Education, Passwords and Ransomware - Cyber Security Informer

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. Realizing EDR was active, they pivoted by scanning the network for vulnerable devices.

Ransomware

Ransomware IoT Encryption Passwords

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

INE Security , a leading provider of cybersecurity training and certifications, today shared its cybersecurity training for cyber hygiene practices for small businesses, underscoring the critical role of continuous education in safeguarding digital assets. Tip 5: Backing Up Data Regularly Data loss can be devastating for small businesses.

Small Business

Small Business Data breaches Backups Passwords

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.” So it’s a double vig.”

Ransomware

Ransomware Backups Encryption Internet

Dental group lied through teeth about data breach, fined $350,000

Malwarebytes

JANUARY 6, 2025

A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an accidentally formatted hard drive. In October 2020, Westend Dental was attacked by the Medusa Locker ransomware group.

Data breaches

Data breaches Ransomware Passwords Insurance

Pennsylvania State Education Association data breach impacts 500,000 individuals

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. PSEA is affiliated with the National Education Association (NEA).

Education

Education Data breaches Identity Theft Insurance

Warning over free online file converters that actually install malware

Malwarebytes

MARCH 17, 2025

The FBI warned specifically about that malware leading to ransomware attacks, but we’ve also seen similar sites that install browser hijackers, adware, and potentially unwanted programs (PUPs). Other passwords and session tokens that could allow the scammers to bypass multi-factor authentication (MFA). Email addresses.

Malware

Malware Adware Education Phishing

GUEST ESSAY: Why automating distribution of strong passwords to employees is wise to do

The Last Watchdog

APRIL 28, 2022

Passwords have become ubiquitous with digital. The humble password is nothing more than a digital key that opens a door. And they use passwords to open a device, a system, an account, a file and so on. Which begs the question: why do people create their own passwords? Yet most people don’t know how to use them properly.

Passwords

Passwords Encryption Phishing Social Engineering

Facebook's new passkey support could let you ditch your password once and for all

Zero Day

JUNE 19, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Passwords

Passwords Password Management Small Business Mobile

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

The Last Watchdog

NOVEMBER 19, 2023

That’s largely because the splashy headlines and online buzz created by bringing down the pair of casinos will only motivate more mid-level cybercriminals to follow Scattered Spiders’ model, putting wide-reaching businesses at risk of ransomware attacks due to the rise of ransomware-as-a-service models.

Social Engineering

Social Engineering Passwords Authentication Marketing

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

JUNE 6, 2025

X Trending Memorial Day tech sales 2025 Memorial Day TV sales 2025 Memorial Day lawn & outdoor sales 2025 Memorial Day phone sales 2025 Memorial Day health tracker sales 2025 Memorial Day headphone sales 2025 Memorial Day laptop sales 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best (..)

Password Management

Password Management Passwords Artificial Intelligence Software

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network.

Ransomware

Ransomware Accountability Passwords Cybercrime

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. “ Cl0p ” a.k.a.

Healthcare

Healthcare Backups Ransomware Insurance

Why SMS two-factor authentication codes aren't safe and what to use instead

Zero Day

JUNE 17, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Authentication

Authentication Password Management Small Business Passwords

How Most Cyber Attacks Begin: The Hidden Dangers of Credential-Based Threats

Hacker's King

MAY 24, 2025

Credential-based attacks include usernames, passwords, and tokens. The threat lies in how real these messages seem, which is why education becomes important. Accounts with easily guessable passwords fall victim to this and suffer unimaginable damage.

Cyber Attacks

Cyber Attacks Passwords Education Phishing

Apple quietly makes running Linux containers easier on Macs

Zero Day

JUNE 13, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Energy and Utilities Artificial Intelligence

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Zero Day

JUNE 20, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

How global threat actors are weaponizing AI now, according to OpenAI

Zero Day

JUNE 6, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Artificial Intelligence

Artificial Intelligence Password Management Small Business Passwords

WHEN IS CYBERSECURITY IS WEEK

Hacker's King

OCTOBER 26, 2024

Cybersecurity Week is a global initiative that brings together various stakeholders—government agencies, educational institutions, and private companies—to promote understanding and awareness of cybersecurity issues. These sessions not only educate participants but also foster a sense of community among those invested in cybersecurity.

Cybersecurity

Cybersecurity Cyber threats Education Passwords

Microsoft Announces Security Update with Windows Resiliency Initiative

eSecurity Planet

DECEMBER 4, 2024

This approach also helps to contain the spread of malware and ransomware, which, according to Microsoft’s Digital Defense Report, resulted in 93% of these attacks being successful due to them having access to so many privileged user accounts.

Encryption

Encryption Phishing Authentication Passwords

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

This bypasses security barriers entirely, giving adversaries a direct path to infiltrate networks, steal data, and deploy ransomware undetected. For businesses, this means their compromised access can be resold multiple times, leaving them vulnerable to repeated attacks from different threat actors if passwords arent changed promptly.

