Authentication and Education - Cyber Security Informer

News alert: INE secures spot in G2’s 2025 Top 50 education software rankings

The Last Watchdog

FEBRUARY 25, 2025

This category of awards ranks the worlds top 50 software education products based on authentic reviews from more than 100 million G2 users. We are proud to set the standard for quality and effectiveness in cybersecurity and technical education, as evidenced by the success of our students.” Cary, NC, Feb.

Education

Education Software Small Business Cybersecurity

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

DOGE personnel are also reported to be feeding Education Department data into artificial intelligence software, and they have also started working at the Department of Energy. First, unauthorized access must be revoked and proper authentication protocols restored. After that, Medicaid and Medicare records were compromised.

Government

Government Artificial Intelligence Banking Software

AI in Education: Balancing Innovation with Security

Webroot

AUGUST 6, 2024

Artificial intelligence (AI) and chatbots like ChatGPT are transforming the way educators and students approach education. While AI offers numerous educational benefits , it also presents challenges like cheating and plagiarism. Educators are now tasked with finding ways to ensure students use these tools ethically.

Education

Education Identity Theft Artificial Intelligence Technology

Identity Threat Trends for Higher Education

Duo's Security Blog

JANUARY 29, 2024

As a new semester begins, we at Cisco Duo want to share some findings and trends pertaining to threat activity we have seen across higher education customers. Duo customers in the educational sector and beyond can take steps to secure their environments. What happened? What can Duo customers do to protect themselves?

Education

Education Authentication Passwords Phishing

New botnet HTTPBot targets gaming and tech industries with surgical attacks

Security Affairs

MAY 16, 2025

New botnet HTTPBot is targeting China’s gaming, tech, and education sectors, cybersecurity researchers warn. NSFOCUS cybersecurity discovered a new botnet calledHTTPBotthat has been used to target the gaming industry, technology firms, and educational institutions in China. ” continues the report.

DDOS

DDOS Education IoT Malware

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.” ” continues the report.

Phishing

Phishing Authentication Telecommunications Accountability

Duo’s Data-Driven Defense: Combatting Cyber Threats in Higher Education

Duo's Security Blog

MAY 30, 2024

Duo has a long history of protecting students across universities and higher education institutions. Because Duo has such a large presence in the world of education, we can also spot trends in attack tactics and learn how to better secure your organization. They’re pairing the same device to all user accounts they’ve breached.

Education

Education Cyber threats Authentication Threat Detection

Warning over free online file converters that actually install malware

Malwarebytes

MARCH 17, 2025

Other passwords and session tokens that could allow the scammers to bypass multi-factor authentication (MFA). Education is key FBI Denver Special Agent in Charge Mark Michalek stated: The best way to thwart these fraudsters is to educate people so they dont fall victim to these fraudsters in the first place. Email addresses.

Malware

Malware Adware Education Phishing

An educational robot security research

SecureList

FEBRUARY 27, 2024

” For instance, educational robots that connect to the internet and support video calls. Subject of the study: educational robot The toy is designed to educate and entertain children; it is an interactive device running the Android operating system. In other words, this is a “tablet on wheels.”

Education

Education Manufacturing Internet Internet

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

Darren Guccione, CEO and Co-Founder at Keeper Security, emphasized the importance of strong authentication and access controls: "BEC and other phishing attacks thrive on weak authentication and poor access controls. However, as new threat actors emerge, cybersecurity experts warn that organizations must remain vigilant.

Phishing

Phishing Cybercrime Scams Authentication

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. These infected websites host a PHP script which displays a seemingly authentic update. implacavelvideos[.]com).

Education

Education Government Business Services Software

Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication

Security Affairs

AUGUST 31, 2023

Cisco is aware of attacks conducted by Akira ransomware threat actors targeting Cisco ASA VPNs that are not configured for multi-factor authentication. “This highlights the importance of enabling multi-factor authentication (MFA) in VPN implementations. . ” reads a post published by Cisco PSIRT. 200 and 162.35.92[.]242

Authentication

Authentication Ransomware VPN Hacking

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Security Affairs

DECEMBER 19, 2024

.” The experts added that FortiWLM’s verbose logs expose session IDs, enabling attackers to exploit log file read vulnerabilities to hijack sessions and access authenticated endpoints. Authenticated users’ session ID tokens in FortiWLM remain static per device boot. ” concludes the report.

Wireless

Wireless Authentication Healthcare Education

Understanding the Deepfake Threat

SecureWorld News

FEBRUARY 13, 2025

Traditionally, attackers relied on phishing emails to impersonate executives, but deepfakes now enable fraudsters to conduct real-time video and voice calls that appear authentic. Attacks on identity verification systems Bypassing biometric security: Many organizations use facial and voice recognition for authentication.

