Education, Encryption, Hacking and Information Security

Google Gmail client-side encryption is available globally

Security Affairs

FEBRUARY 28, 2023

Gmail client-side encryption (CSE) is now available for Workspace Enterprise Plus, Education Plus, and Education Standard customers. Google announced that Gmail client-side encryption (CSE) is now available for all Google Workspace Enterprise Plus, Education Plus, and Education Standard customers.

Encryption

Encryption Education Digital transformation Hacking

Google announced end-to-end encryption for Gmail web

Security Affairs

DECEMBER 18, 2022

Google introduces end-to-end encryption for Gmail web to its Workspace and education customers to protect emails sent using the web client. Google announced end-to-end encryption for Gmail (E2EE), with Gmail client-side encryption beta, users can send and receive encrypted emails within their domain and outside of their domain. .

Encryption

Encryption Education Hacking Information Security

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education

Education Ransomware Encryption Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware attacks against education institutions. SecurityAffairs – hacking, education institutions).

Education

Education Ransomware Antivirus Backups

The source code of Zeppelin Ransomware sold on a hacking forum

Security Affairs

JANUARY 5, 2024

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada. To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension.

Ransomware

Ransomware Hacking Encryption Malware

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. locked to the filename of the encrypted files.

Education

Education Ransomware Encryption Antivirus

Rorschach ransomware has the fastest file-encrypting routine to date

Security Affairs

APRIL 4, 2023

A new ransomware strain named Rorschach ransomware supports the fastest file-encrypting routine observed to date. The researchers conducted five separate encryption speed tests in a controlled environment (with 6 CPUs, 8192MB RAM, SSD, and 220000 files to be encrypted), limited to local drive encryption only.

Encryption

Encryption Ransomware Malware Backups

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

Security Affairs

APRIL 29, 2023

xyz pic.twitter.com/VLhISark8Y — Goldwave (@OGoldwave) March 13, 2023 The variant employed in the campaign supports a more sophisticated encryption method of byte remapping and a monthly rotation of the C2 server. #ViperSoftX is back, doesn't look like much has changed. c2 arrowlchat[.]com ” concludes the report.

Encryption

Encryption Malware Cryptocurrency Software

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data.

VPN

VPN Ransomware Hacking Education

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it.

Ransomware

Ransomware Encryption Antivirus VPN

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

In particular, ransomware, which encrypts users’ data and demands a cryptocurrency ransom for their release or to avoid a dataleak, is becoming increasingly prevalent, causing financial and operational damage to individuals and businesses worldwide. Education improves awareness” is his slogan.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code of the Rhysida ransomware. Rhysida ransomware employed a secure random number generator to generate the encryption key and subsequently encrypt the data.

Ransomware

Ransomware Encryption VPN Manufacturing

‘Educational’ ransomware program may instead become a how-to guide for attackers

SC Magazine

MARCH 5, 2021

A developer published via GitHub a proof-of-concept (POC) ransomware program featuring strong compatibility with the post-exploitation tool Cobalt Strike, open-source coding, and extensionless encryption. Another interesting feature: the ransomware doesn’t append extensions to the files it encrypts. Tracking the traction of new code.

Education

Education Ransomware Malware Cybercrime

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

The ransomware was originally written in Go language and was employed in attacks aimed at healthcare and education sectors in countries like Thailand and Indonesia. The Rust variant has also been seen using intermittent encryption, one of the emerging tactics that threat actors use today for faster encryption and detection evasion.”

Ransomware

Ransomware Encryption Healthcare Education

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

Security Affairs

OCTOBER 16, 2023

Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. According to the IT giant, its cyber defense solution is able to automatically disrupt human-operated attacks like ransomware without needing to deploy any other capabilities.

Engineering

Engineering Ransomware Hacking Education

Avast released a free decryptor for the Windows version of the Akira ransomware

Security Affairs

JULY 1, 2023

“During the run, the ransomware generates a symmetric encryption key using CryptGenRandom() , which is the random number generator implemented by Windows CryptoAPI. Files are encrypted by Chacha 2008 ( D. “The symmetric key is encrypted by the RSA-4096 cipher and appended to the end of the encrypted file.

Ransomware

Ransomware Encryption Malware Hacking

Vice Society ransomware gang is using a custom locker

Security Affairs

DECEMBER 22, 2022

The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms.

Ransomware

Ransomware Encryption Malware Education

Researchers found the first Linux variant of the RTM locker

Security Affairs

APRIL 27, 2023

The encryptor uses a combination of ECDH on Curve25519 (asymmetric encryption) and Chacha20 (symmetric encryption) to encrypt files. The researchers discovered that the samples contain a self-delete mechanism which is invoked once the victim’s device is encrypted. ” reads the analysis published by Uptycs.

