Education and Information Security - Information Management Today

Pennsylvania State Education Association data breach impacts 500,000 individuals

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. PSEA is affiliated with the National Education Association (NEA).

Education

Education Data breaches Passwords Insurance

Alabama State Department of Education suffered a data breach following a blocked attack

Security Affairs

JULY 7, 2024

Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped.

Education

Education Data breaches Ransomware Access

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. NetSupport RAT is a remote control and desktop management software developed by NetSupport Ltd.

Education

Education Government Business Services Archiving

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Access

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education

Education Ransomware Encryption Communications

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

“According to the indictment, Ptitsyn facilitated the worldwide use of a dangerous ransomware strain to target corporations and various organizations, including government agencies, healthcare facilities, educational institutions, and critical infrastructure.

Ransomware

Ransomware Education Sales Government

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

” The International Civil Aviation Organization (ICAO) is investigating a significant data breach that has raised concerns about the security of its systems and employees data. ” reads the press release published by the Spanish Police. .”

Data breaches

Data breaches Information Security Government Access

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

In addition, cryptocurrency exchange platforms are implementing more stringent security measures, such as two-factor authentication and advanced encryption, to protect users’ funds. Educate and protect users and investors To effectively counter cybercrime, it is essential to understand the nature and techniques used by criminals.

Education

Education Mining Encryption Cybersecurity

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Security Affairs

DECEMBER 19, 2024

“While we found it to be popular with State, Local, and Education (SLED) and healthcare focused customers, luckily the internet exposure is fairly limited to around 15 instances.” Threat actors frequently target Fortinet devices, making it crucial for customers to update their installations promptly. ” concludes the report.

Authentication

Authentication Education Access IT

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.”

Phishing

Phishing Authentication Access Government

Credential Flusher, understanding the threat and how to protect your login data

Security Affairs

SEPTEMBER 18, 2024

About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. Education improves awareness” is his slogan.

Passwords

Passwords Authentication Education Phishing

Cybersecurity, why a hotline number could be important?

Security Affairs

OCTOBER 6, 2023

No less important, an emergency cybersecurity number would encourage the spread of digital education. About the author: Salvatore Lombardo Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security.

Cybersecurity

Cybersecurity Computer and Electronics Education Information Security

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Security Affairs

JUNE 24, 2021

The malware was recently employed in attacks against large US schools and education organizations. . “Healthcare and education organizations also host large volumes of sensitive data, making them more valuable targets. .” The Trojan leverages the gobfuscate GoLang tool for obfuscation. Pierluigi Paganini.

Ransomware

Ransomware Education Cybersecurity Government

App used by hundreds of schools leaking children’s data

Security Affairs

NOVEMBER 24, 2023

The leaked data about minors could have dire consequences, as this information can put children at physical risk by revealing their daily whereabouts. It can also be used by someone with malicious intent to impersonate school officials or manipulate children and parents,” said Vincentas Baubonis, Information Security Researcher at Cybernews.

Risk

Risk Education Personal data Phishing

“My Slice”, an Italian adaptive phishing campaign

Security Affairs

JANUARY 22, 2024

Organizations and individuals should be aware of adaptive phishing techniques and implement cybersecurity training to educate users on how to recognize and avoid online scams. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”. Education improves awareness” is his slogan.

Phishing

Phishing Education Cybersecurity Data breaches

Insurance scams via QR codes: how to recognise and defend yourself

Security Affairs

MARCH 12, 2024

Credit: Truffe assicurative tramite QR code: come riconoscerle e difendersi About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security.

Insurance

Insurance Education Personal data Sales

Online job offers, the reshipping and money mule scams

Security Affairs

JUNE 17, 2024

About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. Education improves awareness” is his slogan.

Marketing

Marketing Education Information Security IT

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. The BSI also added that there is an unreported number of Exchange servers of comparable size that are potentially vulnerable.

Information Security

Information Security Cybersecurity Education Authentication

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI has observed incidents of stolen higher education credential information posted on publically accessible online forums or listed for sale on criminal marketplaces.