Social Engineering

Social Engineering Authentication Identity Theft Engineering

AI-Powered Phishing: Defending Against New Browser-Based Attacks

SecureWorld News

JANUARY 22, 2025

Multi-factor authentication (MFA) : Enforce robust MFA protocols to add an extra layer of security. The key lies in embracing AI-driven security measures that can match the sophistication of modern threats, while continuously educating users and implementing robust authentication protocols.

Phishing

Phishing Threat Detection Social Engineering DNS

As Seen on Channel 5’s Vanessa (Feltz) Show: What to Do if You’re Targeted by a Scam

Jane Frankland

MAY 16, 2025

Enable Multi Factor Authentication (MFA) Multi-Factor Authentication (MFA) adds a layer of security, but not all methods offer the same protection: SMS codes can be intercepted or phished. App-based MFA (like Google Authenticator ) is more secure, but still vulnerable to SIM swaps or malware. kidnapping scams), call the police.

Scams

Scams Password Management Passwords Banking

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

The Last Watchdog

NOVEMBER 19, 2023

As the companies face nine federal lawsuits for failing to protect customer data, it’s abundantly clear hackers have checkmated multi-factor authentication (MFA). But the coup de gras was how easily they brushed aside the multi-factor authentication protections. How they steamrolled multi-factor authentication is a reason for pause.

Social Engineering

Social Engineering Passwords Authentication Marketing

Video: How Hackers Steal Your Cookies & How to Stop Them

eSecurity Planet

NOVEMBER 6, 2024

They could even conceal dangerous malware in photos or links on secure websites you visit, and a single click can activate the code, even overcoming multifactor authentication. Train Your Admin & Staff Educate personnel on the risks of session hijacking and best practices for prevention to foster a security-conscious culture.

Identity Theft

Identity Theft Passwords Phishing Accountability

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

The Path Forward While its essential to question the authenticity of information sources, we must also remain vigilant in our cybersecurity practices and strike a balance between skepticism and vigilance. Focus on Trusted Communication Training employees to verify the authenticity of messages is critical in combating phishing and other scams.

Cybersecurity

Cybersecurity Technology Scams Risk

Mobile Malware Uses Deepfakes, Social Engineering to Bypass Biometric Authentication

SecureWorld News

FEBRUARY 15, 2024

A sophisticated form of mobile malware dubbed "GoldPickaxe" has been uncovered, which collects facial recognition data to produce deepfake videos, enabling hackers to bypass biometric authentication protections on banking apps. Experts warn that biometric authentication alone is not foolproof.

Social Engineering

Social Engineering Mobile Authentication Engineering

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

eSecurity Planet

FEBRUARY 10, 2025

Organizations, in particular, should educate employees on the dangers of phishing, enforce strict email filtering policies, and consider advanced security measures such as multi-factor authentication (MFA) and password managers configured for URL matching.

Phishing

Phishing Artificial Intelligence Password Management Accountability

GUEST ESSAY: Ponemon study warns: AI-enhanced deepfake attacks taking aim at senior execs

The Last Watchdog

APRIL 22, 2025

Typically, the attacker collects authentic media samples of their target, including still images, videos, and audio clips, to train the deep learning model. The more training data used, the more authentic the deepfake appears. Educate and train: Empower executives and their families to make informed decisions about online activities.

Authentication

Authentication Social Engineering Technology Media

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

The Last Watchdog

FEBRUARY 20, 2024

Authentication and authorization vulnerabilities: Weak authentication methods and compromised access tokens can provide unauthorized access. Multi-factor authentication: Implement multi-factor authentication for administration and privileged users to enhance access control and prevent unauthorized entry.

Cybersecurity

Cybersecurity Penetration Testing Authentication Social Engineering

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

IT Security Guru

FEBRUARY 25, 2025

A prime example is multi-factor authentication (MFA), a security process that requires users to verify their identity in two or more ways, such as a password, a code sent to their phone, or a fingerprint. Advanced authentication systems can analyse contextual factors, like location, device, and login behaviour, to detect anomalies.

Social Engineering

Social Engineering Authentication Risk Accountability

On world password day, Microsoft says fewer passwords, more passkeys

Malwarebytes

MAY 2, 2025

The alternative: passkeys Passkeys are an alternative, more modern authentication method designed to replace passwords with a safer, simpler alternative. The authentication process is as simple as unlocking your device. Despite their clear advantages, many people hesitate to switch to passkeys due to unfamiliarity and misconceptions.

