Archiving, Education and Security - Information Management Today

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. The Powershell is used to retrieve a ZIP archive containing NetSupport RAT that. implacavelvideos[.]com).

Education

Education Government Business Services Archiving

Unwrapping the Archives

The Texas Record

DECEMBER 16, 2020

When most people think of archives, the first thing that comes to mind is Indiana Jones swinging on vines and storing artifacts in giant rooms. While that is an interesting popular image, the archives and archivists here at the Texas State Library and Archives Commission (TSLAC) are the protectors of documented history.

Archiving

Archiving Libraries Paper Access

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense , whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. So mistake number one is leaving Amazon credentials in your Git archive.

Encryption

Encryption Passwords Access Financial Services

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Italian Military Personnel and National Association of Professional Educators. Italian Military Personnel and National Association of Professional Educators. MassaCarrara Web Archives. Administrator Username & Password To Access Archive: [link]. State Archive of Palermo. Leaked Archive: [link].

Passwords

Passwords Archiving Mining Education

Decathlon Spain data leak exposed Spanish employees’ data & more

Security Affairs

FEBRUARY 25, 2020

The unsecure archive is greater than 9GB in size and was published on an ElasticSearch server. The experts discovered the database on February 12, 2020, and reported their discovery to Decathlon on February 16, the archive was security on February 17. ” reads the post published by vpnMentor. ” reported vpnMentor.

Archiving

Archiving Passwords Retail Education

7 Best Email Security Software & Tools in 2023

eSecurity Planet

OCTOBER 6, 2023

That makes email security software a worthwhile investment for organizations of all sizes. We analyzed the market for email security tools and software to arrive at this list of 7 top email security solutions, including their standout features, limitations and ideal use cases, followed by issues prospective buyers should consider.

Security

Security Phishing Compliance Cybersecurity

TrueDialog database leaked online tens of millions of SMS text messages

Security Affairs

DECEMBER 1, 2019

Millions of SMS messages have been leaked by a database run by TrueDialog, a business SMS provider for businesses and higher education providers. Security experts at vpnMentor discovered a database belonging to the US communications company, TrueDialog that was leaking millions of SMS messages. ” concludes vpnMentor.

Education

Education Marketing Archiving Passwords

Thousands Zoom credentials available on a Dark Web forum

Security Affairs

APRIL 12, 2020

Security researchers discovered an archive available on a dark web forum that includes thousands of compromised Zoom credentials. The archive included credentials for Zoom accounts belonging to organizations in various industries, including banking, consultancy, healthcare software companies. Pierluigi Paganini.

Phishing

Phishing Archiving Passwords Data breaches

Personal and social information of 1.2B people exposed on an open Elasticsearch install

Security Affairs

NOVEMBER 22, 2019

Security duo discovered personal and social information 1.2 The archive contained nearly 3 billion PDL user records associated with roughly 1.2 The archive included 650 million unique email addresses, the data belonging the three different PDL indexes were respectively scraped from LinkedIN (i.e. . billion unique people.

Archiving

Archiving Education Access Passwords

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

You will find docs with personal information of their employees in the archives and much other interested stuff like NDAs, projects, information about clients and partners etc. Nissan already notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre.

Ransomware

Ransomware Data breaches Financial Services Archiving

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

MARCH 28, 2019

The recently patched vulnerability affecting the popular archiver utility WinRAR has been exploited to deliver new malware to targeted users. The flaw is an “Absolute Path Traversal” issue in the library that could be exploited to execute arbitrary code by using a specially-crafted file archive.

Archiving

Archiving File names Education Libraries

Security Affairs newsletter Round 266

Security Affairs

MAY 31, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 266 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! NetWalker ransomware gang threatens to release Michigan State University files.

Security

Security Data breaches Ransomware Sales

Mysterious open database included ‘BreedReady’ status for 1.8 Million Women

Security Affairs

MARCH 12, 2019

The database also contained GPS coordinates, URLs to photos, ID numbers, marital status, political and education related details, and a ‘HasVideo’ field. The exposed database was discovered by the popular security researcher Victor Gevers, he found 29808 open in China. Million Women appeared first on Security Affairs.