Encryption

Encryption Ransomware Malware Education

CISA announced the Pre-Ransomware Notifications initiative

Security Affairs

MARCH 24, 2023

The principle behind the initiative is simple, ransomware actors initially gain access to the target organization, then they take some time before stealing or encrypting data. The time-lapse between initial access to a network and the encryption of the systems can last from hours to days. ” concludes the announcement.

Ransomware

Ransomware Encryption Healthcare Education

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. Experts believe Yahoo was using outdated, easy-to-crack encryption, which led to the attack. The attack is a good reminder of how critical strong encryption is in protecting your website users. Pierluigi Paganini.

Data breaches

Data breaches Passwords Social Engineering Encryption

Trigona Ransomware targets Microsoft SQL servers

Security Affairs

APRIL 20, 2023

Threat actors are hacking poorly secured and Interned-exposed Microsoft SQL servers to deploy the Trigona ransomware. Threat actors are hacking into poorly secured and public-facing Microsoft SQL servers to deploy Trigona ransomware. _locked” extension to the filename of encrypted files.

Ransomware

Ransomware Malware Encryption Hacking

Experts found the first LockBit encryptor that targets macOS systems

Security Affairs

APRIL 16, 2023

One of the encryptors developed by Lockbit, named ‘locker_Apple_M1_64’, can encrypt files of Mac systems running on the Apple silicon M1. The thesis is supported also by the presence in the encryptor of a list of sixty-five Windows file extensions and filenames that will be excluded from encryption.

Encryption

Encryption Architecture Ransomware Education

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware can either fully or partially encrypt a file depending on its size and the ‘-ep’ parameter.

Ransomware

Ransomware Healthcare Antivirus Encryption

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. SecurityAffairs – hacking, Wannacry).

Malware

Malware Computers and Electronics Encryption Ransomware

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Thus, it can be difficult for even small enterprises to keep up with information security and data privacy compliance. Sometimes, however, information security, data privacy, and IT compliance overall are people problems more than they are pure data problems. Security, Privacy and Compliance Can Conflict.

Data privacy

Data privacy Encryption Data breaches Insurance

London-based academies Harris Federation hit by ransomware attack

Security Affairs

MARCH 29, 2021

Harris Federation is a multi-academy trust of 50 primary and secondary academies in and around London educating more than 36,000 students. “A ransomware attack means that cyber-criminals have accessed our IT systems and encrypted, or hidden, their contents.” SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Education Mobile Encryption

NPM packages found containing the TurkoRat infostealer

Security Affairs

MAY 19, 2023

ReversingLabs discovered two malicious packages, respectively named nodejs-encrypt-agent and nodejs-cookie-proxy-agent, in the npm package repository containing an open-source info-stealer called TurkoRat. The nodejs-encrypt-agent was discovered due to name and version discrepancies noticed by the researchers while scanning the repository.

Encryption

Encryption Social Engineering Malware Cryptocurrency

Ransomware attacks hit 105 US local governments in 2022

Security Affairs

JANUARY 2, 2023

According to the “ The State of Ransomware in the US: Report and Statistics 2022 ” report published by Emsisoft, the number of ransomware attacks against government, education and healthcare sector organizations is quite similar to the number of attacks in previous years. SecurityAffairs – hacking, malware).

Government

Government Ransomware Healthcare Education

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery.

Ransomware

Ransomware Healthcare Encryption Manufacturing

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery.

Ransomware

Ransomware Healthcare Education Encryption

New Agenda Ransomware appears in the threat landscape

Security Affairs

AUGUST 27, 2022

The collected samples were 64-bit Windows PE (Portable Executable) files and were used to target healthcare and education organizations in Indonesia, Saudi Arabia, South Africa, and Thailand. Our investigation showed that the samples had leaked accounts, customer passwords, and unique company IDs used as extensions of encrypted files.”

Ransomware

Ransomware Encryption Accountability Antivirus

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Hot for Security

FEBRUARY 16, 2021

Non-encrypted data, insecure protocols and poor user authentication mechanisms are among the security issues that leave seismological networks open to breaches, the authors note.

IoT

IoT InfoSec Data collection Encryption

Phishing, the campaigns that are targeting Italy

Security Affairs

OCTOBER 12, 2023

HTTPS only indicates that the transmission of data between client and server is done by encrypting information (the letter S, the green padlock, and the certificate cannot give guarantees about the reliability of a site). He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”.

