Education, IT and Security - Information Management Today

UK Cyber Security Council to Tackle Education, Standards

Data Breach Today

JUNE 5, 2021

Cyber Security Council is a new self-regulatory body for the profession. Claudia Natanson Describes Vision of U.K.’s s New Self-Regulatory Body U.K. It is tasked by the U.K. Government to execute their vision for the U.K.

Education

Education Security Government IT

Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

Krebs on Security

OCTOBER 14, 2021

Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state education website that exposed the Social Security numbers of 100,000 elementary and secondary teachers. Louis Post-Dispatch for reporting a security vulnerability that exposed teacher SSNs.

Security

Security Education Computer and Electronics Access

Huntress Buys Security Training Provider Curricula for $22M

Data Breach Today

JULY 21, 2022

Firm's Largest Acquisition to Extend User Education to Small to Midsized Clients Huntress has made the largest acquisition in its eight-year history, buying Curricula to boost user education.

Education

Education Security IT

KnowBe4 Recognized as Cyber Security Educator of the Year at IT Europa Awards 2024

KnowBe4

JUNE 28, 2024

It's a great honor for KnowBe4 to be named the Cyber Security Educator of the Year at the prestigious IT Europa Channel Awards 2024.

Education

Education IT Security Security awareness

Report: Missouri Governor’s Office Responsible for Teacher Data Leak

Krebs on Security

FEBRUARY 22, 2022

Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. Louis Post-Dispatch for reporting a security vulnerability that exposed teacher SSNs. In October 2021, St.

Education

Education Access Security Communications

Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security

Krebs on Security

JANUARY 31, 2020

11, 2019, two security experts at a company that had been hired by the state of Iowa to test the physical and network security of its judicial system were arrested while probing the security of an Iowa county courthouse, jailed in orange jumpsuits, charged with burglary, and held on $100,000 bail. On Thursday Jan.

Security

Security Education Access IT

Alabama State Department of Education suffered a data breach following a blocked attack

Security Affairs

JULY 7, 2024

Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped.

Education

Education Data breaches Ransomware Access

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

has a business unit called Securence , which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. Internet/Securence says your email is secure. Hold Security founder Alex Holden said his researchers had unearthed a public link to a U.S.

Education

Education Data breaches Government Security

News alert: Security Journey accelerates secure coding training platform enhancements

The Last Watchdog

JULY 13, 2023

Pittsburgh, PA – July 13, 2023 – Security Journey, a best-in-class application security education company, has today announced an acceleration of its secure coding training platform enhancements. undergraduate computer science programs mandate courses in application security.

Security

Security Education Communications Libraries

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

The Last Watchdog

FEBRUARY 11, 2024

Related: The case for augmented reality training Because of this, cybersecurity investments and regulatory oversight are increasing at an astounding rate , especially for those in the financial services industry, bringing an overwhelming feeling to chief compliance officers without dedicated security teams. The list goes on.

Risk

Risk IT Financial Services Cybersecurity

GUEST ESSAY: ‘Cybersecurity specialist’ tops list of work-from-home IT jobs that need filling

The Last Watchdog

MARCH 29, 2021

Having said that, here are some examples of IT careers you can learn online through free courses: Security specialist. A wide range of companies, in just about every field, are adding computer security specialists. One of the hottest fields right now on the WFH radar is the information technology (IT) sector. IT specialist/manager.

Cybersecurity

Cybersecurity IT Education Sales

GUEST ESSAY: The post-pandemic challenges of securely managing employee endpoints

The Last Watchdog

JULY 1, 2022

This raises the concerns of corporate data security in remote working that still stand as a key challenge that organizations are trying to navigate, workforce productivity being the second. Managing endpoints securely . Related: Deploying human sensors. Fragmentation dilemma .

Security

Security MDM Education Phishing

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

22, 2024, CyberNewswire — INE Security offers essential advice to protect digital assets and enhance security. Warn “Small businesses face a unique set of cybersecurity challenges and threats and must be especially proactive with cybersecurity training,” said Dara Warn, CEO of INE Security. “At Cary, NC, Oct.

Security

Security Data breaches Passwords Cybersecurity

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

However, there’s still a long way to go to achieve deep interoperability of interconnected services in a way that preserves privacy and is very secure. It’s important that as consumers are shopping for these smart home devices that they learn to recognize the Matter trademark so that they can make educated decisions.”

Security

Security Manufacturing Authentication Marketing

The Education Sector Experienced the Highest Number of Data Breaches in 2023

KnowBe4

MAY 7, 2024

New data from Verizon makes it clear that the Education sector is under attack, but also breaks down which threat actions and patterns are used most.

Education

Education Data breaches IT Security awareness

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. NetSupport RAT is a remote control and desktop management software developed by NetSupport Ltd. implacavelvideos[.]com).

Education

Education Government Business Services Archiving

GUEST ESSAY: Can Apple’s pricey ‘Business Essentials’ truly help SMBs secure their endpoints?

