Accountability, Authentication, Education and Information Security

An educational robot security research

SecureList

FEBRUARY 27, 2024

” For instance, educational robots that connect to the internet and support video calls. Subject of the study: educational robot The toy is designed to educate and entertain children; it is an interactive device running the Android operating system. This was the first security-related issue we discovered.

Education

Education Manufacturing Firmware Internet

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Duo's Security Blog

OCTOBER 18, 2021

One area where campuses have been collaborating recently are changes around cyber liability insurance for higher education, an opportunity for campus cybersecurity teams to combine forces with their risk management team. Higher education campuses in the U.S. In a recent Duo blog post, we gave an overview of cyber liability insurance.

Insurance

Insurance Education Risk Cyber Insurance

Challenges of User Authentication: What You Need to Know

Security Affairs

SEPTEMBER 7, 2022

In the digital age, authentication is paramount to a strong security strategy. Which are the challenges of user authentication? In the digital age, authentication is paramount to a strong security strategy. User authentication seems easy, but there are inherent challenges to be aware of. User Authentication.

Authentication

Authentication Passwords Risk Education

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

On March 16, the Federal Bureau of Investigation (FBI) issued a “Flash” alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. Use multi-factor authentication wherever possible. Consider installing and using a VPN.

Education

Education Ransomware Phishing Passwords

A “By-Design” flaw in Microsoft Azure can allow storage accounts takeover

Security Affairs

APRIL 11, 2023

A flaw in Microsoft Azure could be exploited by attackers to gain access to storage accounts, perform lateral movements, and even execute remote code. Researchers from the security firm Orca demonstrated how to abuse Microsoft Azure Shared Key authorization to gain full access to storage accounts and potentially critical business assets.

Accountability

Accountability Education Media Authentication

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking

Banking Accountability Mobile Cryptocurrency

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Educate your employees on threats and risks such as phishing and malware. Enforce strong passwords and implement multi-factor authentication (MFA) — by educating users about using a unique password for each account and enforcing higher security for privileged accounts (administrators, root).

Cybersecurity

Cybersecurity Cybercrime Education Passwords

Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover

Security Affairs

APRIL 3, 2023

’ The shared responsibility model allows application owners to add an authentication function by simply clicking a button. The vulnerability is related to a misconfiguration in ‘Shared Responsibility confusion.’ Below is the disclosure timeline: Jan. 31, 2023 – Wiz Research reported the Bing issue to MSRC Jan.

Accountability

Accountability Education Media Authentication

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. In some attacks, threat actors created an administrative account named itadm.

Ransomware

Ransomware Encryption Antivirus VPN

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

Security Affairs

SEPTEMBER 8, 2023

An unauthenticated, remote attacker can exploit the vulnerability to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.

Ransomware

Ransomware VPN Authentication Hacking

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

. “The Federal Bureau of Investigation is issuing this announcement to inform mobile carriers and the public of the increasing use of Subscriber Identity Module (SIM) swapping by criminals to steal money from fiat and virtual currency accounts.” Use a variation of unique passwords to access online accounts.

Mobile

Mobile Cryptocurrency Authentication Accountability

National Student Clearinghouse data breach impacted approximately 900 US schools

Security Affairs

SEPTEMBER 24, 2023

educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. National Student Clearinghouse encourages impacted individuals to remain vigilant by reviewing their account statements and monitoring their free credit reports for suspicious activity.

Data breaches

Data breaches Education Ransomware Software

Fortinet fixed a critical vulnerability in its Data Analytics product

Security Affairs

APRIL 13, 2023

Successful exploitation can lead to remote, unauthenticated access to Redis and MongoDB instances via crafted authentication requests. ” reads the advisory published by the vendor.

Authentication

Authentication Education Media Hacking

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Security Affairs

APRIL 28, 2023

The company also fixed a high-severity post-authentication command injection issue ( CVE-2023-27991 , CVSS score: 8.8) The vulnerability can be exploited by a remote, authenticated attacker to execute some OS commands. ” reads the advisory published by the vendor. affecting some specific firewall versions. through 5.35.

Firewall

Firewall Firmware VPN Authentication

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

Security Affairs

APRIL 4, 2023

Below is the list of flaws exploited by the ransomware gang’s affiliate: CVE-2021-27876 : The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. It supports multiple authentication schemes: SHA authentication is one of these.