Sales

Sales Education Phishing Passwords

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

AUGUST 28, 2024

The group continued to carry out password spray attacks targeting the educational sector for infrastructure procurement and focused on the satellite, government, and defense sectors for intelligence gathering. They also leveraged compromised accounts from educational institutions to create additional Azure tenants.

IT

IT Education File names Passwords

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

Blackbaud is a cloud computing provider that serves the social good community — nonprofits, foundations, corporations, education institutions, healthcare organizations, religious organizations, and individual change agents.

IT

IT Ransomware Education Data breaches

National Student Clearinghouse data breach impacted approximately 900 US schools

Security Affairs

SEPTEMBER 24, 2023

educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools.

Data breaches

Data breaches Education Ransomware Cybersecurity

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

e-Discovery

e-Discovery Communications Ransomware Government

A zero-day in Atlas VPN Linux Client leaks users’ IP address

Security Affairs

SEPTEMBER 6, 2023

A Reddit user with the handle ‘Educational-Map-8145’ published a proof of concept exploit for a zero-day flaw in the Linux client of Atlas VPN. “The client does not connect via a local socket or any other secure means but instead it opens an API on localhost on port 8076. It does not have ANY authentication.

Education

Education Authentication Cybersecurity IT

Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers

Security Affairs

JULY 25, 2024

The flaw was reported by: Peter Girnus (gothburz) of Trend Micro’s Zero Day Initiative with Trend Micro dwbzn with Aura Information Security Dima Lenz and Vlad Stolyarov of Google’s Threat Analysis Group Microsoft addressed the flaw with the release of Patch Tuesday Security updates for February 2024.

Education

Education Security Information Security Cybersecurity

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Security Affairs

NOVEMBER 7, 2023

Iran-linked Agonizing Serpens group (aka Agrius , BlackShadow , Pink Sandstorm , DEV-0022 ) has been targeting Israeli organizations in higher education and tech sectors with destructive cyber attacks since January 2023. Based on our telemetry, the most targeted organizations belong to the education and technology sectors.”

Education

Education Ransomware Security Access

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Education Libraries

Hackers are taking advantage of the interest in generative AI to install Malware

Security Affairs

MAY 3, 2023

” said Meta Chief Information Security Officer Guy Rosen. The rapid evolution of generative AI space is attracting threat actors, for this reason, Meta recommends being vigilant on the evolution of the threat landscape. “ChatGPT is the new crypto.”

Education

Education Information Security Cybersecurity Security

Phishing, the campaigns that are targeting Italy

Security Affairs

OCTOBER 12, 2023

About the author: Salvatore Lombardo Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”.

Phishing

Phishing Education Passwords Security

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement). was the prevalent variant in 2023.

Ransomware

Ransomware Cybersecurity Agriculture Education

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Security Affairs

AUGUST 6, 2024

The Ministry of Education (MOE) in Singapore confirmed that the incident heavily impacted students in the country. Some students who use iPads or Chromebooks as personal learning devices claimed they were unable to access their applications and information stored on their devices.

MDM

MDM Education Access Security

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. This tool modifies a JavaScript constraints file and executes it with SYSTEM-level permissions.

IT

IT Education Cybersecurity Risk

“Beyond the border scam”, pay attention to the instance of the new Nigerian fraud

Security Affairs

FEBRUARY 22, 2024

Credit “Beyond the border scam”, attenzione all’istanza della nuova truffa alla nigeriana About the author: Salvatore Lombardo ( Twitter @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security.

Computer and Electronics

Computer and Electronics Paper Education Communications

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

The ransomware was originally written in Go language and was employed in attacks aimed at healthcare and education sectors in countries like Thailand and Indonesia. “An emerging ransomware family, Agenda has recently been targeting critical sectors such as healthcare and education industries. AGENDA.THIAFBB.”

Ransomware

Ransomware Encryption Passwords Education

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Silk Typhoon targets multiple sectors worldwide, including information technology (IT) services and infrastructure, remote monitoring and management (RMM) companies, managed service providers (MSPs) and affiliates, healthcare, legal services, higher education, defense, government, non-governmental organizations (NGOs), and energy.

Energy and Utilities

Energy and Utilities IT Cloud Passwords

X will collect biometric data from its premium users

Security Affairs

SEPTEMBER 4, 2023

X also announced that it may collect and use your Job Applications / Recommendations (such as your employment history, educational history, employment preferences, skills and abilities, job search activity and engagement, and so on).