The Last Watchdog

FEBRUARY 8, 2022

While each of them has its distinguishing features, Apple’s privacy and security are what makes it the typical enterprise’s pick. All this happens while promising cloud backup, prioritized support, and secure data storage. Zuckerberg on privacy. ABE is beneficial for businesses that have an entire Apple ecosystem. A pricey play.

MDM

MDM Security Marketing Privacy

GUEST ESSAY: The many benefits of infusing application security during software ‘runtime’

The Last Watchdog

JUNE 27, 2022

Log4j, a widely publicized zero day vulnerability, was first identified in late 2021, yet security teams are still racing to patch and protect their enterprise apps and services. To improve web application security, there are basic steps an organization should take: •Security test earlier in the development cycle.

Security

Security Education Marketing Risk

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

The company disclosed the security incident after the ransomware gang BianLian listed the organization on its Tor leak site. The organization notified law enforcement agencies and is working with external cyber security experts to investigate the security breach.

IT

IT Ransomware Education Data breaches

XDR for ChromeOS: What Does It Mean for the Cyber Industry?

Data Breach Today

MAY 3, 2023

CrowdStrike's Michael Sentonas on Aiding Education Clients With XDR for Chromebooks CrowdStrike has focused on bringing its extended detection and response technology to users with less expensive devices such as Chromebooks by adding support for Google's ChromeOS.

IT

IT Education Compliance Security

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

JANUARY 2, 2024

Lack of security awareness and education. Often, employees within organizations lack sufficient security awareness and education. Organizations need to invest in cybersecurity training programs to educate their employees about security best practices. Inadequate security testing.

Risk

Risk Security awareness Education Compliance

X will collect biometric data from its premium users

Security Affairs

SEPTEMBER 4, 2023

The social media site X announced that it will collect premium users’ biometric data for security and identification purposes. Based on your consent, we may collect and use your biometric information for safety, security, and identification purposes.” ” reads the updated privacy policy. “ Biometric Information.

IT

IT Privacy Education Government

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. National Security Agency and Microsoft addressed it with the release of Microsoft October 2022 Patch Tuesday security updates.

IT

IT Education Cybersecurity Risk

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. Speaking on condition of anonymity, two cybersecurity experts who’ve briefed U.S.

Cybersecurity

Cybersecurity Cleanup Government Cloud

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

The Last Watchdog

AUGUST 22, 2024

22, 2024, CyberNewsWire — INE Security , a global cybersecurity training and certification provider, recently launched initiatives with several higher education institutions in an ongoing campaign to invest in the education of aspiring cybersecurity professionals. Cary, NC, Aug.

Cybersecurity

Cybersecurity Education Security Artificial Intelligence

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

The Last Watchdog

AUGUST 20, 2024

INE Security , a global leader in cybersecurity training and certifications, is exploring how overlooking this critical aspect of organizational strategy can lead to a financial crisis and laying out five key reasons why cybersecurity training is important. . Cary, NC, Aug.

Cybersecurity

Cybersecurity Security Education Compliance

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Krebs on Security

MARCH 2, 2021

today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The patches released today fix security problems in Microsoft Exchange Server 2013 , 2016 and 2019. Microsoft Corp. Microsoft credited researchers at Reston, Va.

Education

Education Access Authentication Communications

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

The Last Watchdog

JULY 11, 2022

Essential security tool. Post Covid 19, these patterns are likely to become even more engrained as digitally remote work, education, healthcare and entertainment activities predominate. VPNs factor into this shift, as the burden on individual consumers to preserve privacy and secure their sensitive data is greater than ever.

Security

Security Data breaches B2C Privacy

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

The Last Watchdog

JULY 11, 2023

Related: Preserving the privacy of the elderly As more traders and investors engage in these investment avenues, it is crucial to adopt robust security measures to safeguard sensitive and regulated information. Continuous threat detection is a proactive approach to maintaining trading environment security.

Encryption

Encryption IT Risk Financial Services

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

FEBRUARY 15, 2021

In response to continuing waves of data breaches and network disruptions, companies have made a concerted effort and poured substantial resources into promoting data security awareness among employees, suppliers and clients. Cybersecurity education for kids is therefore a smart investment. We’re all connected. Offer employee perks?

Education

Education Cybersecurity Security awareness Data breaches

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

MAY 14, 2021

This is interesting because security experts have posited that many of DarkSide’s core members are closely tied to the REvil gang. The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills.

Ransomware

Ransomware Education Communications Access

Should Failing Phish Tests Be a Fireable Offense?

Krebs on Security

MAY 29, 2019

based firm that helps companies educate and test employees on how not to fall for phishing scams. “There are a lot of things that organizations can do that aren’t as draconian and still have the desired effect of making security posture stronger,” he said. Otherwise, it just creates resentment among employees.”

Phishing

Phishing Education Security IT

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

The Last Watchdog

FEBRUARY 20, 2024

Related: The security case for AR, VR AI chatbots use natural language processing, which enables them to understand and respond to human language and machine learning algorithms. Inadequate authorization controls may result in unapproved interactions and data exposure, posing significant security threats.

