Document and Education - Information Management Today

Google sued by New Mexico attorney general for collecting student data through its Education Platform

Security Affairs

FEBRUARY 23, 2020

New Mexico sues Google for allegedly using the Google for Education platform to gather personal and private data from children. Google is facing a new lawsuit for allegedly using the Google for Education platform to gather personal and private data from students with an age of less than 13 years. Pierluigi Paganini.

Education

Education IT Privacy Access

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

Documents leaked from Russian IT contractor NTC Vulkan show it was likely involved in the development of offensive tools. The documents demonstrate that it also developed hacking tools for the Russia-linked APT group Sandworm. The documents include details for three projects named Scan, Amesit, and Krystal-2B.

Energy and Utilities

Energy and Utilities Education Ransomware IT

Document Scanning for Higher Education

Record Nations

JUNE 7, 2024

Document scanning is an efficient, secure way to keep track of and store files over time. When you digitize documents it saves you physical space, provides an easy way to collaborate and share, and gives you the ability to search and edit documents.

Education

Education Security IT Records Management

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

APT36 Running Espionage Ops Against India's Education Sector

Data Breach Today

APRIL 14, 2023

Pakistan-Linked APT Group Using Spear-Phishing to Plant Info Stealer Malware A suspected Pakistan espionage threat actor that relies on phishing emails is expanding to the education sector after years of focusing on the Indian military and government.

Education

Education Military Phishing Government

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

“Subsequently, and using up to three different pseudonyms, he attacked international bodies and government-type organisations by accessing databases with personal information of employees and clients, as well as internal documents that were subsequently sold or freely published on forums.” ” concludes the statement.

Data breaches

Data breaches Information Security Government Access

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

The BianLian extortion group claims to have stolen 6,8 TB of documents, including International HR data, international personal data. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration.

IT

IT Ransomware Education Data breaches

Personal Data and docs of Swiss town Rolle available on the dark web

Security Affairs

AUGUST 26, 2021

Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen in a ransomware attack. The threat actors compromised some administrative servers and exfiltrated sensitive documents. The threat actors compromised some administrative servers and exfiltrated sensitive documents.

Personal data

Personal data Ransomware Data breaches Education

“Beyond the border scam”, pay attention to the instance of the new Nigerian fraud

Security Affairs

FEBRUARY 22, 2024

Will you make sure to help me out of my unfortunate situation, receive the money and send me some to purchase my travel documents and start a new life? Education improves awareness” is his slogan. Under the following conditions: “ Do you accept my proposal to offer a quarter of the money as compensation for your help?

Computer and Electronics

Computer and Electronics Paper Education Communications

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

MARCH 28, 2019

This campaign was carried out by threat actors impersonating an educational accreditation council to hit users in the United States. The attackers used decoy documents apparently coming from the Council on Social Work Education (CSWE), a US association representing social work education. ” continues the analysis.

Archiving

Archiving File names Education Libraries

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

After further investigation, we have concluded that these documents belonged to people injured or deceased in traffic accidents. Document included in every court case, showing personal information about the victim. Document showing victims salary before the accident as well as expected future salary prior to the accident.

Data breaches

Data breaches Insurance Paper Access

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

MAY 7, 2021

As of April 28, the site mentioned nine companies primarily from aviation, financial, education and manufacturing industries. An example of spam email content Clicking the malicious link obviously leads to downloading a weaponized document. The exfiltrated data is published on a dedicated Cuba DLS (Data Leak Site).

Ransomware

Ransomware Education Manufacturing Healthcare

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

GossiTheDog @SOSIntel @UK_Daniel_Card @LisaForteUK pic.twitter.com/L7A3XNNxU7 — Dominic Alvieri (@AlvieriD) November 29, 2023 The group published images of stolen documents as proof of the hack. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware. “Unique files are presented to your attention!

