Analysis and Education - Information Management Today

Analysis: Cyberthreats in the Educational Sector Worldwide

Data Breach Today

SEPTEMBER 18, 2020

Check Point Researchers Identify Increases in DDoS Attacks, Other Threats Check Point Research analysts have observed a significant rise in cyberthreats on the educational sector worldwide since July. DDoS attacks have surged in the U.S., while European institutions have been hit by ransomware.

Education

Education Ransomware

Experts warn of surge in DDoS attacks targeting education institutions

Security Affairs

SEPTEMBER 15, 2020

Experts warn of a surge in the DDoS attacks against education institutions and the academic industry across the world. The DDoS attacks are causing severe issues to the targeted education institutions such as temporarily takedown of the network and online classes. Most of the attacks targeted educational institutions in the U.S.,

Education

Education Ransomware Security IT

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. ” reads the analysis published by Carbon Black Managed Detection & Response team.

Education

Education Government Business Services Archiving

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Malicious file analysis – Example 01

Security Affairs

AUGUST 9, 2022

Cyber Security Specialist Zoziel Pinto Freire shows an example of malicious file analysis presented during his lecture on BSides-Vitória 2022. My objective with this series of articles is to show examples of malicious file analysis that I presented during my lecture on BSides-Vitória 2022. Static Analysis x Dynamic Analysis.

Libraries

Libraries Metadata Education Security

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. ” reads the report published by Akamai.

Education

Education Government Libraries Mining

Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization

Security Affairs

AUGUST 19, 2019

A study conducted by researchers at Cyjax revealed that organizations expose sensitive data via sandboxes used for malware analysis. Experts at the threat intelligence firm Cyjax analyzed file uploaded by organizations via malware analysis sandboxes and discovered that they were exposing sensitive data. Pierluigi Paganini.

Military

Military Insurance Education Phishing

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

Security Affairs

APRIL 29, 2023

. “Without the correct byte map, the encrypted shellcode, including all components and relevant data, cannot be correctly decrypted, making decryption and analysis of the shellcode more time-consuming for analysts.” ” reads the analysis published by Trend Micro.

Encryption

Encryption Passwords Education Communications

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Security Affairs

JUNE 24, 2021

The malware was recently employed in attacks against large US schools and education organizations. . “Healthcare and education organizations also host large volumes of sensitive data, making them more valuable targets. The Trojan leverages the gobfuscate GoLang tool for obfuscation.

Ransomware

Ransomware Education Cybersecurity Government

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

The ransomware was originally written in Go language and was employed in attacks aimed at healthcare and education sectors in countries like Thailand and Indonesia. ” reads the analysis published by Trend Micro. This tactic also allows for avoiding detections based on the analysis of read/write file operations.

Ransomware

Ransomware Encryption Passwords Education

Expert launched Malvuln, a project to report flaws in malware

Security Affairs

JANUARY 15, 2021

The news was first announced by SecurityWeek, the researcher explained that Malvuln is the first website dedicated to research and analysis of vulnerabilities in malware samples. However, none dedicated to research and analysis of vulnerabilities within Malware samples… until now. ” wrote the expert. ” wrote the expert.

Education

Education Security IT Information Security

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. ” reads the analysis published by SecurityScorecard.

e-Discovery

e-Discovery Communications Ransomware Government

Cyberattack Disrupts Michigan School District for 2nd Day

Data Breach Today

SEPTEMBER 22, 2022

K-12 Educational Sector Is a Target for Ransomware Gangs School is out for more than 3,000 students of a suburban Detroit district undergoing its second day of forensics analysis following a cyberattack. Students have been told not to use district-issued Chromebooks.

Education

Education Ransomware IT

SysJoker, a previously undetected cross-platform backdoor made the headlines

Security Affairs

JANUARY 12, 2022

The experts spotted a Linux variant of the backdoor in December while investigating an attack against an educational institution. The analysis of the C2 domain registration and samples found in VirusTotal suggests that the SysJoker has been active at least since the second half of 2021. . ” reads the report published by Intezer.

