Education, Hacking, Information Security and Passwords

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. SecurityAffairs – hacking, FBI).

Education

Education Ransomware Encryption Antivirus

Google sued by New Mexico attorney general for collecting student data through its Education Platform

Security Affairs

FEBRUARY 23, 2020

New Mexico sues Google for allegedly using the Google for Education platform to gather personal and private data from children. Google is facing a new lawsuit for allegedly using the Google for Education platform to gather personal and private data from students with an age of less than 13 years. Pierluigi Paganini.

Education

Education Advertising Accountability Passwords

Three Italian universities hacked by LulzSec_ITA collective

Security Affairs

FEBRUARY 13, 2020

The popular Italian hacktivist collective LulzSec ITA claimed via Twitter to have hacked three Italian universities. The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for our society. Pierluigi Paganini.

Hacking

Hacking Data breaches Advertising Education

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Thinkful forces a password reset for all users after a data breach

Security Affairs

SEPTEMBER 23, 2019

The online education platform for developers Thinkful suffered a security breach and is notifying the incident to its customers requiring them to reset their passwords. The company is notifying the incident to its users via email and is forcing a password reset in response to the incident. Pierluigi Paganini.

Data breaches

Data breaches Passwords Education Advertising

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

An attacker can trigger the vulnerability to extract sensitive data from the memory of the affected devices, including usernames and passwords. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA) .” reads the report published by Truesec.

Ransomware

Ransomware VPN Education Hacking

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, enterprise network equipment ) The post Hackers can hack organizations using data found on their discarded enterprise network equipment appeared first on Security Affairs.

Hacking

Hacking VPN Marketing Authentication

“My Slice”, an Italian adaptive phishing campaign

Security Affairs

JANUARY 22, 2024

The propounded web page is highly customized ([link] and looks like a form with logos and names of the targeted organization with a preset e-mail address and a password field to be typed. Following the request, you end up handing over your login information to the scammers while being redirected to your organization’s home page.

Phishing

Phishing Education Social Engineering Media

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost. Cisco investigated the hacking campaign with the help of Rapid7. concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations.

Ransomware

Ransomware Hacking Encryption Penetration Testing

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. SolarWinds employees claim that the attack resulted from a weak password that an intern had used – “solarwinds123”. All of that could’ve been avoided had SolarWinds implemented a strong password policy.

Data breaches

Data breaches Passwords Social Engineering Encryption

‘Educational’ ransomware program may instead become a how-to guide for attackers

SC Magazine

MARCH 5, 2021

The author claims the program, dubbed Povlsomware, is designed to be an educational tool for testing anti-virus protections; however, it’s possible that cybercriminals could adopt and modify the code in order to launch their own attacks, warns Trend Micro, which detailed the ransomware in a new company blog post this week.

Education

Education Ransomware Malware Cybercrime

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In May 2021, over 36,000 email and password combinations for.edu email accounts were offered for sale on a publically available instant messaging platform. Pierluigi Paganini.

Cybercrime

Cybercrime Education Accountability Phishing

American Bar Association (ABA) suffered a data breach,1.4 million members impacted

Security Affairs

APRIL 21, 2023

.” The investigation launched into the incident revealed that that an unauthorized third party obtained usernames and hashed and salted passwords for members’ online accounts on the ABA website prior to 2018 or the ABA Career Center since 2018. million members impacted appeared first on Security Affairs.

Data breaches

Data breaches Passwords Education Accountability

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

In at least one compromise, the APT actor laterally traversed an SLTT victim network and accessed documents related to sensitive network configurations and passwords, standard operating procedures (SOP), IT instructions, such as requesting password resets, vendors and purchasing information. printing access badges.

Government

Government Hacking Advertising Passwords

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Manufacturing Healthcare Education

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

The ransomware was originally written in Go language and was employed in attacks aimed at healthcare and education sectors in countries like Thailand and Indonesia. ” Upon executing the malware, the Rust binary prompts an error requiring a password to be passed as an argument. SecurityAffairs – hacking, malware).

Ransomware

Ransomware Encryption Healthcare Education

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost. Cisco investigated the hacking campaign with the help of Rapid7. concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

Crooks broke into AT&T email accounts to empty their cryptocurrency wallets

Security Affairs

APRIL 30, 2023

Threat actors are gaining access to AT&T email accounts in an attempt to hack into the victim’s cryptocurrency exchange accounts. Some users with AT&T email addresses wrote on Reddit that they have been hacked, and some of them claim they had the same issue for months. ” reads the post published by TechCrunch.

Cryptocurrency

Cryptocurrency Accountability Passwords Hacking

Ransomware realities in 2023: one employee mistake can cost a company millions

Security Affairs

OCTOBER 17, 2023

With 85% of campaigns targeting victims with phishing emails containing malicious links, another form of a social engineering attack, education and cyber vigiliance remain a high priority. Why should employers educate employees about cyber security? You should always stop and verify. Verify domain names – they could end in.co

Social Engineering

Social Engineering Ransomware Engineering Phishing

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

Security Affairs

SEPTEMBER 8, 2023

Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) is actively exploited by ransomware groups to gain initial access to corporate networks. Cisco has been actively investigating the hacking campaign with the help of Rapid7.