Cybersecurity

Cybersecurity Authentication Communications Privacy

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

A report from the security firm Team Cymru found the DDoS attack infrastructure used in NoName campaigns is assigned to two interlinked hosting providers: MIRhosting and Stark Industries. ” This graphic comes from a recent report from Arbor NETSCOUT about DDoS attacks from Russian hacktivist groups. Image: SentinelOne.com.

Cloud

Cloud Education Government Communications

GUEST ESSAY: A call to blur the lines between cybersecurity training, up-skilling and higher ed

The Last Watchdog

APRIL 26, 2022

Related: Cultivating ‘human sensors’ They may not entirely realize that when compounded, these two concerns could pose a critical security threat for their organization. Losing the security talent that they do have to what has been called the Great Resignation. He is the author of The Shellcoder’s Handbook.

Cybersecurity

Cybersecurity Education Communications Security

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

AUGUST 28, 2024

The group continued to carry out password spray attacks targeting the educational sector for infrastructure procurement and focused on the satellite, government, and defense sectors for intelligence gathering. They also leveraged compromised accounts from educational institutions to create additional Azure tenants.

IT

IT Education File names Passwords

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense , whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. “We will provide updates as more information becomes available.”

Encryption

Encryption Passwords Access Financial Services

Pearson Slammed for Breach - Wasn't Just 'Data Exposure'

Data Breach Today

AUGUST 17, 2021

Securities and Exchange Commission order, education publishing giant Pearson misled investors when it failed to proactively inform them that attackers had stolen millions of rows of student information, including poorly hashed passwords. According to a U.S.

Education

Education Passwords Security IT

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

“InfraGard connects critical infrastructure owners, operators, and stakeholders with the FBI to provide education, networking, and information-sharing on security threats and risks,” the FBI’s InfraGard fact sheet reads. That InfraGard member, who is head of security at a major U.S. Department of Defense.

Energy and Utilities

Energy and Utilities Sales Communications Data breaches

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 17 was not related to a security incident, but rather a technical issue that materialized during planned network maintenance. 2019 that wasn’t discovered until April 2020.

Phishing

Phishing Access Passwords Authentication

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

The Last Watchdog

JULY 11, 2023

Boston, July 7, 2023 — CybSafe, the human risk management platform, has today announced CEO Oz Alashe MBE has been named as a SecurityInfoWatch.com , Security Business and Security Technology Executive magazines’ 2023 Security Industry Innovator Award winner. We are developing intelligent software to help them.”

Security

Security Risk Education Marketing

Highline Public Schools school district suspended its activities following a cyberattack

Security Affairs

SEPTEMBER 11, 2024

The HPS took critical systems offline in response to the security incident. “We have detected unauthorized activity on our technology systems and have taken immediate action to isolate critical systems. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Education)

IT

IT Ransomware Education Security

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

The Last Watchdog

FEBRUARY 5, 2024

Fortunately, effective tools and wise best practices can help mitigate this this exposure enabling companies to indefinitely leverage Exchange Server as a productive, resilient and secure communications tool. Navigating new risks Today, heavy reliance on cloud-centric IT infrastructure and cloud-hosted applications has become the norm.

Risk

Risk Cloud Communications Education

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert Insight into Email Threats,” delves into the cutting-edge tactics and technologies embraced by cybercriminals this year. million as malicious.

Security

Security Phishing Communications Financial Services

UK Cyber Security Council to Tackle Education, Standards

Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

Trending Sources

Huntress Buys Security Training Provider Curricula for $22M

KnowBe4 Recognized as Cyber Security Educator of the Year at IT Europa Awards 2024

Report: Missouri Governor’s Office Responsible for Teacher Data Leak

Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security

Alabama State Department of Education suffered a data breach following a blocked attack

U.S. Internet Leaked Years of Internal, Customer Emails

News alert: Security Journey accelerates secure coding training platform enhancements

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

GUEST ESSAY: ‘Cybersecurity specialist’ tops list of work-from-home IT jobs that need filling

GUEST ESSAY: The post-pandemic challenges of securely managing employee endpoints

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Education Sector Experienced the Highest Number of Data Breaches in 2023

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

GUEST ESSAY: Can Apple’s pricey ‘Business Essentials’ truly help SMBs secure their endpoints?

GUEST ESSAY: The many benefits of infusing application security during software ‘runtime’

Save the Children confirms it was hit by cyber attack

XDR for ChromeOS: What Does It Mean for the Cyber Industry?

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

X will collect biometric data from its premium users

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Should Failing Phish Tests Be a Fireable Offense?

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

Stark Industries Solutions: An Iron Hammer in the Cloud

GUEST ESSAY: A call to blur the lines between cybersecurity training, up-skilling and higher ed

Iran-linked group APT33 adds new Tickler malware to its arsenal

Why CISA is Warning CISOs About a Breach at Sisense

Pearson Slammed for Breach - Wasn't Just 'Data Exposure'

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

News Alert: CybSafe CEO Oz Alashe MBE recognized as “Security Industry Innovator” for 2023

Highline Public Schools school district suspended its activities following a cyberattack

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

Unmasking 2024’s Email Security Landscape

Stay Connected