Education

Education Ransomware Security IT

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security Affairs

MAY 26, 2022

Horizon3 security researchers have released a proof-of-concept (PoC) exploit and technical analysis for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. VMware did not provide technical details about the flaw, then Horizon3 researchers performed an analysis of the patch. .

Authentication

Authentication Cybersecurity Access Education

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Security Affairs

NOVEMBER 7, 2023

Iran-linked Agonizing Serpens group (aka Agrius , BlackShadow , Pink Sandstorm , DEV-0022 ) has been targeting Israeli organizations in higher education and tech sectors with destructive cyber attacks since January 2023. Based on our telemetry, the most targeted organizations belong to the education and technology sectors.”

Education

Education Ransomware Security Access

Crooks target US universities with malware used by nation-state actors

Security Affairs

APRIL 26, 2020

. “Messages arrive obfuscated as adult dating lures requesting the user to choose between one of two pictures to connect with by clicking the link under their picture,” reads the analysis published by Proofpoint. In this case, cybercriminals repurposed an attack tool leveraged by state-sponsored threat actors among other.

Phishing

Phishing Education Access Cybersecurity

Thousands Zoom credentials available on a Dark Web forum

Security Affairs

APRIL 12, 2020

“An analysis of the database revealed that aside from personal accounts, there were many corporate accounts belonging to banks, consultancy companies, educational facilities, healthcare providers, and software vendors, amongst others. ” reads the report published by security firm IntSights. ” concludes the report.

Phishing

Phishing Archiving Passwords Data breaches

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

MARCH 28, 2019

This campaign was carried out by threat actors impersonating an educational accreditation council to hit users in the United States. The attackers used decoy documents apparently coming from the Council on Social Work Education (CSWE), a US association representing social work education. ” continues the analysis.

Archiving

Archiving File names Education Libraries

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

APRIL 1, 2020

” reads the analysis published by Guardicore. The botnet tatgeted victims in various industries, including healthcare, aviation, IT & telecommunications and higher education sectors. ” continues the analysis. and Windows Script Host Object Model (wshom).

Mining

Mining Passwords Education Cybersecurity

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments. The analysis of the C2 infrastructure revealed that it dates back to 2020.

Retail

Retail Education Communications Government

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Silk Typhoon targets multiple sectors worldwide, including information technology (IT) services and infrastructure, remote monitoring and management (RMM) companies, managed service providers (MSPs) and affiliates, healthcare, legal services, higher education, defense, government, non-governmental organizations (NGOs), and energy.

Energy and Utilities

Energy and Utilities IT Cloud Passwords

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Healthcare

Healthcare Phishing Archiving Education

DePriMon downloader uses a never seen installation technique

Security Affairs

NOVEMBER 21, 2019

The group is very sophisticated and used zero-day exploits and complex malware to conduct targeted attacks against governments and organizations in almost every industry, including financial, energy, telecommunications, and education, aerospace. ” reads the analysis. “The described installation technique is unique.

Communications

Communications Encryption Education Authentication

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

” states the analysis published by FireEye. The groups targeted organizations in the business services, financial, health, retail/consumer, aero-military, engineering and manufacturing, government, education, transportation, and utilities industries.

Manufacturing

Manufacturing Phishing Military Retail

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

Security Affairs

OCTOBER 16, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. ” reads the analysis published by Microsoft. ” reads the analysis published by Microsoft.

Ransomware

Ransomware Education Encryption Access

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

.” continues the analysis. Kaspersky reported attacks against entities in multiple industries, including education, chemical manufacturing, governmental research centers and policy institutes, IT service providers, utility providers and telecommunications.

Manufacturing

Manufacturing Education Encryption IT

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

Security Affairs

OCTOBER 13, 2018

” reads the analysis published by Palo Alto Networks. Network traffic analysis revealed the infected Windows hosts connect to [osdsoft[.]com] This campaign uses legitimate activity to hide distribution of cryptocurrency miners and other unwanted programs,” concludes the analysis. com] via HTTP POST request.

