- North Korea Using Social Engineering to Enable Hacking of Think Tanks, Academia, and Media
June 1, 2023
The Federal Bureau of Investigation (FBI), the U.S. Department of State, and the National Security Agency (NSA), together with the Republic of Korea’s National Intelligence Service (NIS), National Police Agency (NPA), and Ministry of Foreign Affairs (MOFA), are jointly issuing this advisory to highlight the use of social engineering by Democratic People’s Republic of Korea ...
- Greece Orders Probe into Exam System Cyber-Attacks
May 31, 2023
Greece’s Supreme Court launched on Tuesday an urgent investigation into the cyber-attacks targeting the Greek high school exams that were interrupted two days running. Following a second cyber-attack on the data bank providing the exam questions, Supreme Court Public Prosecutor Isidoros Dogiakos ordered an investigation with the assistance of the Hellenic Police Cyber Crime Unit. Read more… Source: ...
- Hot Pixels attack checks CPU temp, power changes to steal data
May 27, 2023
A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called “Hot Pixels,” which can retrieve pixels from the content displayed in the target’s browser and infer the navigation history. The attack exploits data-dependent computation times on modern system-on-a-chip (SoCs) and graphics processing units (GPUs) and ...
- Dorchester school IT system held to ransom in cyber attack
May 23, 2023
A school has been left unable to use email or accept payments following a cyber attack. Thomas Hardye School in Dorchester said its screens and systems had been locked since being targeted on Sunday. It said the attack was accompanied by a ransom demand, payable on the dark web. Read more… Source: BBC News
- CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability
May 11, 2023
CISA and FBI have released a joint Cybersecurity Advisory (CSA), Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG. This joint advisory provides details related to an exploitation of PaperCut MF/NG vulnerability (CVE-2023-27350). FBI observed malicious actors exploit CVE-2023-27350 beginning in mid-April 2023 and continuing through the present. In early May 2023, FBI observed a ...
- After a Cyber Attack: Dos and Don’ts for Higher Education IT Staff
May 10, 2023
For most colleges and universities, it’s a question of when, not if, they will experience a cyber attack. Here are seven key considerations for handling the aftermath of a breach. There is a treasure trove of sensitive and valuable information in higher education information systems that is tantalizing to hackers of all kinds. With networks that ...
- Intel CPUs vulnerable to new transient execution side-channel attack
April 24, 2023
A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register. The new attack was discovered by researchers at Tsinghua University, the University of Maryland, and a computer lab (BUPT) run by the Chinese Ministry of Education and is different than most other side-channel attacks. Read ...
- Medusa ransomware claims attack on Open University of Cyprus
April 6, 2023
The Medusa ransomware gang has claimed a cyberattack on the Open University of Cyprus (OUC), which caused severe disruptions of the organization’s operations. OUC is an online university based in Nicosia, Cyprus, that provides remote learning. It offers 30 higher-level education programs to 4,200 students and participates in various scientific research activities. Read more… Source: Bleeping Computer
- Hackers attack several Israeli university websites
April 4, 2023
The sites of Tel Aviv University, Hebrew University of Jerusalem, Ben-Gurion University of the Negev, Haifa University, Weizmann Institute of Science, Open University of Israel and Reichman University were among the sites inaccessible due to the cyberattack. The group posted a statement on its Telegram account, listing the attacked websites. “Infrastructure: Universities – Israel’s education sector ...
- University of California targeted in cyber attack
March 31, 2023
The University of California said Wednesday that it was subject to a cyber attack that has compromised the personal information of some individuals in the university community. According to the ten-campus university system, the cyber attack “involves the use of Accellion, a vendor used by many organizations for secure file transfer, in which an unauthorized individual ...
- APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations
March 28, 2023
Mandiant researchers released a report on APT43, a prolific threat actor operating on behalf of the North Korean regime that they have observed engaging in cybercrime as a way to fund their espionage operations. According to Mandiant they track tons of activity throughout the year, but don’t always have enough evidence to attribute it to a ...
- Wymondham College hit by sophisticated cyber attack
March 14, 2023
Wymondham College said disruption was likely to continue until the Easter holidays due to its IT system being targeted. In a message sent to students, seen by the EDP, the college apologised for disruption but said it believed there had been no data breach. Read more… Source: Wymondham Evening News
- Invitation to a secret event: Uncovering Earth Yako’s campaigns
February 16, 2023
In 2021, Trend Micro researchers observed several targeted attacks against researchers of academic organizations and think tanks in Japan. Trend Micro have since been tracking this series of attacks and identified the new intrusion set we have named “Earth Yako”. Their research points the attribution to the known campaign “Operation RestyLink” or “Enelink”. Upon investigating several ...
- North Korean hackers stole research data in two-month-long breach
February 2, 2023
A new cyber espionage campaign dubbed ‘No Pineapple!’ has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. The campaign lasted between August and November 2022, targeting organizations in medical research, healthcare, chemical engineering, energy, defense, and a leading ...
- University of Iowa Hospitals website possibly hit by cyberattack
February 1, 2023
A Russian hacking group has claimed to have taken down the University of Iowa Hospitals and Clinics website, along with the websites of dozens of other hospitals nationwide. UIHC has acknowledged its website is down Tuesday afternoon and its IT staff is investigating the cause but could not confirm whether it was the result of a ...
- University of Michigan Health says cyber attack impacted public websites, not patient info
January 30, 2023
Michigan Health officials say its public websites experienced issues due to a cyber attack but claims the issue did not impact patient information. In a statement on Monday, officials say the attack affected a “third-party vendor we use to host some of our sites.” Read more… Source: CBS Detroit News
- LAUSD says Vice Society ransomware gang stole contractors’ SSNs
January 20, 2023
Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, says the Vice Society ransomware gang has stolen files containing contractors’ personal information, including Social Security Numbers (SSNs). LAUSD also revealed that the threat actors were active in its network for over two months, between July 31, 2022, and September 3, 2022. Read ...
- Russian troll farms didn’t sway voters in 2016 election
January 9, 2023
A new in-depth study has concluded that the Russian government’s efforts to deploy troll farms on Twitter to sway the 2016 election did not have any measurable impact on the outcome of that race. The U.S. government has been largely united in its assessment that the Kremlin attempted to use online proxies and false internet personas ...
- Iowa’s largest city cancels classes due to cyber attack
January 9, 2023
Iowa’s largest school district cancelled classes for Tuesday after determining there was a cyber attack on its technology network. Des Moines Public Schools announced Monday that classes would be cancelled for its 33,000 students after being “alerted to a cyber security incident on its technology network.” The district said in a news release that it took its ...
- What Can Schools Do Against the Onslaught of Ransomware?
December 22, 2022
Cyber attacks have become a pressing issue for K-12 schools, but school districts aren’t waging the fight alone. A variety of free federal and state resources can offer guidance and assistance, while cyber best practices and automated and managed services can help schools get the most impact from their limited budgets, said speakers during a ...