Education, Hacking and Passwords - Cyber Security Informer

Storm-1977 targets education sector with password spraying, Microsoft warns

Security Affairs

APRIL 27, 2025

Microsoft warns that threat actor Storm-1977 is behind password spraying attacksagainst cloud tenants in the education sector. vip to download AES-encrypted data, which, once decrypted, revealed password spray targets. vip to download AES-encrypted data, which, once decrypted, revealed password spray targets.

Education

Education Passwords Accountability Encryption

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

Troy Hunt

NOVEMBER 7, 2018

It's just another day on the internet when the news is full of headlines about accounts being hacked. This is when hackers try usernames and password combos leaked in data breaches at other companies, hoping that some users might have reused usernames and passwords across services.

Passwords

Passwords Accountability Hacking Education

On world password day, Microsoft says fewer passwords, more passkeys

Malwarebytes

MAY 2, 2025

If there is a cybersecurity themed day that we would like to get rid as soon as possible its world password day. To quote Microsoft : As the world shifts from passwords to passkeys, were excited to join the FIDO Alliance in leaving World Password Day behind to celebrate the very first World Passkey Day.

Passwords

Passwords Password Management Authentication Accountability

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

INE Security , a leading provider of cybersecurity training and certifications, today shared its cybersecurity training for cyber hygiene practices for small businesses, underscoring the critical role of continuous education in safeguarding digital assets.

Small Business

Small Business Data breaches Backups Passwords

Pennsylvania State Education Association data breach impacts 500,000 individuals

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. PSEA is affiliated with the National Education Association (NEA).

Education

Education Data breaches Identity Theft Insurance

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But both SMS and app-based codes can be undermined by phishing attacks that simply request this information in addition to the user’s password.

Hacking

Hacking Social Engineering Phishing Scams

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

In each incident, the intruders have left behind a “web shell,” an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser. The web shell gives the attackers administrative access to the victim’s computer servers.

Hacking

Hacking Software Government Internet

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN. WHAT YOU CAN DO.

Accountability

Accountability Hacking Media Mobile

GUEST ESSAY: Why automating distribution of strong passwords to employees is wise to do

The Last Watchdog

APRIL 28, 2022

Passwords have become ubiquitous with digital. The humble password is nothing more than a digital key that opens a door. And they use passwords to open a device, a system, an account, a file and so on. Which begs the question: why do people create their own passwords? Hackers don’t need to hack in, they just log in.

Passwords

Passwords Encryption Phishing Social Engineering

This Simple Hack Could Tank Your Business

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking

Hacking Phishing Risk Accountability

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

The attacker then moved via RDP to a server and attempted to deploy ransomware as a password-protected zip file, but the victims EDR tool blocked it. Ensure default passwords of IoT devices are changed to unique and complex ones.” Realizing EDR was active, they pivoted by scanning the network for vulnerable devices.

Ransomware

Ransomware IoT Encryption Passwords

Instagram Hacked: Top 5 Ways to Protect Your Account

Hacker's King

DECEMBER 26, 2024

While hacking attempts continue to evolve, so do the strategies to secure your account. Here are five distinct ways to safeguard your Instagram from being hacked, with fresh insights you wont find elsewhere. Unlike passwords or codes, biometric data is unique to you and cannot be easily replicated. Why Biometrics?

Accountability

Accountability Hacking Social Engineering Passwords

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

Security Affairs

JUNE 12, 2025

Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and security risks. Bitsight warns that over 40,000 security cameras worldwide are exposed to remote hacking due to unsecured HTTP or RTSP (Real-Time Streaming Protocol) access.

Hacking

Hacking Telecommunications Internet Internet

Online education site EduCBA discloses data breach and reset customers? pwds

Security Affairs

MAY 24, 2020

The online education portal EduCBA discloses a data breach and is resetting customers’ passwords in response to the incident. Online education website EduCBA discloses a data breach, it has started notifying customers that in response to the incident it is resetting their passwords. Source BleepingComputer.

Data breaches

Data breaches Education Passwords Advertising

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The Krispy Kreme hack is a sobering reminder that no industry is immune to cyber threats.

Password Management

Password Management Passwords CISO Cybersecurity

Inside the Cit0Day Breach Collection

Troy Hunt

NOVEMBER 19, 2020

This is where the "more than 23,000 hacked databases" headlines come from as this is how many files are in the archive. txt" had a small number of email address and password hex pairs. I mean can we trust that both the email addresses and passwords from these alleged breaches represent actual accounts on those services?

Passwords

Passwords Password Management Accountability Risk

How Passwords Get Hacked

Security Boulevard

AUGUST 26, 2021

Can you think of an online service that doesn’t require a password? Everything on the internet requires a password. However, constantly creating and remembering new and ever more complex passwords is no small task. Taking steps to make passwords easier to remember can also make them easier for hackers to guess.

Passwords

Passwords Hacking Internet Internet

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

SecureWorld News

JULY 8, 2024

Case in point: a colossal password compilation dubbed "RockYou2024" has emerged, containing nearly 10 billion unique passwords. The name "RockYou2024" pays homage to the infamous RockYou data breach of 2009, which exposed 32 million passwords due to insecure storage practices.