File names

File names Education Cloud Risk

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The victims of the group are “targets of opportunity.” Rhysida actors heavily leveraged this tool for lateral movement and remote execution.

Ransomware

Ransomware Manufacturing Education Passwords

‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals

Security Affairs

NOVEMBER 1, 2018

” reads the analysis published by Talos. When these kinds of spam campaigns make it into users’ email inboxes, many of them may not be educated enough to identify that it’s a scam designed to make them give away their bitcoins.” 30, 2018 through Oct. 26, 2018 — 58 days’ worth of spam.”

Data breaches

Data breaches Education Archiving Phishing

British Council exposed 144,000 files containing student details?

Security Affairs

FEBRUARY 1, 2022

The British Council is a British organisation specialising in international cultural and educational opportunities. It operates in over 100 countries: promoting a wider knowledge of the United Kingdom and the English language; encouraging cultural, scientific, technological and educational co-operation with the United Kingdom.

Education

Education Phishing GDPR Passwords

Personal Data and docs of Swiss town Rolle available on the dark web

Security Affairs

AUGUST 26, 2021

” According to the investigation published by the Le Temps daily this week, the attack was discovered on May 30, experts involved in the analysis defined the documents as “personal and extraordinarily sensitive.” The criminals have posted internal and confidential documents on Darknet, as research by Watson shows.”

Personal data

Personal data Ransomware Data breaches Education

Multi-platform Tycoon Ransomware employed in targeted attacks

Security Affairs

JUNE 5, 2020

The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and institutions in the education and software industries. ” reads the analysis published by BlackBerry. ”continues the analysis. ” concludes the analysis.

Ransomware

Ransomware Encryption Archiving Education

Google fixed the first Chrome zero-day of 2023

Security Affairs

APRIL 14, 2023

The vulnerability was reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11. Reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11” reads the advisory published by Google. The vulnerability is a Type Confusion issue that resides in the JavaScript engine V8.

Libraries

Libraries Education Cybersecurity Security

Google fixed the second actively exploited Chrome zero-day of 2023

Security Affairs

APRIL 19, 2023

The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023. Reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-12 [$1000][ 1430644 ] Medium CVE-2023-2137: Heap buffer overflow in sqlite.

Libraries

Libraries Education Access Security

Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers

Security Affairs

JULY 25, 2024

The flaw was reported by: Peter Girnus (gothburz) of Trend Micro’s Zero Day Initiative with Trend Micro dwbzn with Aura Information Security Dima Lenz and Vlad Stolyarov of Google’s Threat Analysis Group Microsoft addressed the flaw with the release of Patch Tuesday Security updates for February 2024. with booby-trapped files.

Education

Education Security Information Security Cybersecurity

Crooks target US universities with malware used by nation-state actors

Security Affairs

APRIL 26, 2020

. “Messages arrive obfuscated as adult dating lures requesting the user to choose between one of two pictures to connect with by clicking the link under their picture,” reads the analysis published by Proofpoint. In this case, cybercriminals repurposed an attack tool leveraged by state-sponsored threat actors among other.

Phishing

Phishing Education Access Cybersecurity

WS_FTP flaw CVE-2023-40044 actively exploited in the wild

Security Affairs

OCTOBER 2, 2023

“From our analysis of WS_FTP, we found that there are about 2.9k Most of these online assets belong to large enterprises, governments and educational institutions.” ” continues Assetnote. hosts on the internet that are running WS_FTP (and also have their webserver exposed, which is necessary for exploitation).

Authentication

Authentication Cybersecurity Education Government

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Security Affairs

NOVEMBER 8, 2021

During that window, the actor successfully compromised at least nine global entities across the technology, defense, healthcare, energy and education industries.” ” reads the analysis published by Palo Alto Networks. ” continues the analysis. Subsequently, exploitation attempts began on Sept.

Communications

Communications Blockchain Passwords Financial Services

FIN12 ransomware gang don’t implement double extortion to prioritize speed

Security Affairs

OCTOBER 7, 2021

” reads the analysis published by the researchers. ” The analysis of the victimology revealed that almost 85 percent of observed targeted organizations have been based in North America and the healthcare is the most frequently targeted industry, followed by education.

