Access, Education and Military - Information Management Today

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

MAY 30, 2022

Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. Yet, there’s still work to be done to make this path more accessible and known among the veteran and transitioning military community. This experience can also be helpful when training cybersecurity talent.

Cybersecurity

Cybersecurity Military Education Government

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

Also in attendance were Access Living, The College of Lake County, CyberSkills2Work, and Task Force Movement. Access Living is committed to launching an Independent Living Technology Program to address the gap in digital skills in the disability community to reach 150 disabled participants by the end of 2024. Chicago, Ill.,

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

Military

Military File names Education Phishing

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

Data Protection Report

MARCH 7, 2024

government, including the military and Intelligence Community.” government, including the military and Intelligence Community.” (at The IT services provided under the contract involve access to the medical facility’s systems containing the bulk personal health data. What types of data brokerage transactions are in-scope?

Access

Access Military Compliance Personal data

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. “the U.S. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Catches of the Month: Phishing Scams for March 2022

IT Governance

MARCH 8, 2022

The Ukrainian government and its military were targeted by DDoS (distributed denial-of-service) attacks, while a pro-Ukrainian group attacked the Belarusian railway system with ransomware after discovering that it was being used by Russia to transport tanks and weapons. Beware of remote access takeover scams.

Phishing

Phishing Military Access Education

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

What’s more, many proxy services do not disclose how they obtain access to the proxies they are renting out, and in many cases the access is obtained through the dissemination of malicious software that turns the infected system in a traffic relay — usually unbeknownst to the legitimate owner of the Internet connection. .

Cloud

Cloud Education Government Communications

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report.

Energy and Utilities

Energy and Utilities Military Government Phishing

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Merit is an acronym for the Michigan Educational Research Information Triad. Other hubs followed at military bases, other state universities and even a high school and a non-profit community arts and tech center. A key to this was persuading Merit Network , Ann Arbor-based nonprofit organization, to supply the infrastructure.

Cybersecurity

Cybersecurity Military Education Government

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Start by assessing what critical information your organization needs to protect and maintain access to in order to provide services. Educate employees. Many security programs focus on employee education (creating a strong password, being aware of phishing, etc.). Evaluate data inventory.

Passwords

Passwords Cybersecurity Education Phishing

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. All the user needs is a strong password to access to the data. But in certain cases the cloud is not readily accessible.

Encryption

Encryption Military Passwords Authentication

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

This oversight allowed the attacker to exploit the vulnerability without needing to access the GUI. The initial access to these compromised systems was likely through port 4566, typically used for high-availability (HA) pairing between Versa nodes. ” reads the advisory published by Versa Networks. victims and one non-U.S.

Energy and Utilities

Energy and Utilities Communications Authentication Access

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats.

IT

IT Military Phishing Passwords

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. “In 2021, APT28 used infrastructure to masquerade Simple Network Management protocol (SNMP) access into Cisco routers worldwide.”

Military

Military Access Cybersecurity Education

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In fact, the U.S.

Energy and Utilities

Energy and Utilities Communications Military Access

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs

APRIL 30, 2023

“Unauthorised access to these systems can cause serious damage to the satellite or lead to a loss of control over its mission.” ” The Thales team demonstrated how to access the onboard system of the satellite, then used standard access rights to gain control of its application environment.

Cybersecurity

Cybersecurity Military Access Education

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Italian Military Personnel and National Association of Professional Educators. Italian Military Personnel and National Association of Professional Educators. Administrator Username & Password To Access Archive: [link]. Military Personnel. National Association of Professional Educators.

Passwords

Passwords Archiving Mining Education

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Systems administration

Systems administration Military Phishing Government

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

Security Affairs

APRIL 21, 2023

The organisation works with national authorities, air navigation service providers, civil and military airspace users, airports, and other organisations. A senior Eurocontrol official told The Wall Street Journal , that the Pro-Russia hackers cannot access systems for aviation safety because these systems are air-gapped.

Military

Military Education Access Cybersecurity

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Endpoint: Enables access for human users and computer services and commonly includes PCs, laptops, Internet of Things (IoT), and operational technology (OT). Security Elements Security elements protect each element within the network, network access, and the data transmissions. or segregated as cloud or network attached storage (NAS).

Security

Security Cloud Cybersecurity Access

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

JUNE 22, 2020

Expand the definition of a breach to include login credentials, meaning “a consumer’s user name or e-mail address, in combination with a password or an answer to a security question, that together permit access to an online account.” The law is enforceable by the Vermont Attorney General.

