Education and Academia

May 10, 2024

Over 8,000 students of a private vocational college have been affected by a cyber attack, the privacy watchdog said on Friday. The Hong Kong College of Technology said its information technology network and file server were hacked in February. A ransomware group is believed to have got hold of 450GB of the college’s data and the ...

April 26, 2024

Today’s browsers are almost operating systems unto themselves. They can run software programs and encrypt files. These capabilities, combined with the browser’s access to the host computer’s files – including ones in the cloud, shared folders and external drives – via the File System Access API creates a new opportunity for ransomware. Imagine you want to ...

April 25, 2024

Higher education institutions have increased their cybersecurity budgets as more universities fall prey to cyber attacks, Moody’s Investor Service says in a report. The bond ratings agency reports that higher education institutions allocating a portion of their budget to cybersecurity increased more than 70 percent from 2019 to 2023. Despite the new spending jump, universities still ...

April 20, 2024

A data breach at one of its vendors has resulted in the “unauthorised access” of names and email addresses of parents and staff from five primary and 122 secondary schools, the Ministry of Education (MOE) said on Friday (Apr 19). MOE said it was notified by Mobile Guardian that its user management portal had been breached ...

March 14, 2024

The Cybercrime Atlas, a massive undertaking that aims to disrupt cybercriminals across the globe, enters its operational phase in 2024, two years after organizers laid the groundwork at the RSA Conference.… Its members now include 20-plus law enforcement agencies, private-sector security companies and incident responders, financial institutions, NGOs, and academics. Over the past year, the investigations ...

February 29, 2024

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint CSA, to disseminate known TTPs and IOCs associated with the Phobos ransomware variants observed as recently as February 2024, according to open source reporting. Phobos is structured as a ransomware-as-a-service ...

February 23, 2024

In September 2023, MITRE hosted a Technical Exchange Meeting (TEM) titled Building Resilience to Cognitive Warfare with participants from MITRE, the Department of Defense, and the Australian Defense Force, whic h focused on securing the cognitive domain, including identifying national-level partnerships and innovation opportunities. This paper explores the emerging importance of cognitive security in the face ...

February 19, 2024

The University faced a cyberattack yesterday (20/02), which is affected internet and services across multiple UK higher education institutions. Students at various colleges were notified of the attack, which affected access to IT services such as CamSIS and Moodle. An internal email revealed that the incident was a Distributed Denial of Service (DDoS) attack, described as ...

February 14, 2024

The Department of Education (DepEd) is examining its systems for possible data breaches after reports of hackers allegedly harvesting 750 gigabytes of data containing sensitive information on banking details, students, teachers and more. DeepWeb Konek, a collective of cybersecurity practitioners, reported yesterday morning on X that it monitored a post by a “threat actor” in the ...

January 30, 2024

Class was canceled Monday across the Freehold Township school district, but not for the familiar January troubles of slushy roads, frozen pipes or a busted boiler. No, this was “a cybersecurity event” that ground school business to a halt. District officials disclosed little about what happened, assuring parents in an email they “retained outside IT expert consultants ...

January 19, 2024

Carnegie Mellon University informed about 7,300 people that their personal information may have been compromised in an August cyberattack that was quietly investigated by law enforcement and the university. The breach impacting one of the nation’s top schools for computing was acknowledged by the university as higher education in general faces a growing assault by digital ...

January 17, 2024

Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States. In this campaign, Mint Sandstorm used bespoke phishing lures in an attempt to socially engineer targets into downloading ...

January 16, 2024

On January 4, 2017, Case Western Reserve University (CWRU), located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. CWRU began working with the FBI, who determined that the ...

January 10, 2024

Alarmed by research indicating that the elderly are the most vulnerable to fraudsters, Thailand’s Ministry of Social Development and Human Security and CIB cybercrime investigators will collaborate with partners to provide digital literacy to senior people nationwide. The minister, Varawut Silpa-archa, stated that more than 13 million people, or almost 20% of the Thai population, are ...

December 12, 2023

As if password authentication’s coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. The technique, developed at Durham University, the University of Surrey, and Royal Holloway University of London, builds on previous work to produce a more accurate way to guess your password by listening to ...

December 1, 2023

Unit 42 researchers observed a series of apparently related attacks against organizations in the Middle East, Africa and the U.S. The researchers will discuss a set of tools used in the course of the attacks that reveal clues about the threat actors’ activity. Unit 42 team is sharing this research to provide detection, prevention and hunting ...

November 24, 2023

As simulated attackers tried to overload an electrical system, cripple a water distribution network and shut down a gas plant, cyber defence operators across 26 national agencies sprung into action to neutralise the assaults on a fictional state’s critical infrastructure. These were among the scenarios that more than 200 participants went through from Nov 22 to ...

November 21, 2023

Ransomware attacks and cybersecurity threats against schools are multiplying and have led to some dramatic consequences. Last year, the Los Angeles Unified School District was hit by a ransomware attack that resulted in hackers posting 500 gigabytes of stolen data online, after the district’s superintendent refused to pay the ransom. The attack compromised about 2,000 student ...

November 20, 2023

The Idaho National Laboratory, part of the U.S. Department of Energy and one of the country’s foremost advanced nuclear energy testing labs, has suffered a breach that released the details of employees online. A hacking group called SiegeSec took responsibility for the breach, which occurred Sunday night. In a statement to local media, INL media spokesperson ...

November 19, 2023

Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations. Since a White House conference in August on ransomware threats, dozens of school districts have signed up for free cybersecurity services, ...