Ransomware

Ransomware VPN Authentication Hacking

Challenges of User Authentication: What You Need to Know

Security Affairs

SEPTEMBER 7, 2022

As cloud adoption grows exponentially, businesses scramble to amend security strategies to keep their data and end users safe. Cybercriminals continue to evolve their tactics to exploit vulnerabilities, consistently developing new means to execute DDoS attacks, hacks, and fraud for financial gain or sabotage. Password Strength and 2FA.

Authentication

Authentication Passwords Risk Education

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Security Affairs

APRIL 29, 2023

The Atomic macOS Stealer allows operators to can steal various types of information from the infected machines, including Keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password. The threat actors spread the malware in the form of a ‘.dmg’

Advertising

Advertising Passwords Malware Password Management

Phishing, the campaigns that are targeting Italy

Security Affairs

OCTOBER 12, 2023

In reality, the form with the counterfeit logos is designed to send in an HTTP POST request the e-mail address, username, and password to a listening server operated by the scammers. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”. Education improves awareness” is his slogan.

Phishing

Phishing Scams Education Passwords

SAP April 2023 security updates fix critical vulnerabilities

Security Affairs

APRIL 12, 2023

Once the attacker gained access to BI user’s passwords and depending on the privileges of the BI user, he can perform operations that can completely compromise the application. The complete list of the notes is reported in the latest security bulletin : SAP administrators are urged to apply the available security patches as soon as possible.

Education

Education Media Authentication Passwords

Passwordless sign-in with passkeys is now available for Google accounts

Security Affairs

MAY 3, 2023

Google is rolling out the passwordless secure sign-in with Passkeys for Google Accounts on all platforms. Passwords are essential to protect services and data online, but when obtained by threat actors they can pose a risk to the users. ” reads the announcement published by the company. ” reads a post published by Google.

Accountability

Accountability Passwords Password Management Phishing

FTC shares guidance for small businesses to prevent ransomware attacks

Security Affairs

NOVEMBER 14, 2021

Other important protections are: 1) rigorous authentication procedures; and 2) a company policy that requires passwords for employee credentials and administrative functions to be l-o-n-g and complex.” SecurityAffairs – hacking, ransomware). ” states the FTC. Follow me on Twitter: @securityaffairs and Facebook.

Small Business

Small Business Ransomware Backups Authentication

Kodi discloses data breach after its forum was compromised

Security Affairs

APRIL 14, 2023

The threat actor was able to access the nightly backups containing all public forum posts, team forum posts, messages sent through the user-to-user messaging system, and user information such as forum username, email address used for notifications, and an encrypted (hashed and salted) password generated by the MyBB software.

Data breaches

Data breaches Backups Passwords Accountability

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

An unauthenticated, remote attacker can exploit the vulnerability to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.

Ransomware

Ransomware VPN Government Retail

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats.

Phishing

Phishing Spyware Government Passwords

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

[link] #MSFTatBlackHat — Security Response (@msftsecresponse) August 5, 2019. In two attacks observed by Microsoft, attackers exploited default settings of the IoT devices (unchanged default password) in a third case the hacked device was not running an updated software. SecurityAffairs – Russia APT, hacking).

IoT

IoT Hacking Advertising Government

British Council exposed 144,000 files containing student details?

Security Affairs

FEBRUARY 1, 2022

The British Council is a British organisation specialising in international cultural and educational opportunities. It operates in over 100 countries: promoting a wider knowledge of the United Kingdom and the English language; encouraging cultural, scientific, technological and educational co-operation with the United Kingdom.

Identity Theft

Identity Theft Education Phishing Scams

ShinyHunters leaked over 386 million user records from 18 companies

Security Affairs

JULY 28, 2020

million $1,200 Minted 5 million $2,500 Styleshare 6 million $2,700 Ggumim 2 million $1,300 Mindful 2 million $1,300 StarTribune 1 million $1,100 ChatBooks 15 million $3,500 The Chronicle Of Higher Education 3 million $1,500 Zoosk 30 million $500. SecurityAffairs – hacking, ShinyHunters). Pierluigi Paganini.

Passwords

Passwords Advertising Education Banking

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

Do not provide your mobile number account information over the phone to representatives that request your account password or pin. Avoid posting personal information online, such as mobile phone number, address, or other personal identifying information. Use a variation of unique passwords to access online accounts.

Mobile

Mobile Cryptocurrency Authentication Accountability

Most Common Causes of Data Breach and How to Prevent It

Security Affairs

MAY 3, 2021

Some of the most popular ones include RAM scraping, wherein the memory of targeted devices is scanned for collecting sensitive information. Some malware attacks install tools like keyloggers to capture the keystrokes for stealing passwords or other sensitive information. SecurityAffairs – hacking, data breach).