Ransomware

Ransomware Manufacturing Education Libraries

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Manufacturing Education Libraries

Insurance scams via QR codes: how to recognise and defend yourself

Security Affairs

MARCH 12, 2024

After the first contact via instant messaging channels, further documents are then requested and a quote is provided. Education improves awareness” is his slogan. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”.

Insurance

Insurance Education Sales Personal data

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

The company refused to pay the ransom and the ransomware gang threatened to leak the alleged stolen documents, including project data, clients’ and partners’ info, and NDAs. The Akira ransomware gang claimed to have breached Nissan Australia and to have stolen around 100GB of files from the carmaker giant.

Ransomware

Ransomware Data breaches Financial Services Archiving

Researcher published PoC exploit for Ghostscript zero-day

Security Affairs

SEPTEMBER 7, 2021

Ghostscript is a suite of software based on an interpreter for Adobe Systems’ PostScript and Portable Document Format (PDF) page description languages. ” wrote the expert that added that his PoC was created only for educational purposes and cannot be used for law violation or personal gain.

Libraries

Libraries Education Security IT

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Security Affairs

JUNE 29, 2020

Threat actors accessed part of academic work and encrypted it, but due to the importance of the documents, the university decided to pay a portion of the ransom, approximately $1.14 We are continuing our investigation, but we do not currently believe patient medical records were exposed,”. million, to decrypt it. the statement concludes.

Ransomware

Ransomware Encryption Education IT

Dutch Research Council (NWO) confirms DoppelPaymer ransomware attack

Security Affairs

FEBRUARY 26, 2021

The attackers stole documents from the NWO and demanded a ransom to avoid leaking them online, but the research council refused to pay. That is why DoppelPaymer started on 24 February to leak internal NWO documents from the past years on the dark web.” ” reads an update published by the company.

Ransomware

Ransomware Education IT Government

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

Google sued by New Mexico attorney general for collecting student data through its Education Platform. Data on Detection of Malicious Documents in Gmail are impressive. A new round of the weekly newsletter arrived! The best news of the week with Security Affairs. ISS reveals malware attack impacted parts of the IT environment.

Security

Security Ransomware Military Data breaches

Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization

Security Affairs

AUGUST 19, 2019

The researchers analyzed PDF documents and email files (. The document included confidential information such as names and contact details of the travellers , alongside the journey details (future dated) and reasons for travel. The files also included medical and legal documents. ” concludes the company.

Military

Military Insurance Education Phishing

Operators behind Dark Caracal are still alive and operational

Security Affairs

NOVEMBER 29, 2020

.” During the last campaign, the hackers targeted multiple sectors including Government, financial, energy, food industry, healthcare, education, IT, and legal institutions. The first stage leverages a lure Microsoft Word document (e.g. “Certified documents.docx”) delivered inside a ZIP file.

Energy and Utilities

Energy and Utilities Government Archiving Education

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

Security Affairs

NOVEMBER 10, 2019

The document shows the results of polling decision-makers in the cybersecurity and risk management sectors to get their expert opinions on things like the changing threat landscape, corporate decision-making about cybersecurity and other pertinent topics. One tip that education brands should follow is to create a prioritized list of risks.

Cybersecurity

Cybersecurity Risk Artificial Intelligence Education

University admission platform Leverage EDU exposed student passports

Security Affairs

MAY 16, 2023

The popular university admission platform Leverage EDU leaked almost 240,000 sensitive files, including students’ passports, financial documents, certificates, and exam results. It claims to have a network of over 650 educational institutions worldwide and 80 million users over the last year. Graduation certificate.

Personal data

Personal data Education Risk Phishing

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Security Affairs

DECEMBER 16, 2023

Its mission is to improve the lives of people worldwide through research, clinical care and education. The ransomware group initially claimed to have exfiltrated 533.1GB of data from the company and published thumbnails of some alleged stolen documents. Who is Hunters International?

Ransomware

Ransomware Insurance Education Marketing

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

The SEABORGIUM group primarily focuses operations on defense and intelligence consulting companies, non-governmental organizations (NGOs) and intergovernmental organizations (IGOs), think tanks, and higher education. After the credentials are captured, the victim is redirected to a website or document to avoid raising suspicion.