Backups

Backups Ransomware Authentication Penetration Testing

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Security Affairs

FEBRUARY 4, 2022

billion Azure AD brute force authentication attacks and detected 35.7 Enabling multi-factor authentication (MFA) and passwordless authentication would allow customers to protect their accounts from brute force attacks. billion Azure AD brute force authentication attacks and intercepted 35.7

Phishing

Phishing Authentication Education Cyber threats

Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions

Security Affairs

APRIL 21, 2023

“A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.” ” reads the advisory. “This vulnerability is due to improper input validation when uploading a Device Pack.

Authentication

Authentication Education Media Hacking

Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin

Security Affairs

MARCH 31, 2023

and all versions before it, allowing authenticated users, like shop customers or site members, to change the site’s settings and can potentially lead to a complete site takeover. The expert reported that the issue impacts Elementor Pro when it is installed on a site that has WooCommerce activated. The issue impacts version v3.11.6

Authentication

Authentication Education Accountability Media

SAP April 2023 security updates fix critical vulnerabilities

Security Affairs

APRIL 12, 2023

SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. SAP fixed two critical bugs that affect the Diagnostics Agent and the BusinessObjects Business Intelligence Platform.

Education

Education Media Authentication Passwords

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices.

Authentication

Authentication Retail Surveillance Education

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The group relied on compromised credentials to authenticate to internal VPN access points. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Healthcare Education

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Sophos researchers observed in May the threat actor using compromised Cisco VPN accounts to breach target networks. .

VPN

VPN Ransomware Hacking Education

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 22, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control Vulnerability.

Education

Education Media Authentication Cybersecurity

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

.” The researchers reported the issues to the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), which assigned the following five CVEs: Use of Hard-coded Credentials CWE-798 ( CVE-2023–1748 , CVSS3.0: Improper Authentication Validation CWE-287 ( CVE-2023–1752 , CVSS3.0:

Manufacturing

Manufacturing Media Firewall Education

Experts released PoC Exploit code for actively exploited PaperCut flaw

Security Affairs

APRIL 24, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. The PoC code allows attackers to bypass authentication and execute code on vulnerable PaperCut servers. The issue results from improper access control.

Authentication

Authentication Software Education Malware

The Top Five Habits of Cyber-Aware Employees

CyberSecurity Insiders

JULY 21, 2021

This means companies have to be proactive and instill the right habits, which often means resisting the bad habits that lead to millions of successful cyberattacks every year – from the use of generic and easy-to-crack account credentials to the willingness to click on suspicious links and attachments in emails from untrusted sources.

Social Engineering

Social Engineering Password Management Passwords Phishing

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime

Cybercrime Malware Hacking Accountability

Phishing, the campaigns that are targeting Italy

Security Affairs

OCTOBER 12, 2023

Posteinfo, confirm your identity Using spoofing techniques, a text message ostensibly from Posteinfo collected in the history of legitimate messages invites identity confirmation to avoid bank account suspension. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”.

Phishing

Phishing Scams Education Passwords

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” ” reads the advisory published by Cisco.

Firmware

Firmware Education Media Authentication

Hackers breach 62 US colleges by allegedly exploiting Ellucian Banner Web flaw

Security Affairs

JULY 21, 2019

US Department of Education warned that hackers have breached at least 62 college and university networks by exploiting a vulnerability in the Ellucian Banner Web Tailor module of the Ellucian Banner ERP. “An improper authentication vulnerability (CWE-287) was identified in Banner Web Tailor and Banner Enterprise Identity Services.

Accountability

Accountability Education Authentication Advertising

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Accountability

Accountability VPN Manufacturing Firewall

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Security Affairs

DECEMBER 17, 2020

The FBI PIN, Number 20201210-001, was issued on December 10, 2020, and provides details about Doppelpaymer’s criminal activity and the sectors on which the group focuses (Healthcare, Emergency Services, and Educational Institutions). PIN Number 20201210-001. Patch operating systems, software, firmware, and endpoints. Pierluigi Paganini.

Ransomware

Ransomware Backups Firmware Accountability

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 8, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA) The post CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

Backups

Backups Spyware Ransomware Education

Experts temporarily disrupted the RedLine Stealer operations

Security Affairs

APRIL 18, 2023

The removal of these repositories should break authentication for panels currently in use. The operators behind the RedLine will be forced to set up new panels to recover their operations. No fallback channels were observed.

Malware

Malware Education Media Authentication

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. ” reads the joint report. ” continues the report.

Energy and Utilities

Energy and Utilities Government Firewall Malware

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

” CERT-UA urges Ukrainian critical organizations using multi-factor authentication for VPN accounts, network segmentation and filtering of incoming, outgoing and inter-segment information flows. The CERT also provided Indicators of Compromise (IoCs) for these attacks.