Passwords

Passwords Password Management Education Accountability

TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb

Security Affairs

MAY 3, 2020

The hacker claims to have hacked the company in March 2020, it has stolen just a small part of the company database. The hacker has shared 15 million user records calling for action in cracking the passwords that are hashed using the SHA2-384 hashing algorithm. SecurityAffairs – Tokopedia, hacking). Pierluigi Paganini.

Accountability

Accountability Hacking Passwords Data breaches

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

The Last Watchdog

NOVEMBER 19, 2023

A hacking gang known as Scattered Spiders soundly defeated the cybersecurity defenses of MGM and Caesars casinos. Scattered spiders In early September, Scattered Spiders infiltrated MGM and Caesars using a variety of relatively common hacking techniques. Reduce the amount of time a temporary password can be used.

Social Engineering

Social Engineering Passwords Authentication Marketing

Google sued by New Mexico attorney general for collecting student data through its Education Platform

Security Affairs

FEBRUARY 23, 2020

New Mexico sues Google for allegedly using the Google for Education platform to gather personal and private data from children. Google is facing a new lawsuit for allegedly using the Google for Education platform to gather personal and private data from students with an age of less than 13 years. Pierluigi Paganini.

Education

Education Advertising Accountability Passwords

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.”

Phishing

Phishing Authentication Telecommunications Accountability

The March Madness Cyber Threat

Adam Levin

MARCH 17, 2022

Unfortunately, brackets create opportunities for a wide array of phishing and hacking campaigns, particularly in workplaces where a lot of brackets are distributed. The potential for hacks and scams is limited to the imagination of the person or group performing them. Change passwords regularly.

Cyber threats

Cyber threats Phishing Passwords Malware

Three Italian universities hacked by LulzSec_ITA collective

Security Affairs

FEBRUARY 13, 2020

The popular Italian hacktivist collective LulzSec ITA claimed via Twitter to have hacked three Italian universities. The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for our society. Pierluigi Paganini.

Hacking

Hacking Data breaches Advertising Education

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

The Last Watchdog

OCTOBER 15, 2019

If there ever was such a thing as a cybersecurity silver bullet it would do one thing really well: eliminate passwords. Threat actors have proven to be endlessly clever at abusing and misusing passwords. So what’s stopping us from getting rid of passwords altogether? Passwords may have been very effective securing Roman roads.

Passwords

Passwords Authentication Data breaches Internet

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. SecurityAffairs – hacking, FBI).

Education

Education Ransomware Encryption Antivirus

How Most Cyber Attacks Begin: The Hidden Dangers of Credential-Based Threats

Hacker's King

MAY 24, 2025

Credential-based attacks include usernames, passwords, and tokens. The threat lies in how real these messages seem, which is why education becomes important. Accounts with easily guessable passwords fall victim to this and suffer unimaginable damage. Zero-Day Exploits These are discovered unpatched software vendor flaws.

Cyber Attacks

Cyber Attacks Passwords Education Phishing

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Krebs on Security

MARCH 31, 2020

Ueland said after hearing about the escrow.com hack Monday evening he pulled the domain name system (DNS) records for escrow.com and saw they were pointing to an Internet address in Malaysia — 111.90.149[.]49 com was identical to the one displayed by escrow.com while the site’s DNS records were hacked.

Phishing

Phishing DNS Social Engineering Accountability

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Thinkful forces a password reset for all users after a data breach

Security Affairs

SEPTEMBER 23, 2019

The online education platform for developers Thinkful suffered a security breach and is notifying the incident to its customers requiring them to reset their passwords. The company is notifying the incident to its users via email and is forcing a password reset in response to the incident. SecurityAffairs – Thinkful, hacking).

Data breaches

Data breaches Passwords Education Advertising

Chinese APT27 Hacking Group targeting German companies

CyberSecurity Insiders

FEBRUARY 10, 2022

German Intelligence Agency BfV that offers cyber threat information from time to time has warned all the companies operating in its region about a possible cyber attack carried out by APT27, the China-based hacking group also known with other names such as Iron Tiger, Bronze Union, Emissary Panda, Lucky Mouse and Masking Panda.

Hacking

Hacking Healthcare Cyber threats Education

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. Verified was hacked at least twice in the past five years, and its user database posted online.

Ransomware

Ransomware Passwords Accountability Cybercrime

This Simple Hack Could Tank Your Business

Adam Levin

JULY 23, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking

Hacking Phishing Risk Accountability

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

While this might protect our mental bandwidth, and in some cases help us avoid hacking attempts via exhaustion tactics, it also has unintended consequenceswhen it comes to cybersecurity. This proactive step significantly reduces impulsive responses to scams or urgent-sounding threats.

Cybersecurity

Cybersecurity Technology Scams Risk

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

In at least one compromise, the APT actor laterally traversed an SLTT victim network and accessed documents related to sensitive network configurations and passwords, standard operating procedures (SOP), IT instructions, such as requesting password resets, vendors and purchasing information. SecurityAffairs – hacking, Energetic Bear).