Data breaches

Data breaches Privacy Education Data Privacy

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

Security Affairs

APRIL 19, 2023

“Microsoft assesses that Mint Sandstorm is associated with an intelligence arm of Iran’s military, the Islamic Revolutionary Guard Corps (IRGC), an assessment that has been corroborated by multiple credible sources including Mandiant , Proofpoint , and SecureWorks.” ” reads the report published by Microsoft.

Energy and Utilities

Energy and Utilities Military Education Phishing

China Issues Draft Data Security Law

Hunton Privacy

JULY 7, 2020

The Draft includes seven sections and 55 articles in total, covering data security and industrial development, the data security regulatory system, data security protection obligations and government data security and access. The Central Military Commission will develop the measures regulating military Data Activities.

Security

Security Military Government Risk

List of Data Breaches and Cyber Attacks in September 2022 – 35.6 Million Records Breached

IT Governance

OCTOBER 3, 2022

If you’re facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process. million).

Data breaches

Data breaches Ransomware Education Phishing

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

However, the attackers chose a domain name that gives the impression of a connection to the South African military. Alloy Taurus is known for leveraging the SoftEther VPN service to facilitate access and maintain persistence to their targeted network. Experts added that the IP 196.216.136[.]139 139 resolved to vpn729380678.softether[.]net

Communications

Communications Military Government Libraries

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM Russia-linked APT group is compromising common IoT devices to gain access to several corporate networks. Researchers at Microsoft observed the Russia-linked APT group STRONTIUM abusing IoT devices to gain access to several corporate networks. ” reads the analysis published by Microsoft. ” continues Microsoft.

IoT

IoT Military Access Education

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The group has continued launching attacks against entities in Southeast Asia, including military, satellite communications, media and educational organizations. Sagerunex is a custom backdoor providing remote access to the attackers, while Catchamas is a custom-build Trojan used in targeted attacks to steal information.

Military

Military Communications Government Education

Biden AI Order Enables Agencies to Address Key Risks

Hunton Privacy

OCTOBER 31, 2023

AI use by the military and intelligence community. The National Security Council and White House Chief of Staff will develop a National Security Memorandum to guide safe and ethical use of AI by the military and intelligence community. The Administration will also support the expansion of AI-enabled tools in education.

Risk

Risk Artificial Intelligence Privacy Military

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

IT Governance

APRIL 22, 2024

GhostR says it obtained the records from a Singapore-based company with access to the database. Mobile Guardian, which is used to help parents manage their children’s device usage, was hacked on 19 April, according to the Singaporean Ministry of Education. Account records from the United States were also accessed.

Data Privacy

Data Privacy Privacy Manufacturing Security

Finding Family in Images of Liberation at Buchenwald

Unwritten Record

JANUARY 26, 2021

The record, part of Record Group 111: Records of the Office of the Chief Signal Officer, 1860-1985 , was filmed by Signal Corps members attached to military units tasked with rehabilitating and relocating liberated camp survivors. It is rare to locate and positively identify specific people who appear in the footage shot by the US military.

Military

Military Archiving Education Government

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

Source (New) Real estate USA Yes 46,906 Hampton-Newport News Community Services Board Source 1 ; source 2 ; source 3 (New) Healthcare USA Yes 44,312 Air Methods Source 1 ; source 2 (New) Healthcare USA Yes 34,016 GREYHOURS Source (New) Retail France Yes 18,700 Groveport Madison Schools Source 1 ; source 2 ; source 3 (Update) Education USA Yes 15.5

Data Privacy

Data Privacy Privacy Manufacturing Security

Driving Conversations Around Careers In Telematics

Information Governance Perspectives

APRIL 5, 2023

In 2015, he successfully transitioned from a military career as a trial attorney for the JAG Corps to working in telematics in corporate America for State Farm Insurance. In the military, he got his first exposure to telematics when they asked him what he wanted to do after being a prosecutor, and he exclaimed, “convoys!”

Insurance

Insurance Military Manufacturing Artificial Intelligence

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

KnowBe4

APRIL 4, 2023

The voices of third sector representatives (NGOs, foundations, and educational institutions) are considered by government officials when justifying policy positions and determining how resources and political capital are spent. Education about cybersecurity needs to start early," Karabin says. Erika has been a pleasure to work with.

Phishing

Phishing Security awareness Cybersecurity Education

Preservica - 2022 highlights & momentum looking ahead

Preservica

DECEMBER 29, 2022

Preserving our digital memory is the backbone of how we educate ourselves, advocate for change, and support each other and our institutions for future generations to come. Collections Manager at the Military Women’s Memorial , Amy Poe, faced a wide range of challenges in making their collections easily accessible and secure online.

