2022, Education and Security - Information Management Today

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security Affairs

MAY 26, 2022

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. The virtualization giant recently warned that a threat actor can exploit the CVE-2022-22972 flaw (CVSSv3 base score of 9.8) using CVE-2022-22972. states VMware.

Authentication

Authentication Cybersecurity Access Education

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028. The vulnerability CVE-2022-38028 was reported by the U.S.

Military

Military File names Education Phishing

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education

Education Ransomware Encryption Communications

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022.

e-Discovery

e-Discovery Communications Ransomware Government

Google banned 173k developer accounts in 2022

Security Affairs

MAY 1, 2023

In 2022, Google prevented 1.43 million policy-violating applications from being published on Google Play in 2022. Google announced that its successes are the results of improved security features and policy enhancements in combination with its continuous investments in machine learning systems and app review processes.

Education

Education Security Privacy IT

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

The Threat Report Portugal: H2 2022 compiles data collected on the malicious campaigns that occurred from July to December, H2, 2022. The Threat Report Portugal: Q3 & Q4 2022 compiles data collected on the malicious campaigns that occurred from Jully to December, Q3 and Q4, 2022. in Q2 2022. in Q2 2022.

Phishing

Phishing Data collection Retail Security awareness

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Education Cybersecurity Risk

Ransomware attacks hit 105 US local governments in 2022

Security Affairs

JANUARY 2, 2023

In 2022, ransomware attacks targeted 105 state or municipal governments or agencies in the US, reads a report published by Emsisoft. The only local government known to have paid a ransom in 2022 was Quincy, MA., The post Ransomware attacks hit 105 US local governments in 2022 appeared first on Security Affairs.

Ransomware

Ransomware Government Education Encryption

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

Security Affairs

JUNE 29, 2022

The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top 25 most common and dangerous weaknesses, it could help organizations to assess internal infrastructure and determine their surface of attack. SecurityAffairs – hacking, 2022 CWE Top 25).

Authentication

Authentication Education Security Cybersecurity

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. ” reads the report published by Akamai.

Education

Education Government Libraries Mining

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Security Affairs

APRIL 18, 2023

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. The researchers discovered that in 2022, NSO Group customers used at least three iOS 15 and iOS 16 zero-click exploit chains against civil society targets worldwide. ” reads the report. ” reads the report.

Military

Military Risk Education Security

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI has observed incidents of stolen higher education credential information posted on publically accessible online forums or listed for sale on criminal marketplaces. “If

Sales

Sales Education Phishing Passwords

Security Affairs newsletter Round 353

Security Affairs

FEBRUARY 13, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 353 appeared first on Security Affairs. US seizes $3.6 US seizes $3.6 Pierluigi Paganini.

Security

Security Ransomware Data breaches Education

SAP April 2023 security updates fix critical vulnerabilities

Security Affairs

APRIL 12, 2023

SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. The complete list of the notes is reported in the latest security bulletin : SAP administrators are urged to apply the available security patches as soon as possible.

Security

Security Education Passwords Authentication

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

The company disclosed the security incident after the ransomware gang BianLian listed the organization on its Tor leak site. The organization notified law enforcement agencies and is working with external cyber security experts to investigate the security breach.

IT

IT Ransomware Education Data breaches

Sophos patches three issues in the Sophos Web Security appliance, one of them rated as critical

Security Affairs

APRIL 10, 2023

The company also addressed a high-severity code execution issue, tracked as CVE-2022-4934. All the above vulnerabilities were discovered and responsibly disclosed to Sophos by external security researchers via the Sophos bug bounty program. Sophos Web Appliance will reach end-of-life (EoL) status on July 20, 2023.

Security

Security Education Cybersecurity IT

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

The IT giant has seized the domains used by the threat actors employed in its attacks aimed at organizations in tech, transportation, government, and education sectors located in the U.S., The court filings can be found here: [link] — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022. Middle East, and India. Pierluigi Paganini.

