 enabled the actors to execute directory traversal attacks.[ Government agencies.”

Government

Government Energy and Utilities Healthcare Access

CISA adds bugs in Chrome and macOS to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 18, 2023

US Cybersecurity and Infrastructure Security Agency (CISA) added Chrome and macOS vulnerabilities to its Known Exploited Vulnerabilities catalog. The CVE-2019-8526 flaw has been exploited by the DazzleSpy backdoor in watering hole attacks aimed at politically active individuals in Hong Kong.

IT

IT Cybersecurity Education Risk

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

In December 2019, Maastricht University (UM) announced that ransomware infected almost all of its Windows systems on December 23. Extra security measures have been taken to protect (scientific) data. ” N ow all critical systems at the University are online and offline backups were secured by the company.

Ransomware

Ransomware Encryption Passwords Retail

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Security Affairs

MARCH 19, 2020

Security experts from Bitdefender recently discovered a new TrickBot variant that is targeting telecommunications organizations in the United States and Hong Kong. For example, in February 2019 Trend Micro detected a variant that includes a new module used for Remote App Credential-Grabbing. Pierluigi Paganini.

Financial Services

Financial Services Education Communications IT

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

Security Affairs

NOVEMBER 10, 2019

Information Risk Management (IRM) recently published its 2019 Risky Business Report. It also concluded that the top three cybersecurity reasons that respondents use AI now are for network intrusion detection and prevention, fraud detection and secure user authentication. SecurityAffairs – secure email gateways, malware).

Cybersecurity

Cybersecurity Risk Artificial Intelligence Education

Critical flaws affect Jira Service Desk and Jira Service Desk Data Center

Security Affairs

SEPTEMBER 22, 2019

Atlassian released security updates for Jira Service Desk and Jira Service Desk Data Center to address a critical flaw that can lead to information disclosure. Atlassian released security updates to address critical vulnerabilities in Jira Service Desk and Jira Service Desk Data Center. before 3.16.8, before 4.1.3, before 4.2.5,

Access

Access Manufacturing Education Security

Personal and social information of 1.2B people exposed on an open Elasticsearch install

Security Affairs

NOVEMBER 22, 2019

Security duo discovered personal and social information 1.2 The database, discovered on October 16, 2019, contained more than 4 terabytes of data is the largest data leaks from a single source organization in history. . The only difference being the data returned by the PDL also contained education histories.”

Archiving

Archiving Education Access Passwords

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware

Ransomware Education Phishing Government

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Krebs on Security

MARCH 2, 2021

today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The patches released today fix security problems in Microsoft Exchange Server 2013 , 2016 and 2019. Microsoft Corp.

Education

Education Access Authentication Communications

Capital One hacker suspected to have breached other 30 companies

Security Affairs

AUGUST 17, 2019

District Court in Seattle today and was ordered detained pending a hearing on August 1, 2019.”. Attorney’s Office in Seattle said servers found in Thompson’s bedroom contained data stolen from more than 30 unnamed companies, educational institutions and other entities.” reads the press release published by the DoJ. Now the U.S.

Data breaches

Data breaches Education Access Security

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Experts from Kaspersky explained that in February 2019, multiple antivirus companies received a collection of malware samples, some of them cannot be associated with the activity of known APT groups. . In November 2019, ESET researchers discovered a new downloader, dubbed DePriMon, that used new “Port Monitor” methods in attacks in the wild.

Government

Government Cybersecurity Education Security

China-linked APT41 group targets US-Based Research University

Security Affairs

AUGUST 21, 2019

Security experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. based research university took place on April 2019.

Libraries

Libraries Education Phishing Encryption

The source code of Zeppelin Ransomware sold on a hacking forum

Security Affairs

JANUARY 5, 2024

In August 222, the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint advisory to warn of Zeppelin ransomware attacks.

Ransomware

Ransomware Sales Encryption Cybersecurity

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 8, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA) The post CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

IT

IT Ransomware Education Cybersecurity

Data leak exposes sensitive data of all Ecuador ‘citizens

Security Affairs

SEPTEMBER 16, 2019

Security experts at vpnMentor have discovered a huge data leak affecting Ecuador that exposed data belonging to 20 million Ecuadorian Citizens. “In Ecuador, the term “cédula” or “cédula de identidad” refers to a person’s ten-digit national identification number, similar to a social security number in the US. Pierluigi Paganini.