VPN

VPN Authentication Ransomware Risk

Google Cybersecurity Action Team Threat Horizons Report #3 Is Out!

Anton on Security

JULY 7, 2022

My favorite quotes from the report follow below: “Another common tactic that continues to be observed is when bad actors actively impersonate legitimate sounding organizations (especially in journalism or education) with the objective of interacting with the target in a trusted manner before launching an attack. ” [A.C.?—?to not malware?—?do

Cybersecurity

Cybersecurity Cryptocurrency Ransomware Education

Here's why network infrastructure is vital to maximizing your company's AI adoption

Zero Day

JUNE 14, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Artificial Intelligence

Artificial Intelligence Password Management Small Business Digital transformation

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

IT Security Guru

FEBRUARY 25, 2025

A prime example is multi-factor authentication (MFA), a security process that requires users to verify their identity in two or more ways, such as a password, a code sent to their phone, or a fingerprint. MFA Bombing: Armed with the compromised username and password, they initiate a login attempt and trigger an MFA prompt.

Social Engineering

Social Engineering Authentication Risk Accountability

Ransomware and Cyber Extortion in Q4 2024

Digital Shadows

JANUARY 14, 2025

Key Findings The last quarter of 2024 proved to be a pivotal period for ransomware activity, marked by emerging threats and unexpected shifts among established groups. Ransomware Activity Hits All-Time High in December Ransomware attacks have been climbing steadily over the past few years, despite some temporary dips along the way.

Ransomware

Ransomware Social Engineering Phishing Manufacturing

Xanthorox AI: A New Breed of Malicious AI Threat Hits the Darknet

eSecurity Planet

APRIL 8, 2025

Xanthorox vision can analyze images and screenshots to extract sensitive data or interpret visual content useful for cracking passwords or reading stolen documents. These tools allow hackers to plan and launch fully automated attacks, including phishing campaigns , ransomware drops, and malware development.

Social Engineering

Social Engineering Phishing Engineering Cyber threats

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. Key findings from Tenable's report Tenable's research team investigated DeepSeek R1's ability to generate malicious code, specifically a keylogger and a simple ransomware program.

Malware

Malware Cybersecurity Cyber threats Threat Detection

Scattered Spider Strikes Again: U.K. Attacks Spark U.S. Retailer Alarm

SecureWorld News

MAY 16, 2025

"Scattered Spider is a particularly tricky and stealthy distributed group of cybercriminals and is considered part of 'The Community,' a broader group of cyber adversaries engaged in everything from SIM swapping to ransomware using widely available RaaS platforms. What makes the U.K. Google Threat Intelligence warns that U.S.

Retail

Retail Social Engineering Engineering Telecommunications

8 security tips for small businesses

Malwarebytes

NOVEMBER 6, 2024

An infection has been found, a breach was discovered, or ransomware has disabled systems or made files unretrievable. Lock things down Having a strict policy to protect your important assets with strong passwords and multi-factor authentication (MFA) should be a no-brainer. There is the first issue right there.

Small Business

Small Business Backups Firewall VPN

Deceptive Google Meet Invites Lures Users Into Malware Scams

eSecurity Planet

OCTOBER 22, 2024

Regularly back up your data : Frequent backups can safeguard your information against ransomware attacks and malware infections. Options like waiting rooms and password-protected meetings can help prevent unauthorized access. Even if your credentials are compromised, attackers will face an extra hurdle in accessing your accounts.

Scams

Scams Malware Phishing Social Engineering

IT threat evolution Q3 2024

SecureList

NOVEMBER 29, 2024

These documents are in fact password-protected ZIP or other archives. Interestingly, Twelve shares infrastructure, utilities and TTPs (Tactics, Techniques and Procedures) with the DARKSTAR ransomware group (formerly known as Shadow or COMET). Victims are tricked into clicking the link to retrieve documents related to the lawsuit.

Energy and Utilities

Energy and Utilities Ransomware Malware Government

Unmasking North Korea's Covert IT Army. Before You Hire Them

SecureWorld News

NOVEMBER 12, 2024

These IT workers could easily receive instructions to deploy ransomware and disable major organizations across the U.S. KnowBe4 discovered their operative's intent when the newly-hired "employee" attempted to load password-stealing malware onto a company-issued device. and Europe very quickly."

Government

Government VPN Cyber threats Education

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Simic Bojan Simic , CEO, HYPR The era of passwords will further decline as credential misuse rises, with AI both aiding and challenging security efforts. Anti-ransomware solutions incorporate AI to aggregate system-level insights and protect against zero-day attacks. This frees teams for strategic efforts like risk management.

Risk

Risk Threat Detection Technology Phishing

Top 10 Cybersecurity Trends to Expect in 2025

Hacker's King

DECEMBER 24, 2024

In 2025, insurers will refine their policies to cover new threats such as ransomware and supply chain attacks, providing businesses with financial safeguards against cyber losses. Biometric Authentication on the Rise Traditional passwords are increasingly seen as inadequate for modern security needs.