Phishing

Phishing Manufacturing Education Cybersecurity

The first iPhone Rapid Security Response update released by Apple fails to install

Security Affairs

MAY 2, 2023

Apple has released its first Rapid Security Response update, but many iPhone users reported problems during the installation of the iOS Security Response. On June 2022, Apple announced that the Rapid Security Response feature would be available starting with iOS 16.4.1, ” “iOS Security Response 16.4.1 (a)

Security

Security Libraries Education Cybersecurity

Western Digital took its services offline due to a security breach

Security Affairs

APRIL 3, 2023

Western Digital disclosed a security breach, according to the company an unauthorized party gained access to multiple systems. Western Digital has shut down several of its services after discovering a security breach, the company disclosed that an unauthorized party gained access to multiple systems. We apologize for any inconvenience.

IT

IT Security Cloud Ransomware

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. Today MSI confirmed the security breach, it confirmed that threat actors had access to some of its information service systems.

Ransomware

Ransomware Security Manufacturing Cybersecurity

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! billion rubles.

Security

Security Computer and Electronics Ransomware Marketing

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Security Affairs

APRIL 23, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Cybersecurity

Google researchers found multiple security issues in Intel TDX

Security Affairs

APRIL 25, 2023

Google Cloud Security and Project Zero researchers found multiple vulnerabilities in the Intel Trust Domain Extensions (TDX). Google Cloud Security and Project Zero researchers, working with Intel experts, discovered multiple vulnerabilities in the Intel Trust Domain Extensions (TDX). ” reads the report released by Google.

Security

Security Cloud Education Cybersecurity

What the Email Security Landscape Looks Like in 2023

Security Affairs

MAY 12, 2023

Email-based threats have become increasingly sophisticated, how is changing the Email Security Landscape? Recently, VIPRE Security Group published their Email Security in 2023 report , where they shared insights on the development of email-based threats and how they can impact organizations. It’s not likely to stop there.

Security

Security Phishing B2B Data breaches

News alert: Security Journey accelerates secure coding training platform enhancements

The Last Watchdog

JULY 13, 2023

Pittsburgh, PA – July 13, 2023 – Security Journey, a best-in-class application security education company, has today announced an acceleration of its secure coding training platform enhancements. undergraduate computer science programs mandate courses in application security.

Security

Security Education Communications Libraries

Fortinet fixed a critical vulnerability in its Data Analytics product

Security Affairs

APRIL 13, 2023

Fortinet has addressed a critical vulnerability, tracked as CVE-2022-41331 (CVSS score of 9.3), in its Fortinet FortiPresence data analytics solution. FortiSandbox / FortiDeceptor – Improper profile-based access control over APIs CVE-2022-41330 (CVSS score of 8.3)

Analytics

Analytics IT Authentication Education

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Nominate Pierluigi Paganini and Security Affairs here here: [link] Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. We are in the final !

Security

Security Data breaches Ransomware Artificial Intelligence

Researchers disclose critical sandbox escape bug in vm2 sandbox library

Security Affairs

APRIL 9, 2023

The flaw was reported by the security researcher Seongil Wi from South Korean security firm KAIST WSP Lab. In October 2022, VM2 maintainers addressed another critical sandbox escape vulnerability tracked as CVE-2022-36067. vm2 is a sandbox that can run untrusted code in an isolated context on Node.js

Libraries

Libraries File names Education Cybersecurity

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023. appeared first on Security Affairs.

Government

Government Manufacturing Education Access

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Security Affairs

SEPTEMBER 20, 2024

The threat actor has been active since July 2022, it was observed targeting organizations in the education, healthcare, IT, and manufacturing sectors. Microsoft observed the financially motivated threat actor tracked as Vanilla Tempest using INC ransomware for the first time to target the healthcare sector in the United States.

Ransomware

Ransomware Manufacturing Education IT

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog. CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. CISA orders federal agencies to fix this flaw by April 20, 2023.

Cybersecurity

Cybersecurity Education Risk Security

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022.

Energy and Utilities

Energy and Utilities Communications Military Access

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement).

Ransomware

Ransomware Cybersecurity Agriculture Education

Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products?

