Education, Hacking, Information Security and Malware

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. The software was delivered through fraudulent updates, drive-by downloads, malware loaders (i.e.

Education

Education Government Business Services Software

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education

Education Ransomware Encryption Malware

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education

Education Data breaches Ransomware Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware attacks against education institutions. SecurityAffairs – hacking, education institutions).

Education

Education Ransomware Antivirus Backups

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments.

Malware

Malware DNS Retail Education

Threat actors target K-12 distance learning education, CISA and FBI warn

Security Affairs

DECEMBER 11, 2020

The US Cybersecurity Infrastructure and Security Agency and the FBI warned about the increase in ransomware attacks targeting the US K-12 educational sector. The US CISA and the FBI warned about the increase in ransomware attacks targeting the US K-12 educational sector aimed at data theft and disruption of distance learning services.

Education

Education Ransomware Cyber Attacks DDOS

Hackers are taking advantage of the interest in generative AI to install Malware

Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware

Malware Education Accountability Media

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. ” reads the report published by Akamai.

Education

Education Healthcare Government Manufacturing

Experts warn of surge in DDoS attacks targeting education institutions

Security Affairs

SEPTEMBER 15, 2020

Experts warn of a surge in the DDoS attacks against education institutions and the academic industry across the world. The DDoS attacks are causing severe issues to the targeted education institutions such as temporarily takedown of the network and online classes. Most of the attacks targeted educational institutions in the U.S.,

Education

Education DDOS Advertising Cyber Attacks

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

VPN

VPN Ransomware Hacking Education

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. SecurityAffairs – hacking, FBI).

Education

Education Ransomware Encryption Antivirus

DEF CON 31 – Jared Stroud’s ‘Packet Hacking Village – WINE Pairing With Malware’

Security Boulevard

NOVEMBER 17, 2023

Permalink The post DEF CON 31 – Jared Stroud’s ‘Packet Hacking Village – WINE Pairing With Malware’ appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Hacking

Hacking Malware Architecture Education

New Lobshot hVNC malware spreads via Google ads

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. ” reads the report published by Elastic Security Labs.

Malware

Malware Cybercrime Banking Software

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

Cryptojacking Cryptojacking, an illicit activity in which third-party resources are exploited without authorization to mine cryptocurrencies, is another significant threat that also jeopardizes the security of the devices involved. Compromised websites and malware are often at the root of these types of attacks.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Security Affairs

DECEMBER 16, 2023

The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch).

Ransomware

Ransomware Hacking Insurance Healthcare

Experts spotted a new sophisticated malware toolkit called Decoy Dog

Security Affairs

MAY 1, 2023

Infoblox researchers discovered a new sophisticated malware toolkit, dubbed Decoy Dog, targeting enterprise networks. While analyzing billions of DNS records, Infoblox researchers discovered a sophisticated malware toolkit, dubbed Decoy Dog, that was employed in attacks aimed at enterprise networks.

Malware

Malware DNS Education Media

TrickGate, a packer used by malware to evade detection since 2016

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service to malware authors to avoid detection, CheckPoint researchers reported. TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. ” concludes the report.

Malware

Malware Antivirus Manufacturing Healthcare

North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware

Security Affairs

APRIL 25, 2023

North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. The trojan can run on both ARM and x86 architectures.

Malware

Malware Social Engineering Architecture Education

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

Security Affairs

APRIL 20, 2023

North Korea-linked APT group Lazarus employed new Linux malware in attacks that are part of Operation Dream Job. North Korea-linked APT group Lazarus is behind a new campaign tracked as Operation DreamJob (aka DeathNote or NukeSped ) that employed Linux malware. ” concludes the report.

Malware

Malware Social Engineering Education Media

‘Educational’ ransomware program may instead become a how-to guide for attackers

SC Magazine

MARCH 5, 2021

The author claims the program, dubbed Povlsomware, is designed to be an educational tool for testing anti-virus protections; however, it’s possible that cybercriminals could adopt and modify the code in order to launch their own attacks, warns Trend Micro, which detailed the ransomware in a new company blog post this week.

Education

Education Ransomware Malware Cybercrime

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware

Malware Hacking Government Telecommunications

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

The infection chain was divided into four stages : The malware was installed through a dropper, a program executed by opening an attachment to a deceptive e-mail, probably a fake pdf or doc file, or executed directly from the Internet, without user interaction, exploiting the exploit described in the point 4. The infection chain.

Malware

Malware Computers and Electronics Encryption Ransomware

Money Message ransomware group claims to have hacked IT giant MSI

Security Affairs

APRIL 6, 2023

Ransomware gang Money Message claims to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Hacking

Hacking Ransomware Manufacturing Education

Expert launched Malvuln, a project to report flaws in malware

Security Affairs

JANUARY 15, 2021

The researcher John Page launched malvuln.com, the first website exclusively dedicated to the research of security flaws in malware codes. The security expert John Page (aka hyp3rlinx ) launched malvuln.com, the first platform exclusively dedicated to the research of security flaws in malware codes.

Malware

Malware Education Hacking Information Security

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

On March 7, 2023, the researchers found a Linux variant of the PingPull that was uploaded to VirusTotal, it had a very low detection rate (3 out of 62) “Despite a largely benign verdict, additional analysis has determined that this sample is a Linux variant of PingPull malware. ” reads the analysis published by Unit 42.

Malware

Malware Telecommunications Government VPN

China-linked Hafnium APT leverages Tarrask malware to gain persistence

Security Affairs

APRIL 13, 2022

China-linked Hafnium APT group started using a new piece of new malware to gain persistence on compromised Windows systems. HAFNIUM primarily targets entities in the United States across multiple industries, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.

