2020, Education and Government - Information Management Today

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. FritzFrog is a sophisticated botnet that was involved in attacks against SSH servers worldwide since January 2020. and Europe belonging to universities and a railway company. Pierluigi Paganini.

Education

Education Government Libraries Mining

Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw

Security Affairs

JULY 8, 2020

Early June, researchers at F5 Networks have addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

Education

Education Government Passwords Authentication

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. The malicious code appended the extension .

Education

Education Ransomware Encryption Government

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks. . This joint advisory provides information on Russia-linked APT actor activity targeting various U.S.

Government

Government Passwords Access Cybersecurity

US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP

Security Affairs

JULY 25, 2020

CISA is warning of the active exploitation of the unauthenticated remote code execution CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. “This Alert also provides additional detection measures and mitigations for victim organizations to help recover from attacks resulting from CVE-2020-5902.

Education

Education Government Passwords Authentication

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors.

Ransomware

Ransomware Education Sales Government

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. reads the alert.

Ransomware

Ransomware Phishing Encryption Education

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023.

Government

Government Manufacturing Education Access

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking devices that could be compromised with exploits for recently disclosed vulnerabilities.

Government

Government Energy and Utilities Healthcare Access

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Security Affairs

JUNE 24, 2021

A new Trojan written in the Go programming language, tracked as ChaChi, was involved in ransomware attacks against government agencies and US schools. ChaChi has been first observed in the wild in the first half of 2020, but cybersecurity experts underestimated it. The Trojan leverages the gobfuscate GoLang tool for obfuscation.

Ransomware

Ransomware Education Cybersecurity Government

NetWalker ransomware operators have made $25 million since March 2020

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. reads the alert.

Ransomware

Ransomware Phishing Encryption Education

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

and foreign government organizations. and foreign government organizations. “As of June 2020, the FBI has received notifications of Netwalker ransomware attacks on U.S. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.”

Ransomware

Ransomware Encryption Passwords Government

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. now has 687 records assembled from publicly disclosed incidents between November 2013 and August 2020.” “This repository (version 10.2)

Ransomware

Ransomware Data collection Education Security

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

DECEMBER 21, 2020

“In July and August 2020, government operatives used NSO Group ’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. In July 2020, KISMET was a zero-day against at least iOS 13.5.1 ” reads the report published by the researchers.

Government

Government Security awareness Education Sales

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

MARCH 25, 2020

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. The paused coincides with the Chinese Lunar New Year holidays which occurred between January 24 and January 30, 2020.

Healthcare

Healthcare Education Manufacturing Government

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

Since at least June 2020, and possibly earlier, the cyberespionage group has used the tool GooseEgg to exploit the CVE-2022-38028 vulnerability. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

IT

IT Education Cybersecurity Risk

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Silk Typhoon targets multiple sectors worldwide, including information technology (IT) services and infrastructure, remote monitoring and management (RMM) companies, managed service providers (MSPs) and affiliates, healthcare, legal services, higher education, defense, government, non-governmental organizations (NGOs), and energy.

Energy and Utilities

Energy and Utilities IT Cloud Passwords

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware

Ransomware Manufacturing Education Libraries

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Security Affairs

JUNE 1, 2021

Just recently, the group has published a stolen data allegedly belonging to the Mexican Government which still remains available for sale today, and possibly becoming the first cybercriminal group that has touched a major state in Latin America on such a level. Mexican Government data is published for sale. Pierluigi Paganini.

Ransomware

Ransomware Sales Government GDPR

Security Affairs newsletter Round 282

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Ransomware Data breaches Manufacturing

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Since at least June 2020, and possibly earlier, the cyberespionage group has used the tool GooseEgg to exploit the CVE-2022-38028 vulnerability. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military File names Education Phishing

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Security Affairs

APRIL 14, 2020

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e.

Ransomware

Ransomware Phishing Government File names

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. billion in 2020. “On October 22, 2020, Steelcase Inc. It is the largest office furniture manufacturer in the world.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

Ransomware

Ransomware Encryption Education Phishing

2020 VITAL RECORDS CONTROL (VRC) SPONSORSHIP ANNOUNCEMENT via the ARMA International Educational Foundation

IG Guru

DECEMBER 17, 2020

Robert McLauchlinDec 10, 2020 Palmyra, NJ (December 10, 2020) – The Foundation (ARMA International Educational Foundation, AIEF) is pleased to announce Vital Records Control’s sponsorship of $3,500.

Education

Education IT Information governance Government

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

Google sued by New Mexico attorney general for collecting student data through its Education Platform. ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia. FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019. Lampion malware v2 February 2020.

Security

Security Ransomware Military Data breaches

2020 cyber security statistics

IT Governance

JANUARY 26, 2021

In 2020, we recorded 1,120 breaches and cyber attacks that were reported on in mainstream media, which accounted for 20,120,074,547 leaked records. Typically, there is a relatively even split between the number of cyber attacks and accidental breaches we report on, but that wasn’t the case in 2020. billion breached records.