Security Affairs

APRIL 13, 2023

The vulnerability was reported in December 2022 by Souvik Kandar, Arko Dhar of the Redinent Innovations team in India. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.” ” reads the advisory published by the company. On April 10, Hikvision released version 2.3.8-8

Education

Education Access Cybersecurity Security

Highline Public Schools school district suspended its activities following a cyberattack

Security Affairs

SEPTEMBER 11, 2024

The HPS took critical systems offline in response to the security incident. “We have detected unauthorized activity on our technology systems and have taken immediate action to isolate critical systems. In September 2022, one of the US largest School districts, the Los Angeles Unified School District, suffered a ransomware attack.

IT

IT Ransomware Education Security

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Cybersecurity Authentication

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

Researchers detailed a now-patched vulnerability that could allow a bypass of the Secure Boot mechanism in UEFI systems. ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024-7344 (CVSS score: 6.7), that could allow a bypass of the Secure Boot mechanism in UEFI systems. Computer Education System Inc.,

Security

Security Manufacturing Education IT

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.” In a filing with the U.S.

Phishing

Phishing Passwords Authentication Security

Researchers found DoS flaws in popular BGP implementation

Security Affairs

MAY 3, 2023

Potential Impact CVE-2022-40302 Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option. DoS CVE-2022-40318 Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option. This is a different issue from CVE-2022-40302.

Education

Education Security Cybersecurity IT

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926 , to its Known Exploited Vulnerabilities Catalog. The CVE-2022-27926 flaw affects Zimbra Collaboration version 9.0.0, The CVE-2022-27926 flaw affects Zimbra Collaboration version 9.0.0,

IT

IT Military Phishing Passwords

Experts found the first LockBit encryptor that targets macOS systems

Security Affairs

APRIL 16, 2023

The MacOS variant has been available since November 11th, 2022. Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, LockBit ) The post Experts found the first LockBit encryptor that targets macOS systems appeared first on Security Affairs.

Archiving

Archiving Encryption Ransomware Education

The activity of the Linux XorDdos bot increased by 254% over the last six months

Security Affairs

MAY 20, 2022

XORDDoS , also known as XOR.DDoS , first appeared in the threat landscape in 2014 it is a Linux Botnet that was employed in attacks against gaming and education websites with massive DDoS attacks that reached 150 gigabytes per second of malicious traffic. Pierluigi Paganini. SecurityAffairs – hacking, domain name system).

Education

Education Access Cybersecurity Security

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 8, 2023

Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022. US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog.

IT

IT Ransomware Education Cybersecurity

VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root

Security Affairs

APRIL 20, 2023

The virtualization giant VMware released security updates to address two critical vulnerabilities, tracked as CVE-2023-20864 and CVE-2023-20865 , impacting the VMware Aria Operations for Logs product (formerly vRealize Log Insight).

Education

Education Cybersecurity Security Access

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Webinars

Trending Sources

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Webinars

China’s Volt Typhoon botnet has re-emerged

Google banned 173k developer accounts in 2022

Threat Report Portugal: Q3 & Q4 2022

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Ransomware attacks hit 105 US local governments in 2022

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs newsletter Round 353

SAP April 2023 security updates fix critical vulnerabilities

Save the Children confirms it was hit by cyber attack

Sophos patches three issues in the Sophos Web Security appliance, one of them rated as critical

Microsoft seized 41 domains used by Iran-linked Bohrium APT

The first iPhone Rapid Security Response update released by Apple fails to install

Western Digital took its services offline due to a security breach

MSI confirms security breach after Money Message ransomware attack

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Google researchers found multiple security issues in Intel TDX

What the Email Security Landscape Looks Like in 2023

News alert: Security Journey accelerates secure coding training platform enhancements

Fortinet fixed a critical vulnerability in its Data Analytics product

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Researchers disclose critical sandbox escape bug in vm2 sandbox library

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

FBI chief says China is preparing to attack US critical infrastructure

Cybersecurity agencies published a joint LockBit ransomware advisory

Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products?

Highline Public Schools school district suspended its activities following a cyberattack

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

When Low-Tech Hacks Cause High-Impact Breaches

Researchers found DoS flaws in popular BGP implementation

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Experts found the first LockBit encryptor that targets macOS systems

The activity of the Linux XorDdos bot increased by 254% over the last six months

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root

Stay Connected