Education, Security and Trends - Information Management Today

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Security Affairs

FEBRUARY 24, 2020

According to the FireEye Mandiant M-Trends 2020 report , FireEye analyzed 1.1 The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. million malware samples per day in 2019 and identified 1,268 malware families. Pierluigi Paganini.

Data breaches

Data breaches GDPR Education Cybersecurity

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming to safeguard their assets. Amidst this dynamic landscape, email stands as a primary battleground for cyber defense.

Security

Security Phishing Communications Financial Services

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

The best news of the week with Security Affairs. Google sued by New Mexico attorney general for collecting student data through its Education Platform. FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019. European Commission has chosen the Signal app to secure its communications. . Pierluigi Paganini.

Security

Security Ransomware Military Data breaches

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

New XORDDoS, Kaiji DDoS botnet variants target Docker servers

Security Affairs

JUNE 24, 2020

Operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online, Trend Micro warns. Trend Micro researchers reported that operators behind XORDDoS and Kaiji DDoS botnets recently started targeting Docker servers exposed online. ” reads the analysis published by Trend Micro. .

IoT

IoT Education Security Communications

Trend Micro takes multi-pronged approach to narrowing the gaping cybersecurity skills gap

The Last Watchdog

AUGUST 23, 2018

Businesses then are faced with the added pressure of having to add more and layered security measures across everything from end points to networks and even the cloud. Implementing a DevOps culture is worsening that skills gap by adding fresh security demands, further tapping the already-shallow talent pool. New job description.

Cybersecurity

Cybersecurity Cloud Education Security

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

Trend Micro researchers have spotted a new variant of the Agenda ransomware (aka Qilin) that is written in Rust Language. The ransomware was originally written in Go language and was employed in attacks aimed at healthcare and education sectors in countries like Thailand and Indonesia. AGENDA.THIAFBB.” Pierluigi Paganini.

Ransomware

Ransomware Encryption Passwords Education

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

Trend Micro researchers spotted an elusive threat actor, called Earth Lusca, that targets organizations worldwide via spear-phishing and watering hole attacks. . Trend Micro researchers speculate the group operates under the China-linked Winnti umbrella. ”reads the analysis published by Trend Micro. Pierluigi Paganini.

Healthcare

Healthcare Phishing Archiving Education

NEW TECH: Trend Micro flattens cyber risks — from software development to deployment

The Last Watchdog

AUGUST 25, 2020

As jarring as this abrupt shift to remote work has been for countless companies, government agencies and educational institutions, it has conversely been a huge boon for cyber criminals. I had the chance to meet — remotely, of course — with Kevin Simzer, Trend Micro’s Chief Operating Officer, to discuss this.

Risk

Risk Cloud Analytics Security

What the Email Security Landscape Looks Like in 2023

Security Affairs

MAY 12, 2023

Email-based threats have become increasingly sophisticated, how is changing the Email Security Landscape? Recently, VIPRE Security Group published their Email Security in 2023 report , where they shared insights on the development of email-based threats and how they can impact organizations. It’s a trend that’s growing.

Security

Security Phishing B2B Data breaches

What Are the Cyber Security Trends Around the World?

Thales Cloud Protection & Licensing

DECEMBER 16, 2021

What Are the Cyber Security Trends Around the World? At Thales we wanted to investigate what the cybersecurity trends are around the world. Let’s have a look at the trends shaping the cybersecurity industry. Criminals are mostly aiming to exploit human vulnerability and a lack of cybersecurity education.

Security

Security Ransomware Phishing Cybersecurity

Microsoft Announces Security Update with Windows Resiliency Initiative

eSecurity Planet

DECEMBER 4, 2024

Microsoft recently announced that they’re making changes to their Windows operating system to improve security and reliability. During the Ignite 2024 conference, Microsoft announced the Windows Resiliency Initiative to address these security concerns.

Security

Security Phishing Encryption Passwords

China-linked APT Earth Baku targets Europe, the Middle East, and Africa

Security Affairs

AUGUST 14, 2024

Trend Micro researchers observed the APT targeting countries like Italy, Germany, UAE, and Qatar, and the group is suspected to have targeted also entities in Georgia and Romania. The group targeted multiple industries, including media and communications, telecoms, technology, healthcare, and education and government entities. .

Encryption

Encryption Education Communications Access

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

Kaspersky reported attacks against entities in multiple industries, including education, chemical manufacturing, governmental research centers and policy institutes, IT service providers, utility providers and telecommunications. “The DTrack backdoor continues to be used actively by the Lazarus group. . Pierluigi Paganini.