Archiving

Archiving Education Security Data breaches

GUEST ESSAY: Few consumers read privacy policies — tools can now do this for them

The Last Watchdog

MARCH 14, 2022

Financial services, health, home security, governance and all other mission critical services are now provided online. The right tools should provide users with the archive of all the accepted privacy policies. The right tool should: •Educate users about the importance of online privacy protection and data protection.

Privacy

Privacy Artificial Intelligence Financial Services Archiving

Unprotected Elasticsearch DB exposed 33 Million job profiles in China

Security Affairs

MARCH 17, 2019

Security expert discovered an unprotected Elasticsearch database exposed online that was containing approximately 33 million job profiles in China. . The analysis of the archive allowed the expert to discover references to multiple Chinese job recruitment sites such as 51Jobs, lagou , and Zhilian. Pierluigi Paganini.

Archiving

Archiving Education Security Data breaches

ShinyHunters leaked over 386 million user records from 18 companies

Security Affairs

JULY 28, 2020

A couple of days ago, the popular digital banking app Dave.com disclosed a security breach after ShinyHunters leaked 7,516,625 user records on a crime forum. The post ShinyHunters leaked over 386 million user records from 18 companies appeared first on Security Affairs. Appen.com 5.8 Million N/A No Chatbooks.com 15.8

Passwords

Passwords Archiving Education Authentication

Experts found the first LockBit encryptor that targets macOS systems

Security Affairs

APRIL 16, 2023

MalwareHunterTeam researchers discovered the LockBit encryptors in a ZIP archive uploaded to VirusTotal. "locker_Apple_M1_64": BleepingComputer confirmed that the zip archive contained “previously unknown encryptors for macOS, ARM, FreeBSD, MIPS, and SPARC” architectures.

Archiving

Archiving Encryption Ransomware Education

Lockbit ransomware gang demanded an 80 million ransom to CDW

Security Affairs

OCTOBER 14, 2023

CDW Corporation is a provider of technology solutions and services for business, government and education. The data leaked looks pretty bad from both a security and business pov. Data in the archives suggest it is associated with employee badges, audits, commission payout data, and other account-related information.

Ransomware

Ransomware Archiving Cybersecurity Education

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Security Affairs

NOVEMBER 23, 2020

The component exists as a tar.gz (tgz) archive with just one version 6.6.6 The component exists as a tar.gz (tgz) archive with just one version 6.6.6 Sonatype security researcher Sebastián Castro who analyzed xpc.js Once again, the Discord webhook is up and running at the time of writing: [link] The archive “lib2.exe”

Archiving

Archiving IT Security Education

UK police arrested 7 alleged members of Lapsus$ extortion gang

Security Affairs

MARCH 25, 2022

.” The youngster that goes online with the moniker “White” or “Breachbase” has autism, for this reason he attends a special educational school in Oxford. The teenager, who can’t be named for legal reasons, attends a special educational school in Oxford. Pierluigi Paganini.

Education

Education Archiving Ransomware Cybersecurity

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Healthcare

Healthcare Phishing Archiving Education

Preserving Our Libraries’ Digital Collections is Simple, Powerful, and Affordable

Preservica

MARCH 18, 2022

They continue to help meet communities’ needs in new, innovative ways, and are pillars of education to help inform, support, equalize, mobilize, and unite. Funding (Cuts in Budgets)- Preservica saves you money with low cost capacity upgrades so you can grow your archive in confidence.

Libraries

Libraries Digital preservation Archiving e-Discovery

URLs Aren’t Archives ¯_(?)_/¯, and Other Stories

The Schedule

APRIL 20, 2018

Today’s post is mainly in response to “ Digital Media and the Case of the Missing Archives ,” written by Danielle Tcholakian who in turn seems to have been inspired by an article in the Columbia Journalism Review. So let us start a mutual conversation with me first asking journalists, what do you mean by “archives”?

Archiving

Archiving Records Management Libraries ROT

60 Million records of LinkedIn users exposed online

Security Affairs

APRIL 21, 2019

Records include LinkedIn public profile information, including IDs, profile URLs, work history, education history, location, listed skills, other social profiles, and the last time the profile was updated. The archives contain 229 GB of data, each one containing between 25 GB and 32 GB of information. . Pierluigi Paganini.

Data breaches

Data breaches Archiving Privacy Education

The Sainsbury Archive chooses Preservica to create new cloud-based digital archive

Preservica

MARCH 14, 2018

Oxford, London UK and Boston MA, March 14 2018: The Sainsbury Archive, which charts the growth and history of one of the UK’s largest supermarkets, has chosen Preservica’s AWS cloud-hosted digital preservation platform to actively preserve invaluable digital assets relating to the company’s operations.

