2020 and Education - Information Management Today

K12 education giant paid the ransom to the Ryuk gang

Security Affairs

DECEMBER 2, 2020

Online education giant K12 Inc. The education company Online education giant K12 Inc. is a for-profit education company that sells online schooling and curricula. is a for-profit education company that sells online schooling and curricula. “K12 Inc. NYSE: LRN) (“Stride” or “we”) – to be Stride, Inc.

Education

Education Ransomware Insurance Access

Threat actors target K-12 distance learning education, CISA and FBI warn

Security Affairs

DECEMBER 11, 2020

The US Cybersecurity Infrastructure and Security Agency and the FBI warned about the increase in ransomware attacks targeting the US K-12 educational sector. The US CISA and the FBI warned about the increase in ransomware attacks targeting the US K-12 educational sector aimed at data theft and disruption of distance learning services.

Education

Education Ransomware Cybersecurity Security

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware

Ransomware Education Cybersecurity Passwords

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw

Security Affairs

JULY 8, 2020

Early June, researchers at F5 Networks have addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

Education

Education Government Passwords Authentication

2020 Database Strategies and Contact Acquisition Survey Report

Advertiser: ZoomInfo

This report aims to highlight the current state of B2B database and contact acquisition strategies and organizations’ goals to leverage data to fuel their go-to-market strategies in 2020 and beyond. Database benchmarks for education and resource prioritization. New tactics to acquire data to reach marketing goals.

Authentication

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. Pierluigi Paganini.

Education

Education Ransomware Encryption Government

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Access

US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP

Security Affairs

JULY 25, 2020

CISA is warning of the active exploitation of the unauthenticated remote code execution CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. “This Alert also provides additional detection measures and mitigations for victim organizations to help recover from attacks resulting from CVE-2020-5902.

Education

Education Government Passwords Authentication

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. reads the alert.

Ransomware

Ransomware Phishing Encryption Education

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. FritzFrog is a sophisticated botnet that was involved in attacks against SSH servers worldwide since January 2020. and Europe belonging to universities and a railway company. Pierluigi Paganini.

Education

Education Government Libraries Mining

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Security Affairs

FEBRUARY 24, 2020

According to the FireEye Mandiant M-Trends 2020 report , FireEye analyzed 1.1 The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. million malware samples per day in 2019 and identified 1,268 malware families. Pierluigi Paganini.

Data breaches

Data breaches GDPR Education Cybersecurity

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors.

Ransomware

Ransomware Education Sales Government

Experts found critical flaws in 3 popular e-Learning WordPress Plugins

Security Affairs

APRIL 30, 2020

The 3 plugins are installed on more than 100,000 different educational platforms used by several universities such as the University of Florida, University of Michigan, University of Washington as well as hundreds of online academies. ” reads the description for the CVE-2020-11511 flaw (Becoming a Teacher). million times.

Education

Education Cybersecurity Security IT

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. reads the alert.

Ransomware

Ransomware Phishing Encryption Education

ShinyHunters leaked over 386 million user records from 18 companies

Security Affairs

JULY 28, 2020

million $1,200 Minted 5 million $2,500 Styleshare 6 million $2,700 Ggumim 2 million $1,300 Mindful 2 million $1,300 StarTribune 1 million $1,100 ChatBooks 15 million $3,500 The Chronicle Of Higher Education 3 million $1,500 Zoosk 30 million $500. Million March 26th, 2020 Yes Dave.com 7 Million July 2020 * Yes Drizly.com 2.4

Passwords

Passwords Archiving Education Authentication

Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws

Security Affairs

JANUARY 24, 2020

The Danish security researcher Ollypwn has published a proof-of-concept (PoC) denial of service exploit for the CVE-2020-0609 and CVE-2020-0610 vulnerabilities in the Remote Desktop Gateway (RD Gateway) component on Windows Server (2012, 2012 R2, 2016, and 2019) devices.

Education

Education Authentication Access Security

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Security Affairs

JUNE 24, 2021

ChaChi has been first observed in the wild in the first half of 2020, but cybersecurity experts underestimated it. The malware was recently employed in attacks against large US schools and education organizations. . The name ChaChi comes from two key components of the malware, Cha shell and Chi sel. Pierluigi Paganini.

Ransomware

Ransomware Education Cybersecurity Government

Chegg discloses the third data breach in the last two years

Security Affairs

APRIL 30, 2020

The American education technology firm Chegg discloses a security breach, it already sent notifications to its employees. The US education technology company Chegg discloses a security breach that took place in early April, the firm already sent notifications to its employees.