Manufacturing

Manufacturing Education Encryption IT

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Security Affairs

MARCH 19, 2020

Security experts from Bitdefender recently discovered a new TrickBot variant that is targeting telecommunications organizations in the United States and Hong Kong. For example, in February 2019 Trend Micro detected a variant that includes a new module used for Remote App Credential-Grabbing. Pierluigi Paganini.

Financial Services

Financial Services Education Communications IT

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Security Affairs

FEBRUARY 4, 2022

“MFA and passwordless solutions can go a long way in preventing a variety of threats and we’re committed to educating customers on solutions such as these to better protect themselves. Cyber Signals provide trend analysis and practical guidance to strengthen the defense of its customers. ” states Microsoft.

Phishing

Phishing Authentication Education Cloud

New Agenda Ransomware appears in the threat landscape

Security Affairs

AUGUST 27, 2022

Trend Micro researchers warn of a new ransomware family called Agenda, which has been used in attacks on organizations in Asia and Africa. Trend Micro researchers recently discovered a new piece of targeted ransomware, tracked as Agenda, that was written in the Go programming language. ” reads the report published by Trend Micro.

Ransomware

Ransomware Encryption Passwords Education

Vice Society ransomware gang is using a custom locker

Security Affairs

DECEMBER 22, 2022

This group focuses on public school districts and other educational institutions, like other ransomware gangs it implements a double extortion model and publishes data stolen from the victims on a data leak site. The encryption scheme used by PolyVice combines asymmetric and symmetric encryption to securely encrypt files.

Ransomware

Ransomware Encryption File names Education

The state of secure information management: Strategies for securing access and protecting sensitive data

OpenText Information Management

NOVEMBER 27, 2024

But before then, we’ll be sharing proprietary research from the upcoming State of Secure Information Management where we explore strategies to enable secure access and protect sensitive data. This presents an opportunity for education and training programs in the industry. We look forward to sharing the rest.

Access

Access Security Data Privacy Compliance

Shade Ransomware gang shut down operations and releases 750K decryption keys

Security Affairs

APRIL 27, 2020

The Shade infections increased during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size. Moth of the victims belongs to high-tech, wholesale and education sectors. Pierluigi Paganini.

Ransomware

Ransomware File names Education Encryption

Trends and Predictions for 2022 – More of the Same?

Thales Cloud Protection & Licensing

JANUARY 5, 2022

Trends and Predictions for 2022 – More of the Same? During the latest Thales Security Sessions podcast , hosted by Neira Jones, I had the pleasure to discuss what we can expect in 2022 with Andy Green, CISO at Gemserv, and how the many changes have impacted the security landscape. What are the key security challenges for 2022?

Phishing

Phishing Digital transformation Communications Cybersecurity

ENISA – The need for Incident Response Capabilities in the health sector

Security Affairs

NOVEMBER 14, 2021

The document aims at offering insights on current incident response (IR) trends and providing recommendations about the development of IR capabilities in the health sector. The post ENISA – The need for Incident Response Capabilities in the health sector appeared first on Security Affairs. ” reads the report.

Artificial Intelligence

Artificial Intelligence Big data Communications IoT

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

The company received two vulnerability reports from the cybersecurity firm Trend Micro ) for high/critical severity security issues in PaperCut MF/NG. Trend Micro announced they will disclose further information (TBD) about the vulnerability on 10th May 2023. ” reads the advisory published by PaperCut. Last week, the U.S.

Cybersecurity

Cybersecurity Ransomware Education Access

TA505 group updates tactics and expands the list of targets

Security Affairs

AUGUST 28, 2019

Trend Micro revealed that the TA505 group that is behind the Dridex and Locky malware families continue to make small changes to its operations. In the middle of July, Trend Micro observed for the first time attacks leveraging. ” Trend Micro concludes. ISO file attachments targeting Turkish and Serbian banks.

e-Delivery

e-Delivery Insurance Retail Government

GUEST ESSAY: Can Apple’s pricey ‘Business Essentials’ truly help SMBs secure their endpoints?

The Last Watchdog

FEBRUARY 8, 2022

While each of them has its distinguishing features, Apple’s privacy and security are what makes it the typical enterprise’s pick. All this happens while promising cloud backup, prioritized support, and secure data storage. Related: Co ok vs. Zuckerberg on privacy. Yet, it’s pricing strategy puts businesses in a dilemma.