Archiving

Archiving Digital preservation Cloud Retail

New QBot campaign delivered hijacking business correspondence

Security Affairs

APRIL 17, 2023

“If the user complies, an archive will be downloaded from a remote server (compromised site), protected with a password given in the original PDF file.” ” Upon opening the attachment, it will retrieve an archive from a compromised website. The archive contains an obfuscated Windows Script File (.WSF)

e-Delivery

e-Delivery Archiving Education Passwords

Educating today’s information professionals to meet tomorrow’s challenges

IG Guru

FEBRUARY 18, 2019

Master of Archives and Records Administration (MARA) Celebrates its 10th Anniversary By Dr. Patricia C. Franks The Master of Archives and Records Administration (MARA) degree was launched in August 2008 in what is now the School of Information at San José State University.

Education

Education Archiving IT Records Management

Does Your Content Drive Organizational Value?

AIIM

JUNE 29, 2021

If you’ve been paying attention to the research we conduct and the educational information we share, you know that AIIM describes Intelligent Information Management (IIM) as all the things you want to do with, or get from, your organization’s information. Growing Privacy and Security Concerns. Growing Privacy and Security Concerns.

Artificial Intelligence

Artificial Intelligence Content services Cloud Paper

San Jose State University Offers 100% Online Masters in Archives and Records Degree

IG Guru

SEPTEMBER 21, 2023

The post San Jose State University Offers 100% Online Masters in Archives and Records Degree first appeared on IG GURU. Check out the site here.

Archiving

Archiving Records Management Education Information governance

‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals

Security Affairs

NOVEMBER 1, 2018

Security experts from Cisco Talos have uncovered two recent sextortion scam campaigns that appear to leverage on the Necurs botnet infrastructure. “Unfortunately, it is clear from the large amount of bitcoin these actors secured that there is still a long way to go in terms of educating potential victims.”

Data breaches

Data breaches Education Archiving Phishing

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

doc,docx,rtf,txt,xls,xlsx,ppt,pptx,vsd,vsdx,pdf,png,jpeg,jpg,zip,rar,7z,mp4,sql ,php,vbk,vib,vrb,p7s and.sys,dll,exe,bin,dat) to archive them using the legitimate WinRAR program. The attackers were observed using WinRAR with the “-df” option to delete the source file after being added to the archives.

Archiving

Archiving Education Authentication Ransomware

North Korea-linked ScarCruft APT uses large LNK files in infection chains

Security Affairs

MAY 2, 2023

“ROKRAT has not changed significantly over the years, but its deployment methods have evolved, now utilizing archives containing LNK files that initiate multi-stage infection chains. The archive contained two LNKs have a size of just under 5 MB. ” reads the report published by Check Point.

Archiving

Archiving Cloud Education Phishing

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Artificial Intelligence Archiving

Operators behind Dark Caracal are still alive and operational

Security Affairs

NOVEMBER 29, 2020

” During the last campaign, the hackers targeted multiple sectors including Government, financial, energy, food industry, healthcare, education, IT, and legal institutions. The post Operators behind Dark Caracal are still alive and operational appeared first on Security Affairs. ” Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Archiving Education

Multi-platform Tycoon Ransomware employed in targeted attacks

Security Affairs

JUNE 5, 2020

The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and institutions in the education and software industries. The post Multi-platform Tycoon Ransomware employed in targeted attacks appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Encryption Archiving Education

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Communications

Communications Manufacturing Access Archiving

HackerGPT 2.0 Unveils New AI Cyber Defense Strategies

eSecurity Planet

MARCH 15, 2024

From analyzing attack methods and suggesting defense tactics to doing vulnerability assessments, it provides users with the knowledge to improve their security posture. Aside from ethical hacking, HackerGPT seeks to assist professionals and improve security assessments. It has an intuitive UI similar to ChatGPT.

Cybersecurity

Cybersecurity Education Privacy Access

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

The attackers exploited a Raspberry Pi device that was connected to the IT network of the NASA Jet Propulsion Laboratory (JPL) without authorization or implementing proper security measures. The Technology Security Database (ITSDB) is a web-based application used to track and manage physical assets and applications on its network.

IT

IT Data breaches Archiving Education

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Security Affairs

APRIL 29, 2023

Harvested data are compressed in a ZIP archive and encoded using Base64 format for exfiltration. “Due to its robust security features, macOS is the preferred operating system for numerous high-profile individuals. The ZIP file is then sent to pre-configured Telegram channels. ” concludes the report.

Passwords

Passwords Archiving Education Phishing

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

Contents of a free phishing kit archive Paid phishing pages and data, as well as phishing-as-a-service (PhaaS) subscriptions. ” The cost of phishing pages goes from $10 per copy up to $50 for an archive containing several pages. The cyber security firm reported that it has prevented 7.1 User personal data for sale.

Phishing

Phishing Archiving Sales Personal data

25 Most Dangerous Software Flaws Identified by MITRE

eSecurity Planet

JULY 6, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and other agencies and instead focuses on more generic software development weaknesses, similar to the OWASP list for web applications. Also read: Latest MITRE Endpoint Security Results Show Some Familiar Names on Top. See the Top Vulnerability Management Tools for 2022.

Archiving

Archiving Risk Education Authentication

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

Security Affairs

APRIL 20, 2023

The archive contains a native 64-bit Intel Linux binary written in Go and named HSBC job offer․pdf. The threat actors were observed using social engineering techniques to compromise its targets, with fake job offers as the lure. “Interestingly, the file extension is not .pdf.

Archiving

Archiving Education Phishing Cybersecurity

Inside the Cit0Day Breach Collection

Troy Hunt

NOVEMBER 19, 2020

The hard bit for me is figuring out whether it's pwn-worthy enough to justify loading it into Have I Been Pwned (HIBP) or if it's just more noise that ultimately doesn't really help people make informed decisions about their security posture. Here's the contents: Taking that first and largest file from the archive, there are over 1.5M

Passwords

Passwords Archiving Risk IT

Data Security Tips for 2018

Archive Document Data Storage

JANUARY 2, 2018

2018 is here, and it’s time to revisit your data security strategy. Setup a Virtual Private Network (VPN) for secure, remote access to network applications. That way, when disaster strikes your business location, you can still restore mission-critical files and applications with the data kept safe and secure offsite.

Security

Security Archiving Passwords Records Management

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Unwrapping the Archives

Trending Sources

Why CISA is Warning CISOs About a Breach at Sisense

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Decathlon Spain data leak exposed Spanish employees’ data & more

7 Best Email Security Software & Tools in 2023

TrueDialog database leaked online tens of millions of SMS text messages

Thousands Zoom credentials available on a Dark Web forum

Personal and social information of 1.2B people exposed on an open Elasticsearch install

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs newsletter Round 266

Mysterious open database included ‘BreedReady’ status for 1.8 Million Women

GUEST ESSAY: Few consumers read privacy policies — tools can now do this for them

Unprotected Elasticsearch DB exposed 33 Million job profiles in China

ShinyHunters leaked over 386 million user records from 18 companies

Experts found the first LockBit encryptor that targets macOS systems

Lockbit ransomware gang demanded an 80 million ransom to CDW

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

UK police arrested 7 alleged members of Lapsus$ extortion gang

Financially motivated Earth Lusca threat actors targets organizations worldwide

Preserving Our Libraries’ Digital Collections is Simple, Powerful, and Affordable

URLs Aren’t Archives ¯_(?)_/¯, and Other Stories

60 Million records of LinkedIn users exposed online

The Sainsbury Archive chooses Preservica to create new cloud-based digital archive

New QBot campaign delivered hijacking business correspondence

Educating today’s information professionals to meet tomorrow’s challenges

Does Your Content Drive Organizational Value?

San Jose State University Offers 100% Online Masters in Archives and Records Degree

‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

North Korea-linked ScarCruft APT uses large LNK files in infection chains

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Operators behind Dark Caracal are still alive and operational

Multi-platform Tycoon Ransomware employed in targeted attacks

China-linked APT Volt Typhoon targets critical infrastructure organizations

HackerGPT 2.0 Unveils New AI Cyber Defense Strategies

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Phishers migrate to Telegram

25 Most Dangerous Software Flaws Identified by MITRE

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

Inside the Cit0Day Breach Collection

Data Security Tips for 2018

Stay Connected