Data breaches

Data breaches Education Cybersecurity Security

DDoS Attacks on Education Escalate in 2020

Dark Reading

SEPTEMBER 4, 2020

The number of DDoS attacks affecting educational resources was far higher between February and June 2020 compared with 2019.

Education

2020 VITAL RECORDS CONTROL (VRC) SPONSORSHIP ANNOUNCEMENT via the ARMA International Educational Foundation

IG Guru

DECEMBER 17, 2020

Robert McLauchlinDec 10, 2020 Palmyra, NJ (December 10, 2020) – The Foundation (ARMA International Educational Foundation, AIEF) is pleased to announce Vital Records Control’s sponsorship of $3,500.

Education

Education IT Information governance Government

TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb

Security Affairs

MAY 3, 2020

The hacker claims to have hacked the company in March 2020, it has stolen just a small part of the company database. – Database contains emails, password hashes, names pic.twitter.com/CZTYImj6jA — Under the Breach (@underthebreach) May 2, 2020. ZDNet confirmed the authenticity of the leaked data.

Passwords

Passwords Sales Data breaches Marketing

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

MARCH 25, 2020

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. The paused coincides with the Chinese Lunar New Year holidays which occurred between January 24 and January 30, 2020.

Healthcare

Healthcare Education Manufacturing Government

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. now has 687 records assembled from publicly disclosed incidents between November 2013 and August 2020.” “This repository (version 10.2)

Ransomware

Ransomware Data collection Education Security

Colorado Warns Ransomware Attack Caused Massive Data Breach

Data Breach Today

AUGUST 7, 2023

Information From 2004 to 2020 Exposed for High School Students, Teachers and Others Colorado's Department of Higher Education is warning that it suffered a ransomware attack in June, in which attackers stole personal data on current and past students and teachers, dating from 2004 to 2020.

Ransomware

Ransomware Data breaches Education Personal data

2020 cyber security statistics

IT Governance

JANUARY 26, 2021

In 2020, we recorded 1,120 breaches and cyber attacks that were reported on in mainstream media, which accounted for 20,120,074,547 leaked records. Typically, there is a relatively even split between the number of cyber attacks and accidental breaches we report on, but that wasn’t the case in 2020. billion breached records.

Security

Security Data breaches Education Phishing

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In late 2020, credentials for US-based universities were found for sale on the dark web. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts.

Sales

Sales Education Phishing Passwords

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

In July 2020, Save the Children suffered a data breach that was caused by a ransomware attack on cloud computing provider Blackbaud. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration.

IT

IT Ransomware Education Data breaches

Cloud computing provider Blackbaud paid a ransom after data breach

Security Affairs

JULY 21, 2020

Cloud software provider Blackbaud revealed to have paid crooks to decrypt its data following a ransomware attack that took place in May 2020. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration.

Data breaches

Data breaches Cloud Ransomware Education

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Security Affairs

DECEMBER 17, 2020

According to a private industry notification alert (PIN), sent by the FBI to private organizations, the Bureau is aware of extortion activities that have been happening since February 2020. This criminal practice is adopted since August by several gangs, including Sekhmet , Conti , and Ryuk. PIN Number 20201210-001.

Ransomware

Ransomware Education Authentication Security

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Silk Typhoon targets multiple sectors worldwide, including information technology (IT) services and infrastructure, remote monitoring and management (RMM) companies, managed service providers (MSPs) and affiliates, healthcare, legal services, higher education, defense, government, non-governmental organizations (NGOs), and energy.

Energy and Utilities

Energy and Utilities IT Cloud Passwords

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

Officials said the group has been targeting dozens of US state, local, territorial, and tribal (SLTT) government networks since at least February 2020. Energetic Bear successfully compromised the infrastructure and as of October 1, 2020, exfiltrated data from at least two victim servers. ” reads the advisory.

Government

Government Passwords Access Cybersecurity

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

“As of June 2020, the FBI has received notifications of Netwalker ransomware attacks on U.S. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.” ” reads the alert. public health organization. .”

Ransomware

Ransomware Encryption Passwords Government

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

Since at least June 2020, and possibly earlier, the cyberespionage group has used the tool GooseEgg to exploit the CVE-2022-38028 vulnerability. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

IT

IT Education Cybersecurity Risk

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. billion in 2020. “On October 22, 2020, Steelcase Inc. It is the largest office furniture manufacturer in the world.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Security Affairs

NOVEMBER 7, 2023

Iran-linked Agonizing Serpens group (aka Agrius , BlackShadow , Pink Sandstorm , DEV-0022 ) has been targeting Israeli organizations in higher education and tech sectors with destructive cyber attacks since January 2023. Based on our telemetry, the most targeted organizations belong to the education and technology sectors.”