Phishing

Phishing Scams Education Passwords

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Security Affairs

JUNE 29, 2020

million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. While we stopped the attack as it was occurring, the actors launched malware that encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible,” reads a statement published by the UCSF.

Ransomware

Ransomware Encryption Advertising Malware

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada. To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension. SecurityAffairs – hacking, Zeppelin ransomware).

Ransomware

Ransomware Encryption Firmware Backups

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

The second stage payload is a heavily obfuscated shellcode, the APT group used an encryption method different for each sample. SecurityAffairs – hacking, APT). The post Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs appeared first on Security Affairs. ” continues the analysis.

Telecommunications

Telecommunications Manufacturing Malware Education

FTC shares guidance for small businesses to prevent ransomware attacks

Security Affairs

NOVEMBER 14, 2021

The first step consists of recommending organizations to follow best practices to neutralize ransomware attack such as set up offline, off-site, encrypted backups. “In addition, educate your staff on the folly of using the same password on different platforms, and consider the many benefits of multifactor authentication.”

Small Business

Small Business Ransomware Backups Authentication

Kodi discloses data breach after its forum was compromised

Security Affairs

APRIL 14, 2023

The threat actor was able to access the nightly backups containing all public forum posts, team forum posts, messages sent through the user-to-user messaging system, and user information such as forum username, email address used for notifications, and an encrypted (hashed and salted) password generated by the MyBB software.

Data breaches

Data breaches Backups Passwords Accountability

California-based workforce platform Prosperix leaks drivers licenses and medical records

Security Affairs

JUNE 1, 2023

Prosperix should focus on the following areas to mitigate risks: Encryption: setting default server-side encryption for existing Amazon S3 buckets. Auditing and logging: regularly checking server access logs Employee training: enhancing knowledge and awareness of data security.

Identity Theft

Identity Theft Scams Risk Media

UK Research and Innovation (UKRI) discloses ransomware attack

Security Affairs

JANUARY 30, 2021

Our organisation brings together the seven disciplinary research councils, Research England, which is responsible for supporting research and knowledge exchange at higher education institutions in England, and the UK’s innovation agency, Innovate UK. “The UKRO portal provides an information service to subscribers.

Ransomware

Ransomware Education Cyber Attacks Encryption

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter newsletter) The post Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition appeared first on Security Affairs. billion rubles.

Computers and Electronics

Computers and Electronics Backups Cybercrime Marketing

Sabbath Ransomware target critical infrastructure in the US and Canada

Security Affairs

DECEMBER 1, 2021

In September 2021, the security experts noticed a post on the exploit.in hacking forum looking for affiliated for a new ransomware operation. The Sabbath ransomware gang has targeted critical infrastructure, including education, health, and natural resources in the United States and Canada. Pierluigi Paganini.

Ransomware

Ransomware Education Hacking Encryption

Google Gmail client-side encryption is available globally

Google announced end-to-end encryption for Gmail web

Webinars

Trending Sources

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Webinars

NCSC warns of a surge in ransomware attacks on education institutions

The source code of Zeppelin Ransomware sold on a hacking forum

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Rorschach ransomware has the fastest file-encrypting routine to date

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Akira ransomware received $42M in ransom payments from over 250 victims

Cryptocurrencies and cybercrime: A critical intermingling

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Researchers released a free decryption tool for the Rhysida Ransomware

‘Educational’ ransomware program may instead become a how-to guide for attackers

Experts spotted a variant of the Agenda Ransomware written in Rust

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

Avast released a free decryptor for the Windows version of the Akira ransomware

Vice Society ransomware gang is using a custom locker

Researchers found the first Linux variant of the RTM locker

CISA announced the Pre-Ransomware Notifications initiative

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Trigona Ransomware targets Microsoft SQL servers

Experts found the first LockBit encryptor that targets macOS systems

The U.S. CISA and FBI warn of Royal ransomware operation

Wannacry, the hybrid malware that brought the world to its knees

Security Compliance & Data Privacy Regulations

London-based academies Harris Federation hit by ransomware attack

NPM packages found containing the TurkoRat infostealer

Ransomware attacks hit 105 US local governments in 2022

New Linux Ransomware BlackSuit is similar to Royal ransomware

City of Dallas shut down IT services after ransomware attack

New Agenda Ransomware appears in the threat landscape

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Phishing, the campaigns that are targeting Italy

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

FTC shares guidance for small businesses to prevent ransomware attacks

Kodi discloses data breach after its forum was compromised

California-based workforce platform Prosperix leaks drivers licenses and medical records

UK Research and Innovation (UKRI) discloses ransomware attack

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Sabbath Ransomware target critical infrastructure in the US and Canada

Stay Connected