Malware

Malware Education Internet Internet

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

According to the NCSC-FI, six out of seven infections were caused by Akira family malware. “Of these, three were found to be activated during the longer vacations of the Christmas season. In addition, during Christmas, there was one incident caused by another ransomware malware family.” concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance

Surveillance Malware Spyware Education

Tax preparation and e-file service eFile.com compromised to serve malware

Security Affairs

APRIL 5, 2023

The eFile.com online service, which is authorized by the US Internal Revenue Service (IRS), was spotted serving malicious malware to visitors. eFile.com , the personal online tax preparation and e-file service authorized by the US Internal Revenue Service (IRS), was spotted serving malware to visitors.

Malware

Malware Education Media Internet

Save the Children confirms it was hit by cyber attack

Security Affairs

SEPTEMBER 12, 2023

The BianLian ransomware emerged in August 2022, the malware was employed in attacks against organizations in various industries, including manufactoring, media and entertainment, and healthcare. In July 2023, security firm Avast released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files.

Cyber Attacks

Cyber Attacks Healthcare Education Data breaches

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. These included PClock, CryptoLocker 2.0, Crypt0L0cker, and TorrentLocker.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide. concludes the advisory that includes indicators of compromise (IoCs).”

Ransomware

Ransomware Encryption Antivirus VPN

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. However, there are now indications that this vulnerability might be actively exploited.”

Ransomware

Ransomware VPN Education Hacking

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

According to the NCSC-FI, six out of seven infections were caused by Akira family malware. In addition, during Christmas, there was one incident caused by another ransomware malware family.” Cisco investigated the hacking campaign with the help of Rapid7. ” reads the NCSC-FI’s alert. concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

Security Affairs

OCTOBER 16, 2023

Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. According to the IT giant, its cyber defense solution is able to automatically disrupt human-operated attacks like ransomware without needing to deploy any other capabilities.

Engineering

Engineering Ransomware Hacking Education

A flaw in the Kyocera Android printing app can be abused to drop malware

Security Affairs

APRIL 13, 2023

Security experts warn that a Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware. An improper intent handling issue affecting the Kyocera Android printing app can allow malicious applications to drop malware.

Malware

Malware Mobile Education Media

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

DECEMBER 21, 2020

Tens of Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones. Researchers from Citizen Lab reported that at least 36 Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones.

Hacking

Hacking Surveillance Spyware Government

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. The BSI urges operators running vulnerable instances to install available security updates and configure them securely. There is an urgent need for action!”

Information Security

Information Security Internet Internet Healthcare

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. and nissan.co.nz.

Ransomware

Ransomware Data breaches Financial Services Scams

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

Nation-state actors, allegedly Russia-linked hacked, have compromised the networks of several US government agencies, including the US Treasury, the Commerce Department’s National Telecommunications and Information Administration (NTIA). The hack allowed the threat actors to spy on the internal email traffic.

Software

Software Hacking Telecommunications Government

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Microsoft has observed APT28 using GooseEgg in post-compromise activities against various targets, including government, non-governmental, education, and transportation sector organizations in Ukraine, Western Europe, and North America. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

Government

Government Education Phishing Malware

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

Security Affairs

JUNE 24, 2021

The name ChaChi comes from two key components of the malware, Cha shell and Chi sel. The malware was recently employed in attacks against large US schools and education organizations. . “Healthcare and education organizations also host large volumes of sensitive data, making them more valuable targets. .”

Ransomware

Ransomware Education DNS Backups

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Ransomware

Ransomware Firmware Hacking Manufacturing

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

Agent Tesla , first discovered in late 2014, is an extremely popular “malware-as-a-service” Remote Access Trojan (RAT) tool used by threat actors to steal information such as credentials, keystrokes, clipboard data and other information from its operators’ targets. SecurityAffairs – hacking, malware).

Cyber threats

Cyber threats Engineering Financial Services Malware

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

Webinars

Trending Sources

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Webinars

NCSC warns of a surge in ransomware attacks on education institutions

New Agent Raccoon malware targets the Middle East, Africa and the US

Threat actors target K-12 distance learning education, CISA and FBI warn

Hackers are taking advantage of the interest in generative AI to install Malware

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Experts warn of surge in DDoS attacks targeting education institutions

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

DEF CON 31 – Jared Stroud’s ‘Packet Hacking Village – WINE Pairing With Malware’

New Lobshot hVNC malware spreads via Google ads

Cryptocurrencies and cybercrime: A critical intermingling

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Experts spotted a new sophisticated malware toolkit called Decoy Dog

TrickGate, a packer used by malware to evade detection since 2016

North Korea-linked BlueNoroff APT is behind the new RustBucket Mac Malware

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

‘Educational’ ransomware program may instead become a how-to guide for attackers

Purple Lambert, a new malware of CIA-linked Lambert APT group

Wannacry, the hybrid malware that brought the world to its knees

Money Message ransomware group claims to have hacked IT giant MSI

Expert launched Malvuln, a project to report flaws in malware

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

China-linked Hafnium APT leverages Tarrask malware to gain persistence

Akira ransomware targets Finnish organizations

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Tax preparation and e-file service eFile.com compromised to serve malware

Save the Children confirms it was hit by cyber attack

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Akira ransomware received $42M in ransom payments from over 250 victims

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Akira ransomware targets Finnish organizations

Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm

A flaw in the Kyocera Android printing app can be abused to drop malware

Zero-day exploit used to hack iPhones of Al Jazeera employees

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

MSI confirms security breach after Money Message ransomware attack

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Stay Connected