Archiving, Education and Security - Information Management Today

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. The Powershell is used to retrieve a ZIP archive containing NetSupport RAT that. implacavelvideos[.]com).

Education

Education Government Business Services Archiving

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Italian Military Personnel and National Association of Professional Educators. Italian Military Personnel and National Association of Professional Educators. MassaCarrara Web Archives. Administrator Username & Password To Access Archive: [link]. State Archive of Palermo. Leaked Archive: [link].

Passwords

Passwords Archiving Mining Education

Decathlon Spain data leak exposed Spanish employees’ data & more

Security Affairs

FEBRUARY 25, 2020

The unsecure archive is greater than 9GB in size and was published on an ElasticSearch server. The experts discovered the database on February 12, 2020, and reported their discovery to Decathlon on February 16, the archive was security on February 17. ” reads the post published by vpnMentor. ” reported vpnMentor.

Archiving

Archiving Passwords Retail Education

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

TrueDialog database leaked online tens of millions of SMS text messages

Security Affairs

DECEMBER 1, 2019

Millions of SMS messages have been leaked by a database run by TrueDialog, a business SMS provider for businesses and higher education providers. Security experts at vpnMentor discovered a database belonging to the US communications company, TrueDialog that was leaking millions of SMS messages. ” concludes vpnMentor.

Education

Education Marketing Archiving Passwords

Thousands Zoom credentials available on a Dark Web forum

Security Affairs

APRIL 12, 2020

Security researchers discovered an archive available on a dark web forum that includes thousands of compromised Zoom credentials. The archive included credentials for Zoom accounts belonging to organizations in various industries, including banking, consultancy, healthcare software companies. Pierluigi Paganini.

Phishing

Phishing Archiving Passwords Data breaches

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

MARCH 28, 2019

The recently patched vulnerability affecting the popular archiver utility WinRAR has been exploited to deliver new malware to targeted users. The flaw is an “Absolute Path Traversal” issue in the library that could be exploited to execute arbitrary code by using a specially-crafted file archive.

Archiving

Archiving File names Education Libraries

Mysterious open database included ‘BreedReady’ status for 1.8 Million Women

Security Affairs

MARCH 12, 2019

The database also contained GPS coordinates, URLs to photos, ID numbers, marital status, political and education related details, and a ‘HasVideo’ field. The exposed database was discovered by the popular security researcher Victor Gevers, he found 29808 open in China. Million Women appeared first on Security Affairs.

Archiving

Archiving Education Security Data breaches

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

You will find docs with personal information of their employees in the archives and much other interested stuff like NDAs, projects, information about clients and partners etc. Nissan already notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre.

Ransomware

Ransomware Data breaches Financial Services Archiving

Unprotected Elasticsearch DB exposed 33 Million job profiles in China

Security Affairs

MARCH 17, 2019

Security expert discovered an unprotected Elasticsearch database exposed online that was containing approximately 33 million job profiles in China. . The analysis of the archive allowed the expert to discover references to multiple Chinese job recruitment sites such as 51Jobs, lagou , and Zhilian. Pierluigi Paganini.

Archiving

Archiving Education Security Data breaches

ShinyHunters leaked over 386 million user records from 18 companies

Security Affairs

JULY 28, 2020

A couple of days ago, the popular digital banking app Dave.com disclosed a security breach after ShinyHunters leaked 7,516,625 user records on a crime forum. The post ShinyHunters leaked over 386 million user records from 18 companies appeared first on Security Affairs. Appen.com 5.8 Million N/A No Chatbooks.com 15.8

Passwords

Passwords Archiving Education Authentication

Security Affairs newsletter Round 266

Security Affairs

MAY 31, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 266 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! NetWalker ransomware gang threatens to release Michigan State University files.

Security

Security Data breaches Ransomware Sales

Experts found the first LockBit encryptor that targets macOS systems

Security Affairs

APRIL 16, 2023

MalwareHunterTeam researchers discovered the LockBit encryptors in a ZIP archive uploaded to VirusTotal. "locker_Apple_M1_64": BleepingComputer confirmed that the zip archive contained “previously unknown encryptors for macOS, ARM, FreeBSD, MIPS, and SPARC” architectures.