IT

IT Privacy Education Government

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The Rhysida ransomware group has been active since May 2023. According to the gang’s Tor leak site, at least 62 companies are victims of the operation.

Ransomware

Ransomware Manufacturing Education Libraries

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The Rhysida ransomware group has been active since May 2023. According to the gang’s Tor leak site, at least 62 companies are victims of the operation.

Ransomware

Ransomware Manufacturing Education Libraries

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Education Passwords

UK Research and Innovation (UKRI) discloses ransomware attack

Security Affairs

JANUARY 30, 2021

Our organisation brings together the seven disciplinary research councils, Research England, which is responsible for supporting research and knowledge exchange at higher education institutions in England, and the UK’s innovation agency, Innovate UK. “The UKRO portal provides an information service to subscribers.

Ransomware

Ransomware Education Personal data Encryption

Most Common Causes of Data Breach and How to Prevent It

Security Affairs

MAY 3, 2021

Hacking attempts can be prevented by beefing up network security and using the latest network security tools for identifying and stopping brute force attacks. The defense against data breaches includes several things: Companies need to apply the necessary security measures. Consumers should be wary of their data as well.

Data breaches

Data breaches IT Phishing Passwords

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments. Unit42 researchers uncovered a new backdoor named Agent Raccoon, which is being used in attacks against organizations in the Middle East, Africa, and the U.S.

Retail

Retail Education Communications Government

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

New York City based Sisense has more than 1,000 customers across a range of industry verticals, including financial services, telecommunications, healthcare and higher education. ” “We are taking this matter seriously and promptly commenced an investigation,” Dash continued.

Encryption

Encryption Passwords Access Financial Services

The Los Angeles Unified School District hit by a ransomware attack

Security Affairs

SEPTEMBER 7, 2022

Department of Education, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. .” The LA Unified School District is investigating the incident and announced to have implemented the incident response procedure. The investigation involved the the U.S.

Ransomware

Ransomware Education Cybersecurity Security

Pennsylvania State Education Association data breach impacts 500,000 individuals

Alabama State Department of Education suffered a data breach following a blocked attack

Webinars

Trending Sources

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Webinars

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Russian Phobos ransomware operator faces cybercrime charges

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Cryptocurrencies and cybercrime: A critical intermingling

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Storm-2372 used the device code phishing technique since August 2024

Credential Flusher, understanding the threat and how to protect your login data

Cybersecurity, why a hotline number could be important?

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

App used by hundreds of schools leaking children’s data

“My Slice”, an Italian adaptive phishing campaign

Insurance scams via QR codes: how to recognise and defend yourself

Online job offers, the reshipping and money mule scams

German BSI warns of 17,000 unpatched Microsoft Exchange servers

FBI: Compromised US academic credentials available on various cybercrime forums

Iran-linked group APT33 adds new Tickler malware to its arsenal

Save the Children confirms it was hit by cyber attack

National Student Clearinghouse data breach impacted approximately 900 US schools

China’s Volt Typhoon botnet has re-emerged

A zero-day in Atlas VPN Linux Client leaks users’ IP address

Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Rhysida ransomware gang claimed China Energy hack

Hackers are taking advantage of the interest in generative AI to install Malware

Phishing, the campaigns that are targeting Italy

Cybersecurity agencies published a joint LockBit ransomware advisory

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

“Beyond the border scam”, pay attention to the instance of the new Nigerian fraud

Experts spotted a variant of the Agenda Ransomware written in Rust

China-linked APT Silk Typhoon targets IT Supply Chain

X will collect biometric data from its premium users

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Rhysida ransomware group hacked Abdali Hospital in Jordan

FBI and CISA warn of attacks by Rhysida ransomware gang

UK Research and Innovation (UKRI) discloses ransomware attack

Most Common Causes of Data Breach and How to Prevent It

New Agent Raccoon malware targets the Middle East, Africa and the US

Why CISA is Warning CISOs About a Breach at Sisense

The Los Angeles Unified School District hit by a ransomware attack

Stay Connected