22 matches found
Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden
An investigation into more than 300 cyberattacks against US K–12 schools over the past five years shows how schools can withhold crucial details from students and parents whose data was stolen...
2024 State of Malware in Education report: Top 6 cyberthreats facing K-12 and Higher Ed
Educational institutions may face a range of cyberthreats in 2024, but our 2024 State of Malware in Education report identifies the six most critical ones. Ransomware, for example, stands out as a key threat for schools and universities. The report covers how last year, we witnessed a 92% increas...
2024 State of Ransomware in Education: 92% spike in K-12 attacks
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, “known attacks” are those where the victim did not pay a ransom. This provides the best overall picture of...
Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data
Over the last decade, K-12 schools have made great strides in employing technologies that facilitate learning--especially since the onset of pandemic-induced distance education. While students have long since returned to the classroom, digital platforms for instruction, collaboration, and homewor...
Malwarebytes wins 2023 CRN 'Coolest Endpoint And Managed Security Companies' award
CRN, a trusted source for IT channel news and analysis, has named Malwarebytes one of the "Coolest Endpoint And Managed Security Companies" on the 2023 CRN Security 100 list. The CRN Security 100 highlights channel-friendly cybersecurity vendors across a number of market segments including Endpoi...
A week in security (January 23—29)
Last week on Malwarebytes Labs: T-Mobile reports data theft of 37 million customers in the US Ransomware revenue significantly down over 2022 Microsoft to end direct sale of Windows 10 licenses at the end of January TikTok CEO told to "step up efforts to comply" with digital laws 4 ways to protec...
CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats
Today, CISA released Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats. The report provides recommendations and resources to help K-12 schools and school districts address systemic cybersecurity risk. It also provides insight into the current threat...
A week in security (January 9—15)
Last week on Malwarebytes Labs: Slack private code on GitHub stolen Crypto-inspired Magecart skimmer surfaces via digital crime haven Security vulnerabilities in major car brands revealed Microsoft ends extended support for Windows 7 and Windows Server 2008 today Pokemon NFT card game malware...
5 must-haves for K-12 cybersecurity
Over the years, cyberattacks on K-12 schools and districts have steadily increased, and in 2022 that trend only continued. In the first half of 2022 alone, the education sector saw an average of almost 2,000 attacks every week--a 114% increase compared to two years ago. The tight budgets of many...
Vice Society actors target K-12 institutions in US
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Vice Society is an extortion hacking group that emerged in the summer of 2021. The Vice Society does not use a specific ransomware variant. Instead, they used variants of Hello Kitty, Five Hands, and...
Warning issued about Vice Society ransomware targeting the education sector
The Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, and the Multi-State Information Sharing and Analysis Center MS-ISAC have released a joint Cybersecurity Advisory CSA after observing Vice Society threat actors disproportionately targeting the...
Netop Vision Pro - Distance Learning Software is 20/20 in Hindsight
ARCHIVED STORY Netop Vision Pro – Distance Learning Software is 20/20 in Hindsight By Sam Quinn · MAR 21, 2021 · 27 MIN READ The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help developers provide safer products for...
Netop Vision Pro - Distance Learning Software is 20/20 in Hindsight
ARCHIVED STORY Netop Vision Pro – Distance Learning Software is 20/20 in Hindsight By Sam Quinn · MAR 21, 2021 · 27 MIN READ The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help developers provide safer products for...
Feds: K-12 Cyberattacks Dramatically on the Rise
The feds have warned that cyberattacks on the K-12 education sector are ramping up alarmingly. In an alert from the FBI and the Cybersecurity and Infrastructure Security Agency CISA, officials said that data from the Multi-State Information Sharing and Analysis Center MS-ISAC shows that in August...
Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
Summary This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, and the Multi-State Information Sharing and Analysis Center MS-ISAC. The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeti...
Vulnerability Spotlight: Multiple SQL, code injection vulnerabilities in OpenSIS
Yuri Kramarz and Yves Younan discovered these vulnerabilities. Blog by Jon Munshaw Cisco Talos researchers recently discovered multiple vulnerabilities in the OpenSIS software family. OpenSIS is a student information management system for K-12 students. It is available in commercial and open-sour...
New SchoolSafety.gov Provides Cyber Guidance for K-12 Schools
The Federal School Safety Clearinghouse just launched its website: SchoolSafety.gov. This website—a collaboration between the Department of Homeland Security and the U.S. Departments of Education, Justice, and Health and Human Services—features a fact sheet on Cyber Safety Considerations for K-12...
Magecart Hits Parents and Students via Blue Bear Attack
Blue Bear Software, an administration and e-commerce platform for K-12 schools and other educational institutions, is warning its customers that it has suffered a Magecart attack. Blue Bear’s platform enables management of school accounting, student fees and online stores. In a letter to those...
A week in security (February 25 – March 3)
Last week, we delved into the realm of K-12 schools and security, explored the world of compromised websites and Golang bruteforcers, and examined the possible realms of pay for privacy. We also looked at identity management solutions, Google’s Universal Read Gadget, and did the deepest of dives...
sanjacinto.k12.ca.us XSS vulnerability
Open Bug Bounty ID: OBB-705709 Description| Value ---|--- Affected Website:| sanjacinto.k12.ca.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...