Passwords

Passwords Password Management Authentication Accountability

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

Strong Password Management: Enforce strong, unique passwords and multi-factor authentication to protect against unauthorized access. Regular Security Audits and Training: Identify vulnerabilities through audits and educate employees on cybersecurity best practices.

Password Management

Password Management Passwords CISO Cyber threats

Does AI Enhance Virtual Reality Experiences?

SecureWorld News

OCTOBER 13, 2024

Industries from healthcare and education to construction and even sports have begun experimenting with AI and VR in siloed functions, with products ranging from immersive learning material to cutting-edge home renovation tools and play-at-home golf simulation systems.

Artificial Intelligence

Artificial Intelligence Technology Authentication Data preservation

Amazon's Latest Data Breach a Ripple Effect of MOVEit

SecureWorld News

NOVEMBER 13, 2024

As of August 2023, it's estimated that around 40 million individuals and more than 2,500 businesses were affected across various sectors, including healthcare, government, finance, and education. Notable organizations hit include major financial firms, government agencies, and educational institutions worldwide.

Data breaches

Data breaches Identity Theft Education Software

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

“As threat actors become increasingly sophisticated and aggressive in their attacks, we are constantly educating employees about new tactics that might be used against them and adopting new security measures to prevent future attacks,” GoDaddy said in a written statement back in 2020.

Hacking

Hacking Social Engineering Phishing Scams

BSidesLV24 – Breaking Ground – From Keyless To Careless: Abusing Misconfigured OIDC Authentication In Cloud Environments

Security Boulevard

APRIL 12, 2025

Permalink The post BSidesLV24 – Breaking Ground – From Keyless To Careless: Abusing Misconfigured OIDC Authentication In Cloud Environments appeared first on Security Boulevard. Originating from the conferences events located at the Tuscany Suites & Casino ; and via the organizations YouTube channel.

Authentication

Authentication Education Cybersecurity

Cyber criminals impersonate payroll, HR and benefits platforms to steal information and funds

Malwarebytes

MAY 8, 2025

Beside stealing usernames, passwords and circumventing two factor authentication, we identified malicious code capable of performing additional nefarious actions unbeknownst to the victim. Education: Phishing is getting more sophisticated and users need to be aware of how to best protect themselves. The kel.js and Worker.js

Phishing

Phishing Authentication Engineering Advertising

Microsoft Announces Security Update with Windows Resiliency Initiative

eSecurity Planet

DECEMBER 4, 2024

This includes strengthening password policies, implementing multi-factor authentication, and leveraging advanced threat detection techniques. This feature uses Windows Hello authentication to help protect files stored in known locations like the Desktop, Documents, and Pictures folders.

Encryption

Encryption Authentication Phishing Passwords

How Website Localization Strengthens Cybersecurity in Global Markets

SecureWorld News

FEBRUARY 4, 2025

Flexible authentication methods Depending on the culture, different authentication methods can be more or less preferable or trusted. Additional measures like Google Authentication, QR code, etc., For example, while SSL certificates mandatory in the U.S.

Marketing

Marketing Cybersecurity eCommerce Data breaches

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Krebs on Security

MARCH 2, 2021

“Hafnium primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs,” Microsoft said.

Internet

Internet Internet Software Education

184 million logins for Instagram, Roblox, Facebook, Snapchat, and more exposed online

Malwarebytes

MAY 27, 2025

Enable two-factor authentication (2FA) wherever possible. Be careful about what you download and educate yourself on recognizing phishing emails , as these remain the most common infection vectors. Here are some practical steps to protect yourself: Change your passwords regularly, and dont reuse them across multiple accounts.

Identity Theft

Identity Theft Passwords Accountability Phishing

How Most Cyber Attacks Begin: The Hidden Dangers of Credential-Based Threats

Hacker's King

MAY 24, 2025

The threat lies in how real these messages seem, which is why education becomes important. MFA Bypass The protection offered by multi-factor authentication (MFA) may be robust, but like all things, it has its weaknesses. Hackers have discovered methods to circumvent MFA using social manipulation and advanced technology.

Cyber Attacks

Cyber Attacks Passwords Education Phishing

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Our research reveals 69% of breaches are rooted in inadequate authentication and 78% of organizations have been targeted by identity-based attacks. Simic Bojan Simic , CEO, HYPR The era of passwords will further decline as credential misuse rises, with AI both aiding and challenging security efforts.