Government

Government Hacking Advertising Passwords

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

The US Department of Justice has indicted a hacker named Fxmsp for hacking over three hundred organizations worldwide and selling access to their networks. The US Department of Justice has indicted a hacker that goes online with the moniker Fxmsp for hacking over three hundred organizations worldwide and selling access to their networks.

Hacking

Hacking Antivirus Advertising Cybercrime

Shiny Hunters group is selling data from 11 companies on the Dark Web

Security Affairs

MAY 10, 2020

Shiny Hunters hacking group is offering for sale on a dark web marketplace databases containing over 73.2 A hacking group named Shiny Hunters is attempting to sell on a dark web hacking marketplace databases containing more than 73.2 Users of the above companies urge to change their passwords as soon as possible.

Data breaches

Data breaches Hacking Passwords Advertising

Xanthorox AI: A New Breed of Malicious AI Threat Hits the Darknet

eSecurity Planet

APRIL 8, 2025

A new and dangerous AI-powered hacking tool is making waves across the cybercrime underworld and experts say it could change the way digital attacks are launched. Xanthorox vision can analyze images and screenshots to extract sensitive data or interpret visual content useful for cracking passwords or reading stolen documents.

Social Engineering

Social Engineering Phishing Engineering Cybercrime

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

SecureWorld News

JANUARY 8, 2025

In a statement announcing the program , the White House emphasized the growing need for such a measure: "Americans are worried about the rise of criminals remotely hacking into home security systems to unlock doors, or malicious attackers tapping into insecure home cameras to illicitly record conversations.

IoT

IoT Manufacturing Government Cybersecurity

Password Attacks 101

Security Boulevard

JUNE 11, 2021

Why are password attacks like brute forcing so effective? Let’s take a look at three kinds of password attacks that present a real threat to sites and businesses of all sizes. Continue reading Password Attacks 101 at Sucuri Blog. The post Password Attacks 101 appeared first on Security Boulevard.

Passwords

Passwords Small Business Data breaches Accountability

North Korea dedicates a hacking group to fund cyber crime

CyberSecurity Insiders

APRIL 5, 2023

North Korea has established a hacking group named APT43 to fund its cybercrime activities, aimed at advancing Pyongyang’s geopolitical interests. The post North Korea dedicates a hacking group to fund cyber crime appeared first on Cybersecurity Insiders.

Hacking

Hacking Social Engineering Cryptocurrency Manufacturing

What to Do if Your Email Account Has Been Hacked

Heimadal Security

FEBRUARY 11, 2022

My email account has been hacked. Well, having your email account cracked could pose a serious problem given that your photos, contracts, invoices, tax forms, reset passwords for every other account, and sometimes even passwords or credit card PINs are all saved there. How much trouble am I in?

Accountability

Accountability Hacking Passwords Education

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Guy Fawkes Day, November 5th 2018 – LulzSec Italy announced credit a string of hacks and leaks targeting numerous systems and websites across Italy. In celebration of Guy Fawkes Day, November 5th 2018, LulzSec Italy announced credit for a massive string of hacks and leaks targeting numerous systems and websites across Italy.

Passwords

Passwords Education Advertising Media

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

MARCH 5, 2025

Microsoft warns that China-backed APT Silk Typhoon linked to US Treasury hack, is now targeting global IT supply chains, using IT firms to spy and move laterally. Then, the threat actors move laterally from on-premises to cloud environments by dumping Active Directory, stealing passwords from key vaults, and escalating privileges.

Energy and Utilities

Energy and Utilities Passwords Healthcare VPN

Storm-1977 targets education sector with password spraying, Microsoft warns

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

Trending Sources

On world password day, Microsoft says fewer passwords, more passkeys

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

Pennsylvania State Education Association data breach impacts 500,000 individuals

When Low-Tech Hacks Cause High-Impact Breaches

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

GUEST ESSAY: Why automating distribution of strong passwords to employees is wise to do

This Simple Hack Could Tank Your Business

Akira ransomware gang used an unsecured webcam to bypass EDR

Instagram Hacked: Top 5 Ways to Protect Your Account

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

Online education site EduCBA discloses data breach and reset customers? pwds

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Inside the Cit0Day Breach Collection

How Passwords Get Hacked

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

Google sued by New Mexico attorney general for collecting student data through its Education Platform

Storm-2372 used the device code phishing technique since August 2024

The March Madness Cyber Threat

Three Italian universities hacked by LulzSec_ITA collective

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

How Most Cyber Attacks Begin: The Hidden Dangers of Credential-Based Threats

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Thinkful forces a password reset for all users after a data breach

Chinese APT27 Hacking Group targeting German companies

Who Is the Network Access Broker ‘Babam’?

This Simple Hack Could Tank Your Business

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Shiny Hunters group is selling data from 11 companies on the Dark Web

Xanthorox AI: A New Breed of Malicious AI Threat Hits the Darknet

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

Password Attacks 101

North Korea dedicates a hacking group to fund cyber crime

What to Do if Your Email Account Has Been Hacked

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

China-linked APT Silk Typhoon targets IT Supply Chain

Stay Connected