VPN

VPN Education Accountability Cyber Attacks

The Top 3 OWASP Threats Your Business Should Address Today

SiteLock

AUGUST 27, 2021

If cybercriminals gain this type of access to your site, it allows them to exploit for financial gain all kinds of sensitive data such as usernames, passwords, phone numbers, and bank account numbers. This helps provide an additional layer of security to the form and the website. Broken Authentication and Session Management.

Small Business

Small Business Passwords Authentication Accountability

STYX Marketplace emerged in Dark Web focused on Financial Fraud

Security Affairs

APRIL 5, 2023

The discovery of STYX coincides with Resecurity financial crime risk analysts observing a significant increase in threat actors offering money-laundering services that exploit digital banking and cryptocurrency accounts. Resecurity’s investigation of STYX also yielded the discovery of 100 mules accounts.

Banking

Banking Cybercrime Accountability Risk

The Five-Step PCI DSS 4.0 Transition Checklist

CyberSecurity Insiders

JANUARY 6, 2023

First launched in 2004 and updated most recently in 2018, the PCI Data Security (PCI DSS) standard is continually updated to reflect the evolving challenges of the cyberthreat landscape. is clearly failing to protect cardholder account details effectively in today’s environment. Apply secure configurations to all system components.

Antivirus

Antivirus Retail Software Accountability

16 Remote Access Security Best Practices to Implement

eSecurity Planet

AUGUST 22, 2023

The technologies for secure remote access can range from VPNs and multi-factor authentication to more advanced access and zero trust controls. We’ll cover a range of best practices for remote access security, from the simple and the practical to the more advanced. Avoid using default or simple-to-guess passwords.

Passwords

Passwords Authentication Encryption VPN

Experts disclosed two critical flaws in Alibaba cloud database services

Security Affairs

APRIL 20, 2023

Once gained access to the K8s API server, the researchers used the node’s kubelet credentials to examine various cluster resources, including secrets, service accounts, and pods. When examining the pod list, we found pods belonging to other tenants in the same cluster. .

Accountability

Accountability Education Media Authentication

Four zero-days in Microsoft Exchange actively exploited in the wild

Security Affairs

MARCH 2, 2021

*Patches available now, action required to apply* Full remote code execution, without authentication. The first zero-day, tracked as CVE-2021-26855 , is a server-side request forgery (SSRF) vulnerability in Exchange that could be exploited by an attacker to authenticate as the Exchange server by sending arbitrary HTTP requests.

Authentication

Authentication Internet Internet Hacking

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

Volvo’s retailer exposed its database’s authentication information, including MySQL and Redis database hosts, open ports and credentials. The exposure of this key is particularly dangerous because it could have been used to decrypt user cookies, which often hold sensitive information such as credentials or session IDs.

Retail

Retail Manufacturing Passwords Phishing

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

“With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” ” concludes the report.

Hacking

Hacking VPN Marketing Authentication

An educational robot security research

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Webinars

Trending Sources

Challenges of User Authentication: What You Need to Know

Webinars

FBI warns of increase in PYSA ransomware attacks targeting education

A “By-Design” flaw in Microsoft Azure can allow storage accounts takeover

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover

Akira ransomware received $42M in ransom payments from over 250 victims

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

National Student Clearinghouse data breach impacted approximately 900 US schools

Fortinet fixed a critical vulnerability in its Data Analytics product

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions

Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin

SAP April 2023 security updates fix critical vulnerabilities

Fortinet warns of a spike in attacks against TBK DVR devices

FBI and CISA warn of attacks by Rhysida ransomware gang

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Experts released PoC Exploit code for actively exploited PaperCut flaw

The Top Five Habits of Cyber-Aware Employees

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Phishing, the campaigns that are targeting Italy

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Hackers breach 62 US colleges by allegedly exploiting Ellucian Banner Web flaw

China-linked APT Volt Typhoon targets critical infrastructure organizations

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog

Experts temporarily disrupted the RedLine Stealer operations

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

The Top 3 OWASP Threats Your Business Should Address Today

STYX Marketplace emerged in Dark Web focused on Financial Fraud

The Five-Step PCI DSS 4.0 Transition Checklist

16 Remote Access Security Best Practices to Implement

Experts disclosed two critical flaws in Alibaba cloud database services

Four zero-days in Microsoft Exchange actively exploited in the wild

Volvo retailer leaks sensitive files

Hackers can hack organizations using data found on their discarded enterprise network equipment

Stay Connected