Digital preservation

Digital preservation Archiving Records Management e-Discovery

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

billion rubles. billion rubles.

Security

Security Computer and Electronics Ransomware Marketing

List of data breaches and cyber attacks in May 2020 – 8.8 billion records breached

IT Governance

JUNE 1, 2020

Hackers exploit vulnerability to access email accounts of Estonian dignitaries (unknown). GoDaddy notifies users after hacker accesses its servers (unknown). Russian military accessed Chancellor Angela Merkel’s emails in 2015 hack (unknown). Online education site EduCBA discloses data breach after hack (unknown).

Data breaches

Data breaches Ransomware Computer and Electronics e-Delivery

A Framework for Remembrance: NARA Contributes Holocaust Films to EU Project

Unwritten Record

NOVEMBER 15, 2022

The project, called Visual History of the Holocaust (VHH), is multi-faceted, with goals of providing access to the footage itself and and tools to analyze the images and curate collections for research and education. . Those reels are a significant part of a major project funded by the European Union’s Horizon 2020 program.

Libraries

Libraries Archiving Military Education

The Production File Tells the Story: How “Death Mills” Came to U.S. Audiences

Unwritten Record

JANUARY 23, 2024

Signal Corps cameramen recorded the conditions, the dead, and the survivors at Dachau and other liberated camps as a record of events, for troop education, use in war crimes trials , and for other educational purposes. In all, the National Archives holds 228 reels of this film, comprising 200,000 feet, or more than 37 hours of footage.

Education

Education Authentication Archiving Military

Court Denies Criminal Defendant’s Motion to Suppress Evidence Obtained via Warrantless Search: eDiscovery Case Law

eDiscovery Daily

DECEMBER 1, 2019

Immergut denied the defendant’s motion to suppress emails and evidence derived from a warrantless search of Defendant’s workplace email account, finding “any expectation of privacy in Defendant’s work email was objectively unreasonable under the military’s computer-use policies in effect at his workplace.”. Case Background.

Computer and Electronics

Computer and Electronics Military Privacy Government

Jen Easterly Takes Charge of CISA At Black Hack USA 2021

ForAllSecure

AUGUST 18, 2021

She is a daughter of a military father and so she went to West Point Academy, as one of the first female cadets. So the whole idea is we make cybersecurity careers more accessible so that more people can see themselves in assignment.". Easterly began by presenting her bio. She later returned to West Point to teach.

Cybersecurity

Cybersecurity Mining Military Education

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

KG operating with limited service after cyber attack (unknown) Morley Companies, Inc.

Data breaches

Data breaches Ransomware Government Blockchain

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Last Watchdog

NOVEMBER 28, 2018

Michigan is cultivating a collection of amazing cybersecurity training facilities, called Cyber Range hubs, that are shining models for what’s possible when inspired program leaders are given access to leading-edge resources, wisely supplied by public agencies and private foundations. He’s now hacking cars for a living,” Galea says.

Cybersecurity

Cybersecurity Systems administration Military Manufacturing

If it’s not written down… how does black history survive beyond the archive?

CILIP

OCTOBER 14, 2024

I also understood that access to personal history, even the personal history of a close family member is not a given. I think that for some people, accessing family history is made more difficult by the fact that sometimes that history is wrapped up in trauma.

Archiving

Archiving Military IT Libraries

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Webinars

Trending Sources

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

Webinars

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Catches of the Month: Phishing Scams for March 2022

Stark Industries Solutions: An Iron Hammer in the Cloud

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

FBI chief says China is preparing to attack US critical infrastructure

White hat hackers showed how to take over a European Space Agency satellite

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

Network Security Architecture: Best Practices & Tools

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

China Issues Draft Data Security Law

List of Data Breaches and Cyber Attacks in September 2022 – 35.6 Million Records Breached

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Biden AI Order Enables Agencies to Address Key Risks

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

Finding Family in Images of Liberation at Buchenwald

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

Driving Conversations Around Careers In Telematics

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

Preservica - 2022 highlights & momentum looking ahead

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

List of data breaches and cyber attacks in May 2020 – 8.8 billion records breached

A Framework for Remembrance: NARA Contributes Holocaust Films to EU Project

The Production File Tells the Story: How “Death Mills” Came to U.S. Audiences

Court Denies Criminal Defendant’s Motion to Suppress Evidence Obtained via Warrantless Search: eDiscovery Case Law

Jen Easterly Takes Charge of CISA At Black Hack USA 2021

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

If it’s not written down… how does black history survive beyond the archive?

Stay Connected