Archiving

Archiving Encryption Ransomware Education

Lockbit ransomware gang demanded an 80 million ransom to CDW

Security Affairs

OCTOBER 14, 2023

CDW Corporation is a provider of technology solutions and services for business, government and education. The data leaked looks pretty bad from both a security and business pov. Data in the archives suggest it is associated with employee badges, audits, commission payout data, and other account-related information.

Ransomware

Ransomware Archiving Cybersecurity Education

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Security Affairs

NOVEMBER 23, 2020

The component exists as a tar.gz (tgz) archive with just one version 6.6.6 The component exists as a tar.gz (tgz) archive with just one version 6.6.6 Sonatype security researcher Sebastián Castro who analyzed xpc.js Once again, the Discord webhook is up and running at the time of writing: [link] The archive “lib2.exe”

Archiving

Archiving IT Security Education

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Healthcare

Healthcare Phishing Archiving Education

UK police arrested 7 alleged members of Lapsus$ extortion gang

Security Affairs

MARCH 25, 2022

.” The youngster that goes online with the moniker “White” or “Breachbase” has autism, for this reason he attends a special educational school in Oxford. The teenager, who can’t be named for legal reasons, attends a special educational school in Oxford. Pierluigi Paganini.

Education

Education Archiving Ransomware Cybersecurity

60 Million records of LinkedIn users exposed online

Security Affairs

APRIL 21, 2019

Records include LinkedIn public profile information, including IDs, profile URLs, work history, education history, location, listed skills, other social profiles, and the last time the profile was updated. The archives contain 229 GB of data, each one containing between 25 GB and 32 GB of information. . Pierluigi Paganini.

Data breaches

Data breaches Archiving Privacy Education

New QBot campaign delivered hijacking business correspondence

Security Affairs

APRIL 17, 2023

“If the user complies, an archive will be downloaded from a remote server (compromised site), protected with a password given in the original PDF file.” ” Upon opening the attachment, it will retrieve an archive from a compromised website. The archive contains an obfuscated Windows Script File (.WSF)

e-Delivery

e-Delivery Archiving Education Passwords

‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals

Security Affairs

NOVEMBER 1, 2018

Security experts from Cisco Talos have uncovered two recent sextortion scam campaigns that appear to leverage on the Necurs botnet infrastructure. “Unfortunately, it is clear from the large amount of bitcoin these actors secured that there is still a long way to go in terms of educating potential victims.”

Data breaches

Data breaches Education Archiving Phishing

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

doc,docx,rtf,txt,xls,xlsx,ppt,pptx,vsd,vsdx,pdf,png,jpeg,jpg,zip,rar,7z,mp4,sql ,php,vbk,vib,vrb,p7s and.sys,dll,exe,bin,dat) to archive them using the legitimate WinRAR program. The attackers were observed using WinRAR with the “-df” option to delete the source file after being added to the archives.

Archiving

Archiving Education Authentication Ransomware

North Korea-linked ScarCruft APT uses large LNK files in infection chains

Security Affairs

MAY 2, 2023

“ROKRAT has not changed significantly over the years, but its deployment methods have evolved, now utilizing archives containing LNK files that initiate multi-stage infection chains. The archive contained two LNKs have a size of just under 5 MB. ” reads the report published by Check Point.

Archiving

Archiving Cloud Education Phishing

Operators behind Dark Caracal are still alive and operational

Security Affairs

NOVEMBER 29, 2020

” During the last campaign, the hackers targeted multiple sectors including Government, financial, energy, food industry, healthcare, education, IT, and legal institutions. The post Operators behind Dark Caracal are still alive and operational appeared first on Security Affairs. ” Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Archiving Education

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Communications

Communications Manufacturing Access Archiving

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

The attackers exploited a Raspberry Pi device that was connected to the IT network of the NASA Jet Propulsion Laboratory (JPL) without authorization or implementing proper security measures. The Technology Security Database (ITSDB) is a web-based application used to track and manage physical assets and applications on its network.

IT

IT Data breaches Archiving Education

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense , whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. So mistake number one is leaving Amazon credentials in your Git archive.

Encryption

Encryption Passwords Access Financial Services

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Security Affairs

APRIL 29, 2023

Harvested data are compressed in a ZIP archive and encoded using Base64 format for exfiltration. “Due to its robust security features, macOS is the preferred operating system for numerous high-profile individuals. The ZIP file is then sent to pre-configured Telegram channels. ” concludes the report.