MDM

MDM Security Marketing Privacy

Helping higher education institutions graduate to data intelligence

Collibra

JUNE 27, 2023

1) How can institutions of higher education use data to start making strategic decisions? Get all the details in Collibra Data Intelligence Cloud for Higher Education , our helpful solution brief. Graduate to data intelligence It’s no secret that data is key to the educational mission. In 2020, the U.S.

Education

Education Cloud Digital transformation Data science

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

Google TAG experts pointed out that the Chinese group previously used GC2 in July 2022 in an attack aimed at an Italian job search website These incidents highlighted a few key threat trends by China-affiliated threat actors. HOODOO’s use of GC2 is an example of this trend.

Cloud

Cloud Phishing Government Education

Data breaches grow across UK education sector

IT Governance

NOVEMBER 29, 2018

A recent freedom of information request by chartered accountants UHY Hacker Young reveals a worrying rise in reported data breaches across the UK education sector. The government’s Cyber Essentials scheme helps organisations guard against the most common cyber threats and demonstrate commitment to cyber security.

Education

Education Data breaches GDPR Government

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

Security Affairs

APRIL 29, 2023

Trend Micro researchers observed a new ViperSoftX malware campaign that unlike previous attacks relies on DLL sideloading for its arrival and execution technique. ” reads the analysis published by Trend Micro. .” ” reads the analysis published by Trend Micro. c2 arrowlchat[.]com

Encryption

Encryption Passwords Education Communications

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. Then Trend Micro researchers initially analyzed a Windows 32-bit sample of the ransomware from Twitter.

Ransomware

Ransomware Encryption File names Cybersecurity

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

Security Affairs

JUNE 29, 2022

This may include software architects, designers, developers, testers, users, project managers, security researchers, educators, and contributors to standards developing organizations (SDOs).” The post Mitre shared 2022 CWE Top 25 most dangerous software weaknesses appeared first on Security Affairs. Pierluigi Paganini.

Authentication

Authentication Education Security Cybersecurity

Shade Ransomware is very active outside of Russia and targets more English-speaking victims

Security Affairs

MAY 28, 2019

The Shade infections increased during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size. Moth of the victims belongs to high-tech, wholesale and education sectors. Pierluigi Paganini.

Ransomware

Ransomware File names Education Encryption

Experts released PoC Exploit code for actively exploited PaperCut flaw

Security Affairs

APRIL 24, 2023

The company received two vulnerability reports from the cybersecurity firm Trend Micro for high/critical severity security issues in PaperCut MF/NG. Trend Micro announced they will disclose further information (TBD) about the vulnerability on 10th May 2023. ” reads the advisory published by PaperCut.

Authentication

Authentication Cybersecurity Education Access

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Security Affairs

APRIL 14, 2020

lt/wras/savekey.php containing its hostname and the main decryption key for the host, which is, in itself, AES encrypted:” Palo Alto Networks researchers determine that ransomware strain was EDA2 based , open-source ransomware that was initially created for educational purposes. Pierluigi Paganini. adrotate banner=”13″].

Ransomware

Ransomware Phishing Government File names

Experts devised a new exploit for the PaperCut flaw that can bypass all current detection

Security Affairs

MAY 4, 2023

The company received two vulnerability reports from the cybersecurity firm Trend Micro for high/critical severity security issues in PaperCut MF/NG. Trend Micro announced they will disclose further information (TBD) about the vulnerability on 10th May 2023.

Cybersecurity

Cybersecurity Education Access Passwords

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

MAY 7, 2021

Hancitor became another commodity malware which partnered with ransomware gangs to help them gain initial access to target networks – the increasing trend outlined by Group-IB researchers in the recent Ransomware Uncovered 2020/2021 report. The exfiltrated data is published on a dedicated Cuba DLS (Data Leak Site). Pierluigi Paganini.

Ransomware

Ransomware Education Manufacturing Healthcare

Mishing Is the New Phishing — And It’s More Dangerous

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded. What is mishing?

Phishing

Phishing Data breaches Education Risk

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Security Affairs

APRIL 29, 2023

“Due to its robust security features, macOS is the preferred operating system for numerous high-profile individuals. Targeting macOS is not a novel trend, and various malware families exist that specifically aim to infiltrate this operating system.” The ZIP file is then sent to pre-configured Telegram channels.

Passwords

Passwords Archiving Education Phishing

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

If you take a look at the global market for IoT, you can easily spot the trend. A hacker managed to identify a weak spot in a security camera model. Usually, the default settings are not focused on security. The only way to tackle this challenge is to educate the users about these threats and their potential implications.

