Cloud and Education - Information Management Today

Cloud computing provider Blackbaud paid a ransom after data breach

Security Affairs

JULY 21, 2020

Cloud software provider Blackbaud revealed to have paid crooks to decrypt its data following a ransomware attack that took place in May 2020. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration. Pierluigi Paganini. SecurityAffairs – hacking, ransomware).

Data breaches

Data breaches Cloud Ransomware Education

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

.” Hummel said NoName will typically launch their attacks using a mix of resources from rented from major, legitimate cloud services, and those from so-called “ bulletproof ” hosting providers like Stark. “And then they just keep coming back and opening new cloud accounts.”

Cloud

Cloud Education Government Communications

Experts disclosed two critical flaws in Alibaba cloud database services

Security Affairs

APRIL 20, 2023

Researchers disclosed two critical flaws in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL. Researchers from cloud security firm Wiz discovered two critical flaws, collectively dubbed BrokenSesame, in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL.

Cloud

Cloud Access Cybersecurity Education

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.” ” continues the report.

Phishing

Phishing Authentication Access Government

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

e-Discovery

e-Discovery Communications Ransomware Government

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

INE Security , a leading provider of cybersecurity training and certifications, today shared its cybersecurity training for cyber hygiene practices for small businesses, underscoring the critical role of continuous education in safeguarding digital assets.

Security

Security Data breaches Passwords Cybersecurity

Microsoft Teams launches as a single app for work, personal, and education

Collaboration 2.0

AUGUST 20, 2024

Microsoft's new unified Teams app enables you to switch between different cloud environments and accounts for personal and work access.

Education

Education Cloud Access

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Microsoft reported that China-linked APT group Silk Typhoon has shifted tactics to target IT solutions like remote management tools and cloud apps for initial access. Though not directly attacking Microsoft cloud services, they exploit unpatched apps to escalate privileges and gain access to customer networks.

Energy and Utilities

Energy and Utilities IT Cloud Passwords

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

In July 2020, Save the Children suffered a data breach that was caused by a ransomware attack on cloud computing provider Blackbaud. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration.

IT

IT Ransomware Education Data breaches

How the NHL CISO Secures Its Teams, Arenas and Cloud Systems

Data Breach Today

APRIL 1, 2025

He details the leagues use of cloud and AI tools, and highlights the importance of cloud governance, AI-powered defenses and user education in mitigating risk. NHL CISO David Munroe outlines how the league protects critical infrastructure across public arenas and streaming platforms.

Cloud

Cloud Education IT Security

News alert: SquareX to present on uncovering data splicing attacks at BSides San Francisco 2025

The Last Watchdog

APRIL 16, 2025

With over 60% of corporate data being stored in the cloud, browsers have become the primary way for employees to create, access, and share data. Yet, existing endpoint and cloud DLP solutions have limited telemetry and control over how employees interact with data on the browser.

Cloud

Cloud Ransomware Cybersecurity Data breaches

National Student Clearinghouse data breach impacted approximately 900 US schools

Security Affairs

SEPTEMBER 24, 2023

educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. The vulnerability affects all MOVEit Transfer versions, it doesn’t affect the cloud version of the product.

Data breaches

Data breaches Education Ransomware Cybersecurity

TrueDialog database leaked online tens of millions of SMS text messages

Security Affairs

DECEMBER 1, 2019

Millions of SMS messages have been leaked by a database run by TrueDialog, a business SMS provider for businesses and higher education providers. TrueDialog focuses on providing several different SMS programs including mass text messaging, marketing SMS options, urgent alerts, an Education SMS solution, and more.

Education

Education Marketing Archiving Passwords

Helping higher education institutions graduate to data intelligence

Collibra

JUNE 27, 2023

Many operate highly complex data ecosystems with large volumes of data spread across on-prem, hybrid, and multi-cloud environments. 1) How can institutions of higher education use data to start making strategic decisions? 1) How can institutions of higher education use data to start making strategic decisions?

Education

Education Cloud Digital transformation Data science

Google Gmail client-side encryption is available globally

Security Affairs

FEBRUARY 28, 2023

Gmail client-side encryption (CSE) is now available for Workspace Enterprise Plus, Education Plus, and Education Standard customers. Google announced that Gmail client-side encryption (CSE) is now available for all Google Workspace Enterprise Plus, Education Plus, and Education Standard customers.

Encryption

Encryption Education Digital transformation Access

Google announced end-to-end encryption for Gmail web

Security Affairs

DECEMBER 18, 2022

Google introduces end-to-end encryption for Gmail web to its Workspace and education customers to protect emails sent using the web client. The IT giant announced that the client-side encryption in Gmail on the web will be available in beta for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers.

Encryption

Encryption Education Compliance Cloud

Top 5 Cloud security challenges, risks and threats

IT Governance

NOVEMBER 24, 2021

Cloud services are an integral part of modern business. In this blog, we look at the top five Cloud security challenges that organisations face, and provide tips on how to overcome them. In this blog, we look at the top five Cloud security challenges that organisations face, and provide tips on how to overcome them.

Cloud

Cloud Risk Security Data breaches

Cloud Security Fundamentals: Understanding the Basics

eSecurity Planet

MAY 24, 2024

Cloud security fundamentals are the core requirements that ensure data protection, regulatory compliance, and access management in a cloud environment. Understanding cloud security challenges and knowing the cloud security tools available in the market significantly contribute to enhanced cloud security.

Cloud

Cloud Security Compliance Encryption

Western Digital took its services offline due to a security breach

Security Affairs

APRIL 3, 2023

“Western Digital is currently experiencing a service outage impacting the following products: My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, SanDisk Ixpand Wireless Charger.” ” reads the status page of the company on April 2, 2023. “We are working to restore service.

IT

IT Security Cloud Ransomware

GUEST ESSAY: Advanced tools, tactics required to defend latest attack variant — ‘DeepSea phishing’

The Last Watchdog

JULY 14, 2022

Enterprise cybersecurity traditionally prevents such attacks in two ways: staff education, giving employees the tools they need to recognize and report suspicious emails that land in their inboxes; along with cybersecurity solutions , which prevent malicious emails from reaching inboxes in the first place. Cloud native design.

Phishing

Phishing Cybersecurity Cloud Education

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

Security Affairs

DECEMBER 12, 2021

Log4j is an open-source library widely used by both enterprise apps and cloud services, including Apple iCloud and Steam. The government closed 3,992 sites including the education and higher education ministries’ sites. formatMsgNoLookups option is set to false.

Libraries

Libraries Digital transformation Education Government

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

The Last Watchdog

FEBRUARY 5, 2024

Even in the cloud era, Microsoft Exchange Server remains a staple business communications tool across the globe. Navigating new risks Today, heavy reliance on cloud-centric IT infrastructure and cloud-hosted applications has become the norm. Related: The need for robust data recovery policies. Backup strategies.

Risk

Risk Cloud Communications Education

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.” Ensure copies of critical data are in the cloud or on an external hard drive or storage device. “As of June 2020, the FBI has received notifications of Netwalker ransomware attacks on U.S.

Ransomware

Ransomware Encryption Passwords Government

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

The online services of multiple Swedish government agencies, universities, and commercial activities were disrupted by an Akira ransomware attack that hit the Finnish IT services and enterprise cloud hosting Tietoevry. The company said that the ransomware attack took place on Friday night and impacted only one data center in Sweden.

Ransomware

Ransomware Government Retail Cloud

How to Secure the 5 Cloud Environment Types

eSecurity Planet

NOVEMBER 7, 2023

Organizations have a variety of options for cloud deployments, each with its own set of capabilities and security challenges. Public Cloud Environments A public cloud architecture is a shared infrastructure hosted by a cloud service provider.

Cloud

Cloud Security Encryption Compliance

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

JANUARY 2, 2024

Lack of security awareness and education. Often, employees within organizations lack sufficient security awareness and education. Organizations need to invest in cybersecurity training programs to educate their employees about security best practices. Promote security awareness and education among employees.

Risk

Risk Security awareness Education Compliance

US cyber and law enforcement agencies warn of Phobos ransomware attacks

Security Affairs

MARCH 2, 2024

The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors. for data exfiltration to FTP servers or cloud storage. Phobos operation uses a ransomware-as-a-service (RaaS) model, it has been active since May 2019.

Ransomware

Ransomware Education Phishing Government

The 14 Cloud Security Principles explained

IT Governance

DECEMBER 9, 2021

Cloud security is an essential part of today’s cyber security landscape. With hybrid working now the norm, many organisations are relying on Cloud services to access data from home or the office. Indeed, Cloud computing can increase the risk of data breaches and regulatory non-compliance, as well as introducing other vulnerabilities.

Cloud

Cloud Security Authentication Risk

What Is Hybrid Cloud Security? How it Works & Best Practices

eSecurity Planet

OCTOBER 20, 2023

Hybrid cloud security is a framework for protecting data and applications in a computing environment that includes both private and public clouds. It combines on-premises and cloud-based resources to satisfy an organization’s diversified computing demands while ensuring strong security.

Cloud

Cloud Security IT Encryption

Cloud Security Strategy: Building a Robust Policy in 2024

eSecurity Planet

AUGUST 7, 2024

A cloud security strategy is an established set of tools, rules, and procedures for safeguarding cloud data, apps, and infrastructure against security threats. Mastering these areas ensures a comprehensive and adaptable approach to cloud security. The OSI Model The OSI Model’s layers help develop a safe cloud environment.

Cloud

Cloud Security Compliance Encryption

Security Affairs newsletter Round 432 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 13, 2023

Police dismantled bulletproof hosting service provider Lolek Hosted Python URL parsing function flaw can enable command execution UK govt contractor MPD FM leaks employee passport data Power Generator in South Africa hit with DroxiDat and Cobalt Strike The Evolution of API: From Commerce to Cloud Gafgyt botnet is targeting EoL Zyxel routers Charming (..)

Security

Security Data breaches Honeypots Artificial Intelligence

The Difference Between Human and Machine Identities

Security Affairs

MARCH 3, 2022

The shift from on-premises data centers to cloud-based applications and workloads has created an explosion in the number of machines being deployed on enterprise networks. For many enterprises the need is compounded by digital transformation initiatives such as cloud migration and expanding DevOps processes.

Digital transformation

Digital transformation IoT Passwords Cloud

Public Cloud Security Explained: Everything You Need to Know

eSecurity Planet

OCTOBER 16, 2023

Public cloud security refers to protections put in place to secure data and resources in cloud environments shared by multiple users or organizations. Major cloud service providers have generally had good security , so cloud users can be pretty confident in the security of their data and applications if they get their part right.

Cloud

Cloud Security Encryption Compliance

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Security Affairs

FEBRUARY 4, 2022

However, only 22 percent of customers using Microsoft Azure Active Directory (Azure AD), Microsoft’s Cloud Identity Solution, have implemented a strong identity authentication protection as of December 2021.

Phishing

Phishing Authentication Education Cloud

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

Security Affairs

APRIL 23, 2023

Cloud security firm Aqua discovered a large-scale cryptocurrency mining campaign exploiting Kubernetes (K8s) Role-Based Access Control ( RBAC ) to create backdoors and run miners. Experts warn of a large-scale cryptocurrency mining campaign exploiting Kubernetes (K8s) Role-Based Access Control ( RBAC ).

Mining

Mining Honeypots Access Cloud

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

DECEMBER 21, 2020

The infrastructure used in these attacks included servers in Germany, France, UK, and Italy using cloud providers Aruba, Choopa, CloudSigma, and DigitalOcean. Investments in journalist security and education must be accompanied by efforts to regulate the sale, transfer, and use of surveillance technology.”

Government

Government Security awareness Education Sales

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

New York City based Sisense has more than 1,000 customers across a range of industry verticals, including financial services, telecommunications, healthcare and higher education. ” “We are taking this matter seriously and promptly commenced an investigation,” Dash continued.

Encryption

Encryption Passwords Access Financial Services

Fortinet fixed a critical vulnerability in its Data Analytics product

Security Affairs

APRIL 13, 2023

The company added that Cloud instances of FortiPresence are not impacted. .” reads the advisory published by the vendor. The vulnerability affects FortiPresence 1.2 all versions, FortiPresence 1.1 all versions, and FortiPresence 1.0 all versions.

Analytics

Analytics IT Authentication Education

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

” When it released patches for the four Exchange Server flaws on Tuesday, Microsoft emphasized that the vulnerability did not affect customers running its Exchange Online service (Microsoft’s cloud-hosted email for businesses). “They’ll say ‘Patch, but it’s better to go to the cloud.’

Cybersecurity

Cybersecurity Government Cleanup Cloud

Portnox Cloud: NAC Product Review

eSecurity Planet

APRIL 19, 2023

Portnox Cloud offers network access control (NAC) as a cloud-hosted SaaS solution that enables rapid deployment of basic NAC capabilities. Although the capabilities are more limited than some NAC competitors, the quick deployment and reduced IT labor costs make Portnox Cloud an attractive solution for many.

Cloud

Cloud Authentication IoT Access

Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 2, 2024

OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches

Data breaches Security Ransomware Phishing

ENISA – The need for Incident Response Capabilities in the health sector

Security Affairs

NOVEMBER 14, 2021

The level of exposure to cyber threats is increasing to the adoption of emerging technologies such as the Internet of Things (IoT), Artificial Intelligence (AI), big data, and cloud computing. “Although dedicated health sector CSIRTs are still the exception in the Member States, sector specific CSIRT cooperation is developing.”

Artificial Intelligence

Artificial Intelligence Big data Communications IoT

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

The report also states that cloud services are becoming a privileged target also for nation-state actor and urges organizations to improve enterprise defenses. “Cloud providers are useful targets for these kind of operations, either as hosts for malware or providing the infrastructure for command-and-control (C2).”

Cloud

Cloud Phishing Government Education

It’s a wrap! Highlights from OpenText World 2024

OpenText Information Management

NOVEMBER 22, 2024

And as the leading information management company, OpenText is building an exciting future for customers with our next-generation Business Clouds, Business AI, and autonomous cloud platform. “ OpenText makes multi-cloud work. It’s global, trusted, modern machine-based security,” Mark said.

Cloud

Cloud Financial Services Education Marketing

Cloud computing provider Blackbaud paid a ransom after data breach

Stark Industries Solutions: An Iron Hammer in the Cloud

Webinars

Trending Sources

Experts disclosed two critical flaws in Alibaba cloud database services

Webinars

Storm-2372 used the device code phishing technique since August 2024

China’s Volt Typhoon botnet has re-emerged

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

Microsoft Teams launches as a single app for work, personal, and education

China-linked APT Silk Typhoon targets IT Supply Chain

Save the Children confirms it was hit by cyber attack

How the NHL CISO Secures Its Teams, Arenas and Cloud Systems

News alert: SquareX to present on uncovering data splicing attacks at BSides San Francisco 2025

National Student Clearinghouse data breach impacted approximately 900 US schools

TrueDialog database leaked online tens of millions of SMS text messages

Helping higher education institutions graduate to data intelligence

Google Gmail client-side encryption is available globally

Google announced end-to-end encryption for Gmail web

Top 5 Cloud security challenges, risks and threats

Cloud Security Fundamentals: Understanding the Basics

Western Digital took its services offline due to a security breach

GUEST ESSAY: Advanced tools, tactics required to defend latest attack variant — ‘DeepSea phishing’

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

FBI issued a flash alert about Netwalker ransomware attacks

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

How to Secure the 5 Cloud Environment Types

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

US cyber and law enforcement agencies warn of Phobos ransomware attacks

The 14 Cloud Security Principles explained

What Is Hybrid Cloud Security? How it Works & Best Practices

Cloud Security Strategy: Building a Robust Policy in 2024

Security Affairs newsletter Round 432 by Pierluigi Paganini – International edition

The Difference Between Human and Machine Identities

Public Cloud Security Explained: Everything You Need to Know

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

Zero-day exploit used to hack iPhones of Al Jazeera employees

Why CISA is Warning CISOs About a Breach at Sisense

Fortinet fixed a critical vulnerability in its Data Analytics product

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Portnox Cloud: NAC Product Review

Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

ENISA – The need for Incident Response Capabilities in the health sector

China-linked APT41 group spotted using open-source red teaming tool GC2

It’s a wrap! Highlights from OpenText World 2024

Stay Connected