Cybersecurity

Cybersecurity Cyber Insurance IoT Insurance

Your Android phone just got a big upgrade for free - these Pixel models included

Zero Day

JUNE 17, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Artificial Intelligence Software

Solid Data Security: The Foundation of a Safe Digital World

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

In fact, according to the 2024 Thales Data Threat Report , more than 80% of organizations reported at least one breach in the last year, while ransomware attacks grew more frequent, with 28% of organizations reported experiencing an attack in 2024, compared to 22% in 2023. A host of threats continue to put enterprise data at risk.

DDOS

DDOS Encryption Data breaches Identity Theft

Apple Intelligence is getting more languages - and AI-powered translation

Zero Day

JUNE 9, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Artificial Intelligence

Artificial Intelligence Password Management Small Business Digital transformation

The danger of data breaches — what you really need to know

Webroot

APRIL 22, 2025

Phishing and social engineering : Using your personal information, scammers can craft more convincing phishing emails or messages to trick you into giving up even more sensitive details, like passwords and PIN numbers. Use strong, unique passwords: Strong, unique passwords are a simple, yet powerful security tool.

Data breaches

Data breaches Identity Theft Passwords eCommerce

5 riskiest places to get scammed online

Malwarebytes

JUNE 18, 2025

For instance, though people were least likely to encounter a scam once a week through a buying or selling platform like Facebook Marketplace or Craigslist (36%), such platforms were of course the most likely place for scam victims to have their credit card details and passwords stolen by a scammer masquerading as a legitimate business.

Scams

Scams Social Engineering Media Engineering

Yet another European government is ditching Microsoft for Linux - here's why

Zero Day

JUNE 16, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Government

Government Password Management Small Business Software

I found a Linux distro that combines the best parts of other operating systems (and it works)

Zero Day

JUNE 13, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Energy and Utilities Artificial Intelligence

ChatGPT can now connect to MCP servers - here's how, and what to watch for

Zero Day

JUNE 17, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Artificial Intelligence

Artificial Intelligence Password Management Small Business Digital transformation

Is this the end of Intel-based Macs? Apple confirms bittersweet update policy for MacOS

Zero Day

JUNE 9, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Artificial Intelligence Digital transformation

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 4, 2025

Rhysida Ransomware gang claims the hack of the Government of Peru DragonForce group claims the theft of data after Co-op cyberattack U.S. Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Cyber Attacks Malware Phishing

Your Android phone just got a major feature upgrade for free - including these Pixel models

Zero Day

JUNE 13, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management

Password Management Small Business Artificial Intelligence Software

Akira ransomware gang used an unsecured webcam to bypass EDR

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

Trending Sources

REvil Ransomware Gang Starts Auctioning Victim Data

Dental group lied through teeth about data breach, fined $350,000

Pennsylvania State Education Association data breach impacts 500,000 individuals

Warning over free online file converters that actually install malware

GUEST ESSAY: Why automating distribution of strong passwords to employees is wise to do

Facebook's new passkey support could let you ditch your password once and for all

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

86 million AT&T customer records reportedly up for sale on the dark web

Who Is the Network Access Broker ‘Babam’?

New Ransom Payment Schemes Target Executives, Telemedicine

Why SMS two-factor authentication codes aren't safe and what to use instead

How Most Cyber Attacks Begin: The Hidden Dangers of Credential-Based Threats

Apple quietly makes running Linux containers easier on Macs

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

How global threat actors are weaponizing AI now, according to OpenAI

WHEN IS CYBERSECURITY IS WEEK

Microsoft Announces Security Update with Windows Resiliency Initiative

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Google Cybersecurity Action Team Threat Horizons Report #3 Is Out!

Here's why network infrastructure is vital to maximizing your company's AI adoption

Understanding MFA Fatigue: Why Cybercriminals Are Exploiting Human Behaviour

Ransomware and Cyber Extortion in Q4 2024

Xanthorox AI: A New Breed of Malicious AI Threat Hits the Darknet

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

Scattered Spider Strikes Again: U.K. Attacks Spark U.S. Retailer Alarm

8 security tips for small businesses

Deceptive Google Meet Invites Lures Users Into Malware Scams

IT threat evolution Q3 2024

Unmasking North Korea's Covert IT Army. Before You Hire Them

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Top 10 Cybersecurity Trends to Expect in 2025

Your Android phone just got a big upgrade for free - these Pixel models included

Solid Data Security: The Foundation of a Safe Digital World

Apple Intelligence is getting more languages - and AI-powered translation

The danger of data breaches — what you really need to know

5 riskiest places to get scammed online

Yet another European government is ditching Microsoft for Linux - here's why

I found a Linux distro that combines the best parts of other operating systems (and it works)

ChatGPT can now connect to MCP servers - here's how, and what to watch for

Is this the end of Intel-based Macs? Apple confirms bittersweet update policy for MacOS

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

Your Android phone just got a major feature upgrade for free - including these Pixel models

Stay Connected