Tag Archive for: Caught

Schools don’t have great cybersecurity, and hackers have caught on : NPR


School cyberattacks are on the rise.
School cyberattacks are on the rise.

Scott Elder has a pretty typical morning routine. He wakes up at 7 a.m., drinks coffee and feeds the dogs, Bella (a rat terrier) and Spencer (a Chihuahua). But on Jan. 12, 2022, Elder’s routine was interrupted by a concerning phone call.

Elder is the superintendent of Albuquerque Public Schools in New Mexico, and the call came from his district’s IT department, saying they had found some sort of computer virus.

He recalls thinking, “Oh, we’ve got a bug in the system and they found it so they’ll just kill it and we’ll be done, right?”

The bug was in the student records system. So Elder’s IT staff shut that network down. But that meant teachers wouldn’t have access to basic information about the almost 70,000 students enrolled in New Mexico’s largest school district. Educators couldn’t take attendance, wouldn’t know children’s bus routes and were locked out of grading systems.

Meanwhile, IT staff was desperately trying to figure out whether the computer virus had spread to their health records, security system and payroll.

Over the course of the morning, Elder began to understand the enormity of the situation.

“I would say that I went from mildly disturbed at 7 a.m., to very concerned by 9 a.m., to sick to my stomach by noon because I was beginning to realize that this was not a one-day event, that we had a real problem.”

Then came the ransom demand for more than a million dollars.

School systems of every size have been hit by cyberattacks, from urban districts like Los Angeles and Atlanta, to rural districts in Pennsylvania and Illinois. And the problem has been growing.

While it’s hard to know exactly how many K-12 school systems have been targeted by hackers, an analysis by the cyber security firm Emsisoft estimates that 45 school districts were attacked in 2022. In 2023, Emsisoft found that number more than doubled, to 108.

“The education sector has been and continues to be very heavily…

Source…

Teacher From Westchester Caught With Child Porn, Trying To Hack Teen’s Social Media: Feds


Yorktown resident and teacher Giuseppi Micciari, age 27, was arrested on child pornography charges and presented in White Plains federal court on Wednesday, Nov. 1, the US Attorney’s Office for the Southern District of New York announced. 

According to federal officials, Micciari’s arrest followed a review of his cell phone conducted by authorities that revealed the existence of several videos and pictures containing child sexual abuse material. 

The review of Micciari’s phone also revealed that he had used an application called Telegram, an Internet and cloud-based instant messaging service that allows users to exchange messages, share files, and hold private calls. 

Some communications contained in the Telegram app on Micciari’s phone included a request for an “account hack” of a student’s Snapchat account, in addition to a question from an individual that read, “what age teen content you have.” Micciari’s alleged reply to this was, “there one big Mega 10-17,” according to officials.

Micciari was identified as a teacher by a US passport application submitted in connection with the issuance of his passport. Authorities did not release information on where he is or has been employed.

Micciari is now charged with: 

  • One count of receipt and distribution of child pornography;
  • One count of possession of child pornography.

Both counts carry a maximum prison term of 20 years, officials said.

New York Field Office of Homeland Security Investigations Special Agent in Charge Ivan Arvelo said that Micciari took advantage of his position as a teacher and should “face just consequences” for his actions. 

“Giuseppi Micciari was entrusted with our most vulnerable segment of society – our children. His alleged depraved acts betrayed that trust,” Arvelo said.


to follow Daily Voice

Eastchester

and receive free news updates.

Source…

Rigged Software and Zero-Days: North Korean APT Caught Hacking Security Researchers


Google’s threat hunting unit has again intercepted an active North Korean APT actor sliding into the DMs of security researchers and using zero-days and rigged software tools to take control of their computers.

Google’s Threat Analysis Group (TAG) on Thursday outed the government-backed hacking team’s social media accounts and warned that at least one actively exploited zero-day is being used and is currently unpatched.

Using platforms like X (the successor to Twitter) as their initial point of contact, the North Korean threat actor cