2024, Education and Security - Information Management Today

Pennsylvania State Education Association data breach impacts 500,000 individuals

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. PSEA is affiliated with the National Education Association (NEA).

Education

Education Data breaches Passwords Insurance

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” reads the report published by Microsoft Threat Intelligence. “Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.”

Phishing

Phishing Authentication Access Government

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert Insight into Email Threats,” delves into the cutting-edge tactics and technologies embraced by cybercriminals this year. million as malicious.

Security

Security Phishing Communications Financial Services

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

Port of Seattle is notifying 90,000 people of a data breach after personal data was stolen in a ransomware attack in August 2024. In August 2024, a cyber attack hit the Port of Seattle , which also operates the Seattle-Tacoma International Airport. The attack impacted websites and phone systems. — Seattle-Tacoma Intl.

Data breaches

Data breaches Ransomware Manufacturing Education

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

22, 2024, CyberNewswire — INE Security offers essential advice to protect digital assets and enhance security. Warn “Small businesses face a unique set of cybersecurity challenges and threats and must be especially proactive with cybersecurity training,” said Dara Warn, CEO of INE Security. “At Cary, NC, Oct.

Security

Security Data breaches Passwords Cybersecurity

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024. The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors.

Ransomware

Ransomware Education Sales Government

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

e-Discovery

e-Discovery Communications Ransomware Government

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JULY 7, 2024

Every week the best security articles from Security Affairs are free in your email box. GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches

Data breaches Security Mining Education

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

The investigation began in early 2024 after data stolen from a Madrid business association was leaked on dark web cybercrime forums. “Following these events, and during 2024, various cyberattacks against other entities, public bodies and even Spanish universities took place.” ” continues the press release.

Data breaches

Data breaches Information Security Government Access

Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 2, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Ransomware Phishing

KnowBe4 Recognized as Cyber Security Educator of the Year at IT Europa Awards 2024

KnowBe4

JUNE 28, 2024

It's a great honor for KnowBe4 to be named the Cyber Security Educator of the Year at the prestigious IT Europa Channel Awards 2024.

Education

Education IT Security Security awareness

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. The BSI urges operators running vulnerable instances to install available security updates and configure them securely. In February 2024, the U.S.

Information Security

Information Security Cybersecurity Education Authentication

Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack

Security Affairs

SEPTEMBER 30, 2024

org pic.twitter.com/QvDTp7WTZk — Dominic Alvieri (@AlvieriD) June 7, 2024 The Community Clinic of Maui, also known as Mālama I Ke Ola Health Center, is a nonprofit healthcare organization dedicated to serving the Maui community. “On May 7, 2024, Malama experienced a cybersecurity incident that impacted connectivity to our network.”

Data breaches

Data breaches Ransomware Personal data Cybersecurity

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

•What should I be most concerned about – and focus on – in 2024? Hackers now leverage GenAI to launch targeted attacks that bypass traditional security systems. Hackers now leverage GenAI to launch targeted attacks that bypass traditional security systems. The comments we received were uniformly insightful and helpful.

Cybersecurity

Cybersecurity Phishing Authentication Analytics

Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections

Security Affairs

JULY 25, 2024

These details are alarming to the security community and private sector, and demand a proactive approach to combat this threat, including identifying precursors to it in the cyberspace. This activity was especially notable in Q2 2024, with new resources appearing at the beginning of Q3 2024.

Risk

Risk e-Delivery Communications Financial Services

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

AUGUST 28, 2024

The APT group conducted a cyber espionage campaign between April and July 2024 and used Microsoft’s Azure infrastructure for C2 infrastructure. The group also relied on social engineering efforts in attacks against organizations in the higher education, satellite, and defense sectors through LinkedIn.

IT

IT Education File names Passwords

It’s a wrap! Highlights from OpenText World 2024

OpenText Information Management

NOVEMBER 22, 2024

OpenText World 2024 took place in Las Vegas this week and offered more innovation, product announcements, training, learning, and networking than ever before. OpenText is focused at the application, infrastructure, supply chain, and security level and we have purposely designed our OpenText cloud platform for information management.

Cloud

Cloud Financial Services Education Marketing

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. National Security Agency and Microsoft addressed it with the release of Microsoft October 2022 Patch Tuesday security updates.

IT

IT Education Cybersecurity Risk

Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 11, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Marketing

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Security Affairs

SEPTEMBER 20, 2024

The threat actor has been active since July 2022, it was observed targeting organizations in the education, healthcare, IT, and manufacturing sectors. Microsoft observed the financially motivated threat actor tracked as Vanilla Tempest using INC ransomware for the first time to target the healthcare sector in the United States.

Ransomware

Ransomware Manufacturing Education IT

Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack

Security Affairs

SEPTEMBER 15, 2024

— Port of Seattle – (@PortofSeattle) August 24, 2024 Passengers were recommended to check with their airlines for the latest information for their flights. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Manufacturing Education Encryption

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

Researchers detailed a now-patched vulnerability that could allow a bypass of the Secure Boot mechanism in UEFI systems. ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024-7344 (CVSS score: 6.7), that could allow a bypass of the Secure Boot mechanism in UEFI systems. Computer Education System Inc.,

Security

Security Manufacturing Education IT

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

China-linked APT Volt Typhoon exploited a zero-day vulnerability, tracked as CVE-2024-39717 , in Versa Director, to deploy a custom webshell on breached networks. Versa Director servers between June 12 and mid-July 2024. ISP on June 12, 2024. Black Lotus Labs detected unusual traffic indicating the exploitation of several U.S.

Energy and Utilities

Energy and Utilities Communications Authentication Access

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. CISA orders federal agencies to fix this vulnerability CVE-2020-3259 by March 7, 2024. in attacks in the wild. This week the U.S.

Ransomware

Ransomware Education Cybersecurity Passwords

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware

Ransomware Education Phishing Government

Microsoft Announces Security Update with Windows Resiliency Initiative

eSecurity Planet

DECEMBER 4, 2024

Microsoft recently announced that they’re making changes to their Windows operating system to improve security and reliability. During the Ignite 2024 conference, Microsoft announced the Windows Resiliency Initiative to address these security concerns.

Security

Security Phishing Encryption Passwords

News alert: INE Security’s cybersecurity training service earns 2024 SC Excellence Award

The Last Watchdog

SEPTEMBER 18, 2024

18, 2024, CyberNewsWire — INE Security is proud to announce that it has been named a winner in the prestigious 2024 SC Awards, named Best IT Security-Related Training Program. This designation underscores INE Security’s commitment to excellence and leadership in the cybersecurity industry. Cary, NC, Sept.18,

Cybersecurity

Cybersecurity Education Financial Services Communications

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

has a business unit called Securence , which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. Internet/Securence says your email is secure. Hold Security founder Alex Holden said his researchers had unearthed a public link to a U.S.

Education

Education Data breaches Government Security

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Return here for more information at: 11:30 GMT on Tuesday 20th Feb” The Operation Cronos operation is still ongoing and NCA’s announced that more information will be published tomorrow, February 20, 2024. “The site is now under the control of law enforcement.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Highline Public Schools school district suspended its activities following a cyberattack

Security Affairs

SEPTEMBER 11, 2024

The HPS took critical systems offline in response to the security incident. “We have detected unauthorized activity on our technology systems and have taken immediate action to isolate critical systems. In March 2024, schools in Scranton, Pennsylvania, experienced a ransomware attack , resulting in IT outages.

IT

IT Ransomware Education Security

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

” said Bryan Vorndran, the Assistant Director at the FBI Cyber Division, during the 2024 Boston Conference on Cyber Security. This call to action comes after law enforcement took down LockBit’s infrastructure in February 2024 in an international operation dubbed “ Operation Cronos.” continues the NCA.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

Solid Data Security: The Foundation of a Safe Digital World

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

Solid Data Security: The Foundation of a Safe Digital World madhav Thu, 10/17/2024 - 04:58 It’s that time of year again. This year’s theme, “Secure Our World,” encourages people to safeguard the digital assets that are instrumental to their personal and professional lives. Oh, and it’s Cybersecurity Awareness Month. The result?

Security

Security Encryption Data breaches Cybersecurity

Low-Drama ‘Dark Angels’ Reap Record Ransoms

Krebs on Security

AUGUST 5, 2024

Security experts say the Dark Angels have been around since 2021, but the group doesn’t get much press because they work alone and maintain a low profile, picking one target at a time and favoring mass data theft over disrupting the victim’s operations. Securities and Exchange Commission (SEC) on February 21, 2024.

Ransomware

Ransomware Healthcare Insurance Cybersecurity

The state of secure information management: Strategies for securing access and protecting sensitive data

OpenText Information Management

NOVEMBER 27, 2024

But before then, we’ll be sharing proprietary research from the upcoming State of Secure Information Management where we explore strategies to enable secure access and protect sensitive data. This presents an opportunity for education and training programs in the industry. ET/5:00 p.m. We look forward to sharing the rest.

Access

Access Security Data Privacy Compliance

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

However, there’s still a long way to go to achieve deep interoperability of interconnected services in a way that preserves privacy and is very secure. Here are my takeaways: Matter picks up steam Frustration with smart home devices should be much reduced in 2024. Consumer awareness is growing and evolving. BIMI is a case in point.

Security

Security Manufacturing Authentication Marketing

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

” BleepingComputer first reported that the security breach was the result of an Akira ransomware attack. At present, Tietoevry cannot provide a definite timeframe for the complete restoration process due to the complexity of the security breach. The company later confirmed the news of an Akira ransomware attack.

Ransomware

Ransomware Government Retail Cloud

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Security Affairs

AUGUST 7, 2024

pic.twitter.com/542Wl9QIgw — Dominic Alvieri (@AlvieriD) August 7, 2024 It isn’t the first time that the Rhysida Ransomware group targeted a hospital. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Manufacturing Libraries Education

Your guide to OpenText DevOps: Maximize your software delivery skills at OpenText World 2024

OpenText Information Management

NOVEMBER 7, 2024

Elevate your approach to DevOps and embrace AI-driven transformation at OpenText World 2024. At OpenText World, you’ll dive into OpenText™ DevOps Cloud to accelerate development, simplify deployment, and ensure security. Register now We look forward to seeing you at OpenText World 2024 , Nov 18-21 at The Venetian Resort in Las Vegas.

Cloud

Cloud Education Security Access

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities

Energy and Utilities Military Government Phishing

Should Organizations Pay Ransom Demands?

Security Affairs

AUGUST 6, 2024

Ransomware attacks are the most significant risk for modern organizations, with the Verizon Data Breach Report 2024 reporting that ransomware is a top threat across 92% of industries. Ransomware attacks are the most significant risk for modern organizations, why organizations should avoid paying ransoms.

Ransomware

Ransomware Encryption Cybersecurity Risk

Cybercriminals are targeting elections in India with influence campaigns

Security Affairs

MAY 22, 2024

billion and a GDP of over 3.417 trillion USD, has become a prime target for cyberattacks during its general elections scheduled between 19 April and 1 June 2024. India, with a population of over 1.4 The campaigns are designed to sway voters’ opinions and undermine trust in the democratic process. Resecurity observed that the Ahadun-Ahad 2.0

Government

Government Cybersecurity Education Passwords

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

These laws aim to establish standards for securing data, ensuring privacy, and mitigating risks associated with digital information. By enforcing these regulations, governments seek to enhance the overall security posture of businesses and institutions, reduce the likelihood of cyber incidents, and promote trust in the digital ecosystem.

Cybersecurity

Cybersecurity Computer and Electronics Compliance Privacy

Mishing Is the New Phishing — And It’s More Dangerous

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded.

Phishing

Phishing Data breaches Education Risk

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

The Last Watchdog

JULY 11, 2023

Boston, July 7, 2023 — CybSafe, the human risk management platform, has today announced CEO Oz Alashe MBE has been named as a SecurityInfoWatch.com , Security Business and Security Technology Executive magazines’ 2023 Security Industry Innovator Award winner. We are developing intelligent software to help them.”

Security

Security Risk Education Marketing

Pennsylvania State Education Association data breach impacts 500,000 individuals

Storm-2372 used the device code phishing technique since August 2024

Webinars

Trending Sources

Unmasking 2024’s Email Security Landscape

Webinars

Port of Seattle ‘s August data breach impacted 90,000 people

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

Russian Phobos ransomware operator faces cybercrime charges

China’s Volt Typhoon botnet has re-emerged

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

KnowBe4 Recognized as Cyber Security Educator of the Year at IT Europa Awards 2024

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections

Iran-linked group APT33 adds new Tickler malware to its arsenal

It’s a wrap! Highlights from OpenText World 2024

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Microsoft Announces Security Update with Windows Resiliency Initiative

News alert: INE Security’s cybersecurity training service earns 2024 SC Excellence Award

U.S. Internet Leaked Years of Internal, Customer Emails

Operation Cronos: law enforcement disrupted the LockBit operation

Highline Public Schools school district suspended its activities following a cyberattack

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Solid Data Security: The Foundation of a Safe Digital World

Low-Drama ‘Dark Angels’ Reap Record Ransoms

The state of secure information management: Strategies for securing access and protecting sensitive data

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Your guide to OpenText DevOps: Maximize your software delivery skills at OpenText World 2024

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Should Organizations Pay Ransom Demands?

Cybercriminals are targeting elections in India with influence campaigns

2024 Cybersecurity Laws & Regulations

Mishing Is the New Phishing — And It’s More Dangerous

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

Stay Connected