Phishing

Phishing Education Security IT

Access to over 3,000 compromised sites sold on Russian black marketplace MagBo

Security Affairs

SEPTEMBER 19, 2018

Most of the compromised websites are e-commerce sites, but crooks also offered access to websites of organizations in healthcare, legal, education and insurance industries and belonging to government agencies. According to the experts, most of the compromised servers are from U.S., Russian, or German hosting services. .”

Access

Access Mining Insurance Sales

How Do I Tame My Information Chaos? 3 Ways to Address it Head-On

AIIM

APRIL 9, 2020

It was something focused primarily on paper documents. It was something focused on archiving the document rather than on the extraction of data from the document. For many years, information “capture” - or the way we collect information into a useable/manageable format, was somewhat of an afterthought.

Digital transformation

Digital transformation Information capture IT Artificial Intelligence

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media. .

Healthcare

Healthcare Phishing Archiving Education

Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia

Security Affairs

JUNE 9, 2022

SentinelOne documented a series of attacks aimed at government, education, and telecom entities in Southeast Asia and Australia carried out by a previously undocumented Chinese-speaking APT tracked as Aoqin Dragon. The APT primary focus on cyberespionage against targets in Australia, Cambodia, Hong Kong, Singapore, and Vietnam.

Encryption

Encryption Education Security Cybersecurity

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

The groups targeted organizations in the business services, financial, health, retail/consumer, aero-military, engineering and manufacturing, government, education, transportation, and utilities industries. In some attacks, the threat actors used weaponized Excel documents as a downloader.

Manufacturing

Manufacturing Phishing Military Retail

ToxicEye RAT exploits Telegram communications to steal data from victims

Security Affairs

APRIL 24, 2021

” Experts pointed out that the RAT can be also delivered by opening a malicious document (solution.doc) by pressing on “enable content.”. Any victim infected with this malicious payload can be attacked via the Telegram bot, which connects the user’s device back to the attacker’s C&C via Telegram.” ” concludes the report.

Communications

Communications File names Encryption Education

Malicious file analysis – Example 01

Security Affairs

AUGUST 9, 2022

Microsoft Office Documents. Microsoft Office Documents. PEframe is an open source tool to perform static analysis of malware executables and malicious MS Office documents. olevba is a script to parse OLE and OpenXML files such as MS Office documents (e.g. Some files are more used in attacks. Compressed files. Pdf-parser.

Libraries

Libraries Metadata Education Security

California-based workforce platform Prosperix leaks drivers licenses and medical records

Security Affairs

JUNE 1, 2023

42,000 of them contained the sensitive data of job seekers, namely: Full names Dates of birth Occupation history Home addresses Phone numbers Email addresses According to the researchers, most of these files were employment authorization documents, driving licenses, resumes, filled job application forms, diploma certificates and transcripts.

Encryption

Encryption Risk Education Phishing

Microsoft announced the general availability of Windows Autopatch feature

Security Affairs

JULY 12, 2022

The feature is available for Windows Enterprise E3 and E5 licenses, but Windows Education (A3) or Windows Front Line Worker (F3) licenses are not covered. ” Microsoft also published a FAQ page and documentation that provide additional information on how Windows Autopatch. Follow me on Twitter: @securityaffairs and Facebook.

Education

Education Security IT Information Security

Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack

Security Affairs

SEPTEMBER 30, 2024

The clinic operates with a mission to deliver culturally sensitive healthcare, emphasizing education, prevention, and advocacy regardless of patients’ ability to pay. The clinic provides a range of services including primary care, dental care, and mental health support.

Data breaches

Data breaches Ransomware Personal data Cybersecurity

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

The crooks were able to falsify official documents of the victims and use them to trick telephone store employees into providing them a duplicate of SIM cards. The FBI recommends mobile carriers take the following precautions: Educate employees and conduct training sessions on SIM swapping.