Ransomware

Ransomware Encryption Education Risk

Unprotected Elasticsearch DB exposed 33 Million job profiles in China

Security Affairs

MARCH 17, 2019

The expert discovered the Elasticsearch database using the Shodan search engine, the 57GB archive included a username, gender, age, current city, home address, email address, phone number, marriage status, job history, education history, and salary history.

Archiving

Archiving Education Security Data breaches

New ‘PyXie’ Python RAT targets multiple industries

Security Affairs

DECEMBER 9, 2019

” reads the analysis published by Cylance. “Analysts have observed evidence of the threat actors attempting to deliver ransomware to the healthcare and education industries with PyXie.” ” continues the analysis.

Education

Education Encryption Ransomware Communications

Expert publishes PoC exploit code for Microsoft Exchange flaws

Security Affairs

MARCH 11, 2021

“We understand that the publication and distribution of proof of concept exploit code has educational and research value to the security community, and our goal is to balance that benefit with keeping the broader ecosystem safe,” the spokesperson said in an email sent to the Vice.

Education

Education Access Security IT

New XORDDoS, Kaiji DDoS botnet variants target Docker servers

Security Affairs

JUNE 24, 2020

XORDDoS, also known as XOR.DDoS , first appeared in the threat landscape in 2014 it is a Linux Botnet that was employed in attacks against gaming and education websites with massive DDoS attacks that reached 150 gigabytes per second of malicious traffic. ” reads the analysis published by Trend Micro.

IoT

IoT Education Security Communications

Your PCI-DSS v4.0 Roadmap: Charting a Course of Education, Analysis & System Enhancements

Thales Cloud Protection & Licensing

JULY 4, 2024

Roadmap: Charting a Course of Education, Analysis & System Enhancements josh.pearson@t… Thu, 07/04/2024 - 07:00 The Payment Card Industry Data Security Standard (PCI-DSS) v4.0 From Knowledge to Action: Education, Gap Analysis, and Your PCI-DSS 4.0 Your PCI-DSS v4.0 PCI-DSS v 4.0 Schema studio THALES BLOG Your PCI-DSS v4.0

Education

Education Compliance Cloud Customer Experience

Analysis: Cyberthreats in the Educational Sector Worldwide

Experts warn of surge in DDoS attacks targeting education institutions

Webinars

Trending Sources

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Webinars

Malicious file analysis – Example 01

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Experts spotted a variant of the Agenda Ransomware written in Rust

Expert launched Malvuln, a project to report flaws in malware

China’s Volt Typhoon botnet has re-emerged

Cyberattack Disrupts Michigan School District for 2nd Day

SysJoker, a previously undetected cross-platform backdoor made the headlines

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Crooks target US universities with malware used by nation-state actors

Thousands Zoom credentials available on a Dark Web forum

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

New Agent Raccoon malware targets the Middle East, Africa and the US

China-linked APT Silk Typhoon targets IT Supply Chain

Financially motivated Earth Lusca threat actors targets organizations worldwide

DePriMon downloader uses a never seen installation technique

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

FBI and CISA warn of attacks by Rhysida ransomware gang

‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals

British Council exposed 144,000 files containing student details?

Personal Data and docs of Swiss town Rolle available on the dark web

Multi-platform Tycoon Ransomware employed in targeted attacks

Google fixed the first Chrome zero-day of 2023

Google fixed the second actively exploited Chrome zero-day of 2023

Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers

Crooks target US universities with malware used by nation-state actors

WS_FTP flaw CVE-2023-40044 actively exploited in the wild

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

FIN12 ransomware gang don’t implement double extortion to prioritize speed

Unprotected Elasticsearch DB exposed 33 Million job profiles in China

New ‘PyXie’ Python RAT targets multiple industries

Expert publishes PoC exploit code for Microsoft Exchange flaws

New XORDDoS, Kaiji DDoS botnet variants target Docker servers

Your PCI-DSS v4.0 Roadmap: Charting a Course of Education, Analysis & System Enhancements

Stay Connected