Security

Security Data breaches Education Phishing

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware

Ransomware Manufacturing Education Libraries

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware

Ransomware Manufacturing Education Libraries

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments. The analysis of the C2 infrastructure revealed that it dates back to 2020.

Retail

Retail Education Communications Government

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

has a business unit called Securence , which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. and cityoffrederickmd.gov , the website for the government of Frederick, Md. The last press release on the site dates back to March 2020.

Education

Education Data breaches Government Security

Iranian hackers access unsecured HMI at Israeli Water Facility

Security Affairs

DECEMBER 4, 2020

The hackers claimed to have breached an Israeli water facility, likely recycled water, in a video that was published the night of December 1st, 2020. This group also hit other American websites, including a governmental education website in Texas. ” reads the blog post published by OTORIO. ” concludes the post.

Access

Access Agriculture Authentication Education

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Security Affairs

SEPTEMBER 18, 2024

The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. and Taiwan across various sectors, including military, government, higher education, telecommunications, defense industrial base, and IT.” “This botnet has targeted entities in the U.S.

IoT

IoT Military Education Cybersecurity

58% of all nation-state attacks in the last year were launched by Russian nation-state actors

Security Affairs

OCTOBER 8, 2021

Microsoft revealed that Russia-linked cyberespionage groups are behind the majority of the nation-state cyber attacks on US government agencies. Microsoft revealed that most of the cyber attacks on US government agencies are orchestrated by Russia-linked cyberespionage groups. ” continues the report.

Government

Government Education Security IT

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

organizations since 2020. organizations since 2020. The operation targeted many organizations in critical infrastructure sectors, including financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. law enforcement).

Ransomware

Ransomware Cybersecurity Agriculture Education

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the advisory, the threat actors have been observed exploiting Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware

Ransomware Manufacturing Education Passwords

The State of Content Management in 2020 [Expert Tips & Research]

AIIM

JUNE 30, 2020

What does content management look like in 2020, years after ECM died? AIIM has been the go-to resource for information professionals to find research, education, and training for over 70 years. AIIM believes that Information Management and Information Governance should NOT be done just for the sake of doing them.

ECM

ECM Content services Paper Information architecture

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Security Affairs

NOVEMBER 23, 2020

likely a pun ) and was published to npm registry around November 11, 2020. as Sonatype-2020-1096, Sonatype-2020-1097, and Sonatype-2020-1109. November 9th, 2020: npm team is notified the same day of malicious packages, and public disclosure is made via blog post. and ac-addon. About the author: Ax Sharma.

Archiving

Archiving IT Security Education

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. government, standards will not apply to the IoT market at-large. government, standards will not apply to the IoT market at-large.

IoT

IoT Cybersecurity Manufacturing Government

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes. government officials as well as European security authorities, which have warned of the risks associated with Chinese telecoms equipment.” The activity will be completed in the coming months.

Government

Government Communications Risk Cybersecurity

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

The US authorities arrested the man in Arizona last month DoJ states that from at least as early as August 2020 to March 2023, Astamirov and other members of the LockBit ransomware gang committed wire fraud and compromised many computer systems worldwide attempting to extort the victims of ransomware attacks. organizations since 2020.

Ransomware

Ransomware Agriculture Education Government

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. According to the press release published by the Department of State , the Lockbit ransomware operators carried out over 2,000 attacks against victims worldwide since January 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw

Webinars

Trending Sources

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Webinars

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP

Russian Phobos ransomware operator faces cybercrime charges

NetWalker ransomware operators have made $25 million since March 2020

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

NetWalker ransomware operators have made $25 million since March 2020

FBI issued a flash alert about Netwalker ransomware attacks

CIRWA Project tracks ransomware attacks on critical infrastructure

Zero-day exploit used to hack iPhones of Al Jazeera employees

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

China-linked APT Silk Typhoon targets IT Supply Chain

Rhysida ransomware gang claimed China Energy hack

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Security Affairs newsletter Round 282

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Operation Cronos: law enforcement disrupted the LockBit operation

Steelcase office furniture giant hit by Ryuk ransomware attack

Akira ransomware received $42M in ransom payments from over 250 victims

2020 VITAL RECORDS CONTROL (VRC) SPONSORSHIP ANNOUNCEMENT via the ARMA International Educational Foundation

Security Affairs newsletter Round 253

2020 cyber security statistics

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Rhysida ransomware group hacked Abdali Hospital in Jordan

New Agent Raccoon malware targets the Middle East, Africa and the US

U.S. Internet Leaked Years of Internal, Customer Emails

Iranian hackers access unsecured HMI at Israeli Water Facility

Experts warn of China-linked APT’s Raptor Train IoT Botnet

58% of all nation-state attacks in the last year were launched by Russian nation-state actors

Cybersecurity agencies published a joint LockBit ransomware advisory

FBI and CISA warn of attacks by Rhysida ransomware gang

The State of Content Management in 2020 [Expert Tips & Research]

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

The IoT Cybersecurity Act of 2020: Implications for Devices

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

A Russian national charged for committing LockBit Ransomware attacks

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Stay Connected