Data breaches

Data breaches Social Engineering Engineering Network Security

Trigona Ransomware targets Microsoft SQL servers

Security Affairs

APRIL 20, 2023

Threat actors are hacking poorly secured and Interned-exposed Microsoft SQL servers to deploy the Trigona ransomware. Threat actors are hacking into poorly secured and public-facing Microsoft SQL servers to deploy Trigona ransomware. ” concludes the report.

Ransomware

Ransomware Malware Encryption Hacking

EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

Security Affairs

APRIL 24, 2023

The tool was developed by a company named Kodex, which claims that the tool was developed for an educational purpose. The malware can steal sensitive data from the infected endpoint, including browser history and passwords, and cookies. EvilExtractor is a modular info-stealer, it exfiltrates data via an FTP service.

Cybercrime

Cybercrime Malware Education Phishing

The Top Five Habits of Cyber-Aware Employees

CyberSecurity Insiders

JULY 21, 2021

But a survey conducted by Google and Harris found that many people still refuse to adopt even the most essential credential security measures: just 37 percent use two-factor authentication, around a third change their passwords regularly, and a mere 15 percent use a password manager.

Social Engineering

Social Engineering Password Management Passwords Phishing

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

Attackers may have exploited leaked credentials to brute force access to the repository, since they only needed a password, which is faster than guessing both a username and password. Car industry fails to prevent data leaks Volvo is not the only car brand that has recently exposed itself and its customers.

Retail

Retail Manufacturing Passwords Phishing

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

The credentials provided by the recipient are sent to an attacker-controlled URL, however, after the recipient enters their password, the phishing page redirects to a benign document that contains the interview questions, or an RFI that includes information of interest for the victims.

Phishing

Phishing Media Passwords Malware

New Agenda Ransomware appears in the threat landscape

Security Affairs

AUGUST 27, 2022

The collected samples were 64-bit Windows PE (Portable Executable) files and were used to target healthcare and education organizations in Indonesia, Saudi Arabia, South Africa, and Thailand. Our investigation showed that the samples had leaked accounts, customer passwords, and unique company IDs used as extensions of encrypted files.”

Ransomware

Ransomware Encryption Accountability Antivirus

Security Affairs newsletter Round 293

Security Affairs

DECEMBER 13, 2020

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 293 appeared first on Security Affairs. Pierluigi Paganini.

Computers and Electronics

Computers and Electronics VPN Hacking Ransomware

Moobot botnet spreads by targeting Cacti and RealTek flaws

Security Affairs

APRIL 3, 2023

FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. Because Moobot can kill other botnet processes and also deploy brute force attacks, administrators should use strong passwords and change them periodically.

DDOS

DDOS Malware Hacking Education

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Hot for Security

FEBRUARY 16, 2021

“Educating and supporting seismologists on information security is imperative, as in most cases unauthorized users will try to gain access through a legitimate user’s computer to abuse monitoring networks and IoT devices.”

IoT

IoT InfoSec Data collection Encryption

Peugeot leaks access to user information in South America

Security Affairs

APRIL 25, 2023

The exposed file contained: Full MySQL database Uniform Resource Identifier (URI) – a unique sequence of characters that identifies a resource – as well as username and password to access it; JSON Web Token’s (JWT) passphrase and locations of private and public keys; A link to the git repository for the site; Symfony application secret.

Social Engineering

Social Engineering Education Media Marketing

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Google sued by New Mexico attorney general for collecting student data through its Education Platform

Webinars

Trending Sources

Three Italian universities hacked by LulzSec_ITA collective

Webinars

Thinkful forces a password reset for all users after a data breach

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Hackers can hack organizations using data found on their discarded enterprise network equipment

“My Slice”, an Italian adaptive phishing campaign

Akira ransomware targets Finnish organizations

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

3 of the Worst Data Breaches in the World That Could Have Been Prevented

‘Educational’ ransomware program may instead become a how-to guide for attackers

FBI: Compromised US academic credentials available on various cybercrime forums

American Bar Association (ABA) suffered a data breach,1.4 million members impacted

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

FBI and CISA warn of attacks by Rhysida ransomware gang

Experts spotted a variant of the Agenda Ransomware written in Rust

Akira ransomware targets Finnish organizations

Crooks broke into AT&T email accounts to empty their cryptocurrency wallets

Ransomware realities in 2023: one employee mistake can cost a company millions

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

Challenges of User Authentication: What You Need to Know

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Phishing, the campaigns that are targeting Italy

SAP April 2023 security updates fix critical vulnerabilities

Passwordless sign-in with passkeys is now available for Google accounts

FTC shares guidance for small businesses to prevent ransomware attacks

Kodi discloses data breach after its forum was compromised

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

British Council exposed 144,000 files containing student details?

ShinyHunters leaked over 386 million user records from 18 companies

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Most Common Causes of Data Breach and How to Prevent It

Trigona Ransomware targets Microsoft SQL servers

EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

The Top Five Habits of Cyber-Aware Employees

Volvo retailer leaks sensitive files

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

New Agenda Ransomware appears in the threat landscape

Security Affairs newsletter Round 293

Moobot botnet spreads by targeting Cacti and RealTek flaws

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Peugeot leaks access to user information in South America

Stay Connected