Education

Education Ransomware Security Access

Profiles in Leadership: Fred Kwong

Data Breach Today

JULY 28, 2022

DeVry CISO on Managing Security, Change in the Transformed Education Industry In March of 2020, DeVry University had 40 active campuses across the United States. Then the pandemic hit, and they all closed their doors and sent students home to study virtually.

Education

Education Cybersecurity Security

Shiny Hunters group is selling data from 11 companies on the Dark Web

Security Affairs

MAY 10, 2020

‘SKY HUNTER’ Leaked database of large companies – [link] , [link] , [link] , [link] AND OTHERS [link] #cyber #cybersecurity #malware #hacked #compromised — Cyble (@AuCyble) May 9, 2020. ChatBooks confirmed the data breach and started sending data breach notifications to their users.

Data breaches

Data breaches Passwords Cybersecurity Education

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware

Ransomware Manufacturing Education Libraries

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

DECEMBER 21, 2020

“In July and August 2020, government operatives used NSO Group ’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. In July 2020, KISMET was a zero-day against at least iOS 13.5.1 The personal phone of a journalist at London-based Al Araby TV was also hacked.”

Government

Government Security awareness Education Sales

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

Google sued by New Mexico attorney general for collecting student data through its Education Platform. FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019. Lampion malware v2 February 2020. ISS reveals malware attack impacted parts of the IT environment.

Security

Security Ransomware Military Data breaches

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Security Affairs

NOVEMBER 23, 2020

likely a pun ) and was published to npm registry around November 11, 2020. as Sonatype-2020-1096, Sonatype-2020-1097, and Sonatype-2020-1109. November 9th, 2020: npm team is notified the same day of malicious packages, and public disclosure is made via blog post. and ac-addon. Pierluigi Paganini.

Archiving

Archiving IT Security Education

Three Italian universities hacked by LulzSec_ITA collective

Security Affairs

FEBRUARY 13, 2020

link] Una piccolissima parte del leak: [link] pic.twitter.com/DvrWkBxW9Z — LulzSecITA (@LulzSec_ITA) February 7, 2020. GDPR #LulzSecITA #Università #Hacked — LulzSecITA (@LulzSec_ITA) February 10, 2020. As for motivation, they confirmed to me they have always had an interest in Italian education.

Data breaches

Data breaches GDPR Education Passwords

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved.

Phishing

Phishing Passwords Authentication Security

K12 education giant paid the ransom to the Ryuk gang

Threat actors target K-12 distance learning education, CISA and FBI warn

Webinars

Trending Sources

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Webinars

Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw

2020 Database Strategies and Contact Acquisition Survey Report

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP

NetWalker ransomware operators have made $25 million since March 2020

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Russian Phobos ransomware operator faces cybercrime charges

Experts found critical flaws in 3 popular e-Learning WordPress Plugins

NetWalker ransomware operators have made $25 million since March 2020

ShinyHunters leaked over 386 million user records from 18 companies

Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Chegg discloses the third data breach in the last two years

DDoS Attacks on Education Escalate in 2020

2020 VITAL RECORDS CONTROL (VRC) SPONSORSHIP ANNOUNCEMENT via the ARMA International Educational Foundation

TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

CIRWA Project tracks ransomware attacks on critical infrastructure

Colorado Warns Ransomware Attack Caused Massive Data Breach

2020 cyber security statistics

FBI: Compromised US academic credentials available on various cybercrime forums

Save the Children confirms it was hit by cyber attack

Cloud computing provider Blackbaud paid a ransom after data breach

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

China-linked APT Silk Typhoon targets IT Supply Chain

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

FBI issued a flash alert about Netwalker ransomware attacks

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Steelcase office furniture giant hit by Ryuk ransomware attack

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Profiles in Leadership: Fred Kwong

Shiny Hunters group is selling data from 11 companies on the Dark Web

Operation Cronos: law enforcement disrupted the LockBit operation

Rhysida ransomware gang claimed China Energy hack

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs newsletter Round 253

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Three Italian universities hacked by LulzSec_ITA collective

When Low-Tech Hacks Cause High-Impact Breaches

Stay Connected