Risk

Risk Threat Detection Technology Phishing

Top 10 Cybersecurity Trends to Expect in 2025

Hacker's King

DECEMBER 24, 2024

Companies will adopt stricter identity verification and access controls, ensuring that even internal users face rigorous authentication processes. Biometric Authentication on the Rise Traditional passwords are increasingly seen as inadequate for modern security needs.

Cybersecurity

Cybersecurity Cyber Insurance IoT Insurance

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

The ransomware targets unpatched internet-facing servers, impacting systems across 70+ countries in sectors like critical infrastructure, health care, governments, education, technology, manufacturing, and small- to medium-sized businesses. This ensures that even if the VPN is compromised, attackers can’t move laterally.

VPN

VPN Authentication Ransomware Risk

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

It’s important that as consumers are shopping for these smart home devices that they learn to recognize the Matter trademark so that they can make educated decisions.” Matter works much the way website authentication and website traffic encryption gets executed. It can be cumbersome to set up and so adoption has been sluggish.

Manufacturing

Manufacturing Authentication Marketing Encryption

Together for a Better Internet: Celebrating Safer Internet Day 2025

Thales Cloud Protection & Licensing

FEBRUARY 11, 2025

The 2025 edition, themed Together for a Better Internet, is a call to action for public and private sector entities, educators, and individuals to join forces to build a secure and equitable digital future. At a time when technology is integral to our lives, SID has never been more relevant. With an estimated 5.8

Internet

Internet Internet Education Technology

Mishing Is the New Phishing — And It’s More Dangerous

eSecurity Planet

FEBRUARY 26, 2025

As businesses rely more on mobile devices for authentication and communication, these evolving threats are slipping past conventional security defenses, putting corporate networks at greater risk. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded. What is mishing?

Phishing

Phishing Mobile Social Engineering Data breaches

A Deep Dive into the Last Vendor Breaches of 2024: What We Learned

Responsible Cyber

NOVEMBER 23, 2024

This breach highlighted the need for robust vendor risk management practices and reinforced the necessity of multi-factor authentication to safeguard sensitive information. Many vendors failed to implement robust security protocols, such as advanced encryption techniques, multi-factor authentication, and continuous monitoring.

Risk

Risk Healthcare Education Cybersecurity

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

“As threat actors become increasingly sophisticated and aggressive in their attacks, we are constantly educating employees about new tactics that might be used against them and adopting new security measures to prevent future attacks.” authenticate the phone call before sensitive information can be discussed.

Cryptocurrency

Cryptocurrency Scams Social Engineering VPN

News alert: INE secures spot in G2’s 2025 Top 50 education software rankings

DOGE as a National Cyberattack

Trending Sources

AI in Education: Balancing Innovation with Security

Identity Threat Trends for Higher Education

New botnet HTTPBot targets gaming and tech industries with surgical attacks

Storm-2372 used the device code phishing technique since August 2024

Duo’s Data-Driven Defense: Combatting Cyber Threats in Higher Education

Warning over free online file converters that actually install malware

An educational robot security research

Operation Heart Blocker: International Police Disrupt Phishing Network

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Understanding the Deepfake Threat

AI-Powered Phishing: Defending Against New Browser-Based Attacks

As Seen on Channel 5’s Vanessa (Feltz) Show: What to Do if You’re Targeted by a Scam

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

Video: How Hackers Steal Your Cookies & How to Stop Them

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Mobile Malware Uses Deepfakes, Social Engineering to Bypass Biometric Authentication

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

GUEST ESSAY: Ponemon study warns: AI-enhanced deepfake attacks taking aim at senior execs

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

On world password day, Microsoft says fewer passwords, more passkeys

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Does AI Enhance Virtual Reality Experiences?

Amazon's Latest Data Breach a Ripple Effect of MOVEit

When Low-Tech Hacks Cause High-Impact Breaches

BSidesLV24 – Breaking Ground – From Keyless To Careless: Abusing Misconfigured OIDC Authentication In Cloud Environments

Cyber criminals impersonate payroll, HR and benefits platforms to steal information and funds

Microsoft Announces Security Update with Windows Resiliency Initiative

How Website Localization Strengthens Cybersecurity in Global Markets

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

184 million logins for Instagram, Roblox, Facebook, Snapchat, and more exposed online

How Most Cyber Attacks Begin: The Hidden Dangers of Credential-Based Threats

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Top 10 Cybersecurity Trends to Expect in 2025

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

Together for a Better Internet: Celebrating Safer Internet Day 2025

Mishing Is the New Phishing — And It’s More Dangerous

A Deep Dive into the Last Vendor Breaches of 2024: What We Learned

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Stay Connected