Passwords

Passwords Archiving Education Phishing

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

Contents of a free phishing kit archive Paid phishing pages and data, as well as phishing-as-a-service (PhaaS) subscriptions. ” The cost of phishing pages goes from $10 per copy up to $50 for an archive containing several pages. The cyber security firm reported that it has prevented 7.1 User personal data for sale.

Phishing

Phishing Archiving Personal data Sales

Multi-platform Tycoon Ransomware employed in targeted attacks

Security Affairs

JUNE 5, 2020

The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and institutions in the education and software industries. The post Multi-platform Tycoon Ransomware employed in targeted attacks appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Encryption Archiving Education

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

Security Affairs

APRIL 20, 2023

The archive contains a native 64-bit Intel Linux binary written in Go and named HSBC job offer․pdf. The threat actors were observed using social engineering techniques to compromise its targets, with fake job offers as the lure. “Interestingly, the file extension is not .pdf.

Archiving

Archiving Education Phishing Cybersecurity

TrickGate, a packer used by malware to evade detection since 2016

Security Affairs

JANUARY 31, 2023

“The first stage mainly comes in the form of an archived executable, but we monitored many file types and delivery permutations that lead to the same shellcode.” The attack chain observed by the experts can vary significantly, but in most cases, threat actors used phishing messages with malicious attachments or malicious links.

Manufacturing

Manufacturing Archiving Education Phishing

7 Best Email Security Software & Tools in 2023

eSecurity Planet

OCTOBER 6, 2023

That makes email security software a worthwhile investment for organizations of all sizes. We analyzed the market for email security tools and software to arrive at this list of 7 top email security solutions, including their standout features, limitations and ideal use cases, followed by issues prospective buyers should consider.

Security

Security Phishing Compliance Cybersecurity

A new digital archive for Canada’s continuing memory

Preservica

NOVEMBER 13, 2018

Library and Archives Canada (LAC) selects Preservica and TeraMach to centralize and preserve digital documentary history for all Canadians. It will see the government agency start processing more than 7 petabytes of digital records into the new digital archive. About Library and Archives Canada.

Archiving

Archiving Digital preservation Libraries Cloud

GUEST ESSAY: Few consumers read privacy policies — tools can now do this for them

The Last Watchdog

MARCH 14, 2022

Financial services, health, home security, governance and all other mission critical services are now provided online. The right tools should provide users with the archive of all the accepted privacy policies. The right tool should: •Educate users about the importance of online privacy protection and data protection.

Privacy

Privacy Artificial Intelligence Financial Services Archiving

San Jose State University Offers 100% Online Masters in Archives and Records Degree

IG Guru

SEPTEMBER 21, 2023

The post San Jose State University Offers 100% Online Masters in Archives and Records Degree first appeared on IG GURU. Check out the site here.

Archiving

Archiving Records Management Education Information governance

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. Data breached: 4 TB. Publicly disclosed data breaches and cyber attacks: full list This week, we’ve found 83,463,951 records known to be compromised, and 210 organisations suffering a newly disclosed incident.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

IT Governance

DECEMBER 5, 2023

The security researcher Bob Diachenko of SecurityDiscovery first identified the exposed information in mid-September. Source (New) Education USA Yes 1,493 Kimber Mfg., Source (New) Manufacturing USA Yes 1,212 Butte School District Source (New) Education USA Yes 900+ Fenway Community Health Center, Inc.

Data Privacy

Data Privacy Privacy Manufacturing Security

Preservica customers use the past to inform the present, preserving democracy for future generations

Preservica

JANUARY 23, 2023

Preservica customer, the Boston City Archives , is using the cloud-based digital preservation software to help its citizens and researchers learn more about the city of Boston’s past and the lives of the people who lived there. Marta Crilly is the Archivist for Research and Outreach at Boston City Archives.

Archiving

Archiving Digital preservation Education Analytics

Preserving Our Libraries’ Digital Collections is Simple, Powerful, and Affordable

Preservica

MARCH 18, 2022

They continue to help meet communities’ needs in new, innovative ways, and are pillars of education to help inform, support, equalize, mobilize, and unite. Funding (Cuts in Budgets)- Preservica saves you money with low cost capacity upgrades so you can grow your archive in confidence.

Libraries

Libraries Digital preservation Archiving e-Discovery

Is It Time for Intelligent Automation? 5 Questions to Ask

AIIM

MAY 20, 2020

It is no longer enough to just store and archive content; it must be put to use in context as part of a broader drive to Intelligent Automation. It’s this intersection of information chaos and information value that’s moved Intelligent Automation to a top priority for organizations everywhere. But, is Intelligent Automation right for you?

IT

IT Unstructured data ECM Customer Experience

URLs Aren’t Archives ¯_(?)_/¯, and Other Stories

The Schedule

APRIL 20, 2018

Today’s post is mainly in response to “ Digital Media and the Case of the Missing Archives ,” written by Danielle Tcholakian who in turn seems to have been inspired by an article in the Columbia Journalism Review. So let us start a mutual conversation with me first asking journalists, what do you mean by “archives”?

Archiving

Archiving Records Management Libraries Computer and Electronics

The Sainsbury Archive chooses Preservica to create new cloud-based digital archive

Preservica

MARCH 14, 2018

Oxford, London UK and Boston MA, March 14 2018: The Sainsbury Archive, which charts the growth and history of one of the UK’s largest supermarkets, has chosen Preservica’s AWS cloud-hosted digital preservation platform to actively preserve invaluable digital assets relating to the company’s operations.

Archiving

Archiving Digital preservation Cloud Retail

Does Your Content Drive Organizational Value?

AIIM

JUNE 29, 2021

If you’ve been paying attention to the research we conduct and the educational information we share, you know that AIIM describes Intelligent Information Management (IIM) as all the things you want to do with, or get from, your organization’s information. Growing Privacy and Security Concerns. Growing Privacy and Security Concerns.

Artificial Intelligence

Artificial Intelligence Content services Cloud Paper

Educating today’s information professionals to meet tomorrow’s challenges

IG Guru

FEBRUARY 18, 2019

Master of Archives and Records Administration (MARA) Celebrates its 10th Anniversary By Dr. Patricia C. Franks The Master of Archives and Records Administration (MARA) degree was launched in August 2008 in what is now the School of Information at San José State University.

Education

Education Archiving IT Records Management

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc.

Data Privacy

Data Privacy Privacy Security Data breaches

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Webinars

Trending Sources

Decathlon Spain data leak exposed Spanish employees’ data & more

Webinars

TrueDialog database leaked online tens of millions of SMS text messages

Thousands Zoom credentials available on a Dark Web forum

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Mysterious open database included ‘BreedReady’ status for 1.8 Million Women

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Unprotected Elasticsearch DB exposed 33 Million job profiles in China

ShinyHunters leaked over 386 million user records from 18 companies

Security Affairs newsletter Round 266

Experts found the first LockBit encryptor that targets macOS systems

Lockbit ransomware gang demanded an 80 million ransom to CDW

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Financially motivated Earth Lusca threat actors targets organizations worldwide

UK police arrested 7 alleged members of Lapsus$ extortion gang

60 Million records of LinkedIn users exposed online

New QBot campaign delivered hijacking business correspondence

‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

North Korea-linked ScarCruft APT uses large LNK files in infection chains

Operators behind Dark Caracal are still alive and operational

China-linked APT Volt Typhoon targets critical infrastructure organizations

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Why CISA is Warning CISOs About a Breach at Sisense

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Phishers migrate to Telegram

Multi-platform Tycoon Ransomware employed in targeted attacks

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

TrickGate, a packer used by malware to evade detection since 2016

7 Best Email Security Software & Tools in 2023

A new digital archive for Canada’s continuing memory

GUEST ESSAY: Few consumers read privacy policies — tools can now do this for them

San Jose State University Offers 100% Online Masters in Archives and Records Degree

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

Preservica customers use the past to inform the present, preserving democracy for future generations

Preserving Our Libraries’ Digital Collections is Simple, Powerful, and Affordable

Is It Time for Intelligent Automation? 5 Questions to Ask

URLs Aren’t Archives ¯_(?)_/¯, and Other Stories

The Sainsbury Archive chooses Preservica to create new cloud-based digital archive

Does Your Content Drive Organizational Value?

Educating today’s information professionals to meet tomorrow’s challenges

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Stay Connected