IoT

IoT Cybersecurity Passwords Manufacturing

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

The Last Watchdog

JULY 11, 2022

Essential security tool. Post Covid 19, these patterns are likely to become even more engrained as digitally remote work, education, healthcare and entertainment activities predominate. VPNs factor into this shift, as the burden on individual consumers to preserve privacy and secure their sensitive data is greater than ever.

Security

Security Data breaches B2C Privacy

2020 cyber security statistics

IT Governance

JANUARY 26, 2021

Compiling this information enables us to see how security incidents occur and the trends to look out for. Doing this reveals more about how security incidents happen and who is to blame. When a security incident is disclosed, organisations don’t always know, or report on, its cause. How were organisations exploited?

Security

Security Data breaches Education Phishing

Deceptive Google Meet Invites Lures Users Into Malware Scams

eSecurity Planet

OCTOBER 22, 2024

Types of Malware Delivered The ClickFix campaigns are not just a nuisance; they can lead to severe security breaches. Recent Trends and Evolution Recent reports from cybersecurity firms, including McAfee and Sekoia , indicate a significant uptick in ClickFix campaigns, particularly in regions like the United States and Japan.

Phishing

Phishing Communications Cybersecurity Mining

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

” states the APT trends report Q1 2021 published by Kaspersky. In April 2017, Symantec security experts who analyzed the alleged CIA hacking tools included in the Vault 7 dump that were involved in attacks aimed at least 40 governments and private organizations across 16 countries. Pierluigi Paganini.

Government

Government Cybersecurity Education Security

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

The Last Watchdog

FEBRUARY 20, 2024

Related: The security case for AR, VR AI chatbots use natural language processing, which enables them to understand and respond to human language and machine learning algorithms. Inadequate authorization controls may result in unapproved interactions and data exposure, posing significant security threats. of cyber security attacks.

Cybersecurity

Cybersecurity Authentication Communications Privacy

Attack of drones: airborne cybersecurity nightmare

Security Affairs

DECEMBER 2, 2022

Naturally, threat actors follow the trend and exploit the technology for surveillance, payload delivery, kinetic operations, and even diversion. Further considerations must be taken to secure onboard storage of the drone, ensure routes drones travel are relatively safe (i.e., Original post at [link].

Cybersecurity

Cybersecurity Computer and Electronics Authentication Marketing

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

Unmasking 2024’s Email Security Landscape

Webinars

Trending Sources

Security Affairs newsletter Round 253

Webinars

New XORDDoS, Kaiji DDoS botnet variants target Docker servers

Trend Micro takes multi-pronged approach to narrowing the gaping cybersecurity skills gap

Experts spotted a variant of the Agenda Ransomware written in Rust

Financially motivated Earth Lusca threat actors targets organizations worldwide

NEW TECH: Trend Micro flattens cyber risks — from software development to deployment

What the Email Security Landscape Looks Like in 2023

What Are the Cyber Security Trends Around the World?

Microsoft Announces Security Update with Windows Resiliency Initiative

China-linked APT Earth Baku targets Europe, the Middle East, and Africa

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

New Agenda Ransomware appears in the threat landscape

Vice Society ransomware gang is using a custom locker

The state of secure information management: Strategies for securing access and protecting sensitive data

Shade Ransomware gang shut down operations and releases 750K decryption keys

Trends and Predictions for 2022 – More of the Same?

ENISA – The need for Incident Response Capabilities in the health sector

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

TA505 group updates tactics and expands the list of targets

GUEST ESSAY: Can Apple’s pricey ‘Business Essentials’ truly help SMBs secure their endpoints?

Helping higher education institutions graduate to data intelligence

China-linked APT41 group spotted using open-source red teaming tool GC2

Data breaches grow across UK education sector

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

New Linux Ransomware BlackSuit is similar to Royal ransomware

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

Shade Ransomware is very active outside of Russia and targets more English-speaking victims

Experts released PoC Exploit code for actively exploited PaperCut flaw

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Experts devised a new exploit for the PaperCut flaw that can bypass all current detection

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Mishing Is the New Phishing — And It’s More Dangerous

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

2020 cyber security statistics

Deceptive Google Meet Invites Lures Users Into Malware Scams

Purple Lambert, a new malware of CIA-linked Lambert APT group

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

Attack of drones: airborne cybersecurity nightmare

Stay Connected