education (12)

12945010901?profile=RESIZE_400xCybercriminals have been masquerading as sellers of GlobalProtect,[1] a virtual private network (VPN) software from Palo Alto Networks, and delivering a new variant of WikiLoader malware through search engine optimization (SEO) poisoning.

See:  https://redskyalliance.org/xindustry/shifts-in-cyber-attack-tactics

WikiLoader, also known as WailingCrab, is a downloader malware first discovered in 2022 by Proofpoint.  It's sold in underground marketplaces by initial access brokers, and hackers typica

12269272496?profile=RESIZE_400xAs October is winding down, we turn our focus to Training.  October 2023 marks the 20th annual Cybersecurity Awareness Month.  While it was initially founded as a national movement in the US, Cybersecurity Awareness Month has since grown into a global initiative.  And for good reason.  Today's cybersecurity market is suffering from a skills gap of 3.4 million trained professionals, with security practitioners being overwhelmed by a continuous onslaught of increasingly sophisticated attacks while

11148586291?profile=RESIZE_400xA maritime VSAT (Very Small Aperture Terminal) is a two-way satellite internet terminal which receives and transmits real-time data via satellites.  It is vital for many vessels to maintain a high-speed, reliable connection while offshore.  In addition to the importance of connectivity for operations, it also serves a key crew welfare role.  However, VSAT also presents cyber threats to vessels, due to the value of the data they transmit and their role as attack vectors for other technology on bo

11117061269?profile=RESIZE_400xThe FBI and CISA issued a joint advisory to warn that the Bl00dy Ransomware gang is now also actively exploiting a PaperCut remote-code execution vulnerability to gain initial access to networks.  The US Cybersecurity & Infrastructure Security Agency mentions that the threat actor has focused their attacks on the education sector, which has a significant public exposure of the flaw.

"In early May 2023, according to FBI information, the Bl00dy Ransomware Gang gained access to victim networks acro

11027530855?profile=RESIZE_400xResearchers at SentinelLabs have been monitoring a cluster of malicious Office documents that stage Crimson RAT, distributed by APT36 (Transparent Tribe) that target the education sector.  Analysts have assessed that this activity is part of the group’s previously reported targeting of the education sector in the Indian subcontinent.  Seen was APT36 (also known as Transparent Tribe) introducing OLE embedding to its typically used techniques for staging malware from lure documents and versioned c

11027495256?profile=RESIZE_400xThis year millions of people have tried and been wowed by artificial-intelligence systems.  That is in no small part thanks to OpenAI’s chatbot ChatGPT.  When it launched last year, the chatbot became an instant hit among students, many of whom embraced it as a tool to write essays and finish homework.  Some media outlets went as far as to declare that the college essay is dead.  Alarmed by an influx of AI-generated essays, schools around the world moved swiftly to ban the use of the technology.

10925387475?profile=RESIZE_400xOur friends at The Record shared some concerning news for the US.  More than 200 local governments, schools and hospitals in the US were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft.

The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year.  These figures are based only on public

10853628288?profile=RESIZE_400xVice Society is an intrusion, exfiltration, and extortion hacking group that first appeared in summer 2021 that has alleged ties to Russia who attacks “With Love.”  Vice have crossed the line of what many hackers said was off limits – education and health care systems and facilities.  This past September, a ransomware attack on the Los Angeles Unified School District crippled its digital operations across their system, which includes more than 1,000 schools and serves roughly 600,000 students.  

10805304256?profile=RESIZE_400xThis joint CISA - Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.  These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware.  Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about

9747897664?profile=RESIZE_400xA recent bipartisan report by the US Senate’s Homeland Security and Governmental Affairs Committee shows that key government agencies have made little progress in terms of cybersecurity over the past two years.  A report published in 2019 found that eight federal agencies failed to meet even the basic cybersecurity standards and protocols. Two years later, cybersecurity at those agencies was again analyzed and the findings are as described in the new report “stark.”

The new report, titled “Feder

8952553461?profile=RESIZE_400xActivity Summary - Week Ending 21 May 2021:

  • Analysts identified 1,828 new IP addresses participating in various Botnets
  • Red Sky Alliance identified 28,925 connections from new unique IP Addresses
  • Our collection show 21 unique email accounts compromised with Keyloggers
  • FiveHands Ransomware
  • Panda Stealer
  • Waikato (NZ) District Health Boar – Hit
  • AXA Partners in Asia – attacked by the Avaddon Group
  • Ireland Hospital Hacking
  • Glasgow (Scotland) Caledonian University – IT shut Down
  • Additional DarkSide T

8302951861?profile=RESIZE_400xActivity Summary - Week Ending 18 December 2020:

  • 28 unique email accounts compromised with keyloggers in the RedXray collections
  • Red Sky Alliance identified 41,143 connections from new unique IP addresses
  • Analysts identified 2,439 new IP addresses participating in various Botnets
  • The top Malware Variants we again, Sality and Corkow, followed by Loki
  • Covid-19 lures remain one of the top Suspicious Domains
  • Bandook Trojan is Back
  • UK based ‘end user computing’ (EUC)
  • The Education Sector remains a t