Data breaches

Data breaches Education Government Security

Russian national sentenced to time served for committing money laundering for the Ryuk ransomware operation

Security Affairs

APRIL 19, 2023

According to the investigators, in July 2019, Dubnikov laundered more than $400,000 in Ryuk ransom proceeds. According to a joint report published in January 2021 by security firms Advanced-intel and HYAS, Ryuk operators earned, at the time of publishing the analysis, more than $150 million worth of Bitcoin from ransom paid by their victims.

Ransomware

Ransomware Education Cybersecurity Security

Crooks social-engineered GoDaddy staff to take over crypto-biz domains

Security Affairs

NOVEMBER 24, 2020

” states a security notice published by the company. The hackers were able to modify the DNS records for the NiceHash.com domain and the company was forced to immediately frozen all wallet activity to secure all user’s funds. At the time of this writing, GoDaddy did not provide details about the attacks that have happened.

Data breaches

Data breaches Mining Education Access

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

MARCH 18, 2019

UK intelligence agency GCHQ, as part of the celebration of its centenary , has released emulators for World War II cipher machines that can be executed in the encryption app CyberChef released for educational purposes. link] #GCHQ100 pic.twitter.com/t2ixVE6j7H — GCHQ (@GCHQ) March 14, 2019. Security Affairs – GCHQ , CyberChef ).

Encryption

Encryption Military Education Communications

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 LockBit is a prominent ransomware operation that first emerged in September 2019. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Fileless SockDetour backdoor targets U.S.-based defense contractors

Security Affairs

FEBRUARY 26, 2022

According to the experts, the SockDetour backdoor has been in the wild since at least July 2019. The attackers successfully compromised more than a dozen organizations across multiple industries, including technology, energy, healthcare, education, finance and defense. based defense contractors appeared first on Security Affairs.

Education

Education Encryption Ransomware Cybersecurity

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Webinars

Trending Sources

Cyber Defense Magazine – April 2019 has arrived. Enjoy it!

Webinars

Annual RSA Conference Exclusive 2019 Edition of Cyber Defense Magazine is arrived

Security Affairs newsletter Round 253

Russian Phobos ransomware operator faces cybercrime charges

CIRWA Project tracks ransomware attacks on critical infrastructure

Belgium Interior Ministry said it was hit by a sophisticated cyber attack

Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security

FBI issued a flash alert about Netwalker ransomware attacks

Shade Ransomware gang shut down operations and releases 750K decryption keys

Security Affairs newsletter Round 266

Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws

Zero-day exploit used to hack iPhones of Al Jazeera employees

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

German BSI warns of 17,000 unpatched Microsoft Exchange servers

0patch released micropatch for BearLPE Zero-Day flaw in Windows 10 Task Scheduler

Unprotected Elasticsearch DB exposed 33 Million job profiles in China

Nation-state actors target Australia, Government warns

Mysterious open database included ‘BreedReady’ status for 1.8 Million Women

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

NetWalker ransomware operators have made $25 million since March 2020

Hackers breach 62 US colleges by allegedly exploiting Ellucian Banner Web flaw

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

CISA adds bugs in Chrome and macOS to its Known Exploited Vulnerabilities catalog

Maastricht University finally paid a 30 bitcoin ransom to crooks

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

Critical flaws affect Jira Service Desk and Jira Service Desk Data Center

Personal and social information of 1.2B people exposed on an open Elasticsearch install

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Capital One hacker suspected to have breached other 30 companies

Purple Lambert, a new malware of CIA-linked Lambert APT group

China-linked APT41 group targets US-Based Research University

The source code of Zeppelin Ransomware sold on a hacking forum

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Data leak exposes sensitive data of all Ecuador ‘citizens

Russian national sentenced to time served for committing money laundering for the Ryuk ransomware operation

Crooks social-engineered GoDaddy staff to take over crypto-biz domains

GCHQ implements World War II cipher machines in encryption app CyberChef

Operation Cronos: law enforcement disrupted the LockBit operation

Fileless SockDetour backdoor targets U.S.-based defense contractors

Stay Connected