Passwords

Passwords Authentication Access Retail

Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches

Data breaches Security Ransomware Phishing

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

In at least one compromise, the APT actor laterally traversed an SLTT victim network and accessed documents related to sensitive network configurations and passwords, standard operating procedures (SOP), IT instructions, such as requesting password resets, vendors and purchasing information. printing access badges.

Government

Government Passwords Access Cybersecurity

ENISA – The need for Incident Response Capabilities in the health sector

Security Affairs

NOVEMBER 14, 2021

The document aims at offering insights on current incident response (IR) trends and providing recommendations about the development of IR capabilities in the health sector. An attack against a hospital can lead to physical damages and put the lives of patients at risk. ” concludes the report. ” [link].

Artificial Intelligence

Artificial Intelligence Big data Communications IoT

Samsung employees unwittingly leaked company secret data by using ChatGPT

Security Affairs

APRIL 10, 2023

Samsung employees have shared internal documents, including meeting notes and source code, with the popular chatbot service ChatGPT. Samsung employees have unwittingly leaked top secret data by providing them to the popular chatbot service ChatGPT.

Personal data

Personal data Education Risk Privacy

Security Affairs newsletter Round 353

Security Affairs

FEBRUARY 13, 2022

Organizations are addressing zero-day vulnerabilities more quickly, says Google CISA, FBI, NSA warn of the increased globalized threat of ransomware Croatian phone carrier A1 Hrvatska discloses data breach FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities (..)

Security

Security Ransomware Data breaches Education

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

In 2018, the cyberespionage group targeted once again Vietnam running a spear-phishing campaign that uses weaponized documents featuring Vietnamese-language lures and themes. Since 2017, the group was observed launching attacks using RTF lure documents with political content related to Vietnam.

Military

Military Government Phishing Libraries

Crooks social-engineered GoDaddy staff to take over crypto-biz domains

Security Affairs

NOVEMBER 24, 2020

In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.” . “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts.

Data breaches

Data breaches Mining Education Access

NYC Special Needs Student's Records Found Exposed on Web

Data Breach Today

MARCH 21, 2023

Researcher Says Database Containing Nearly 50,000 Documents Appears Secure Now Nearly 50,000 documents containing personal information of special education students who live in New York City and attend public school there were recently found exposed on the internet in an unsecured database.

Education

Education Security

Google sued by New Mexico attorney general for collecting student data through its Education Platform

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Webinars

Trending Sources

Document Scanning for Higher Education

Webinars

APT36 Running Espionage Ops Against India's Education Sector

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Save the Children confirms it was hit by cyber attack

Personal Data and docs of Swiss town Rolle available on the dark web

“Beyond the border scam”, pay attention to the instance of the new Nigerian fraud

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Data Breach: Turkish legal advising company exposed over 15,000 clients

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Rhysida ransomware group hacked Abdali Hospital in Jordan

Insurance scams via QR codes: how to recognise and defend yourself

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Researcher published PoC exploit for Ghostscript zero-day

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Dutch Research Council (NWO) confirms DoppelPaymer ransomware attack

Security Affairs newsletter Round 253

Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization

Operators behind Dark Caracal are still alive and operational

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

University admission platform Leverage EDU exposed student passports

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Access to over 3,000 compromised sites sold on Russian black marketplace MagBo

How Do I Tame My Information Chaos? 3 Ways to Address it Head-On

Financially motivated Earth Lusca threat actors targets organizations worldwide

Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

ToxicEye RAT exploits Telegram communications to steal data from victims

Malicious file analysis – Example 01

California-based workforce platform Prosperix leaks drivers licenses and medical records

Microsoft announced the general availability of Windows Autopatch feature

Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

ENISA – The need for Incident Response Capabilities in the health sector

Samsung employees unwittingly leaked company secret data by using ChatGPT

Security Affairs newsletter Round 353

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Crooks social-engineered GoDaddy staff to take over crypto-biz domains

NYC Special Needs Student's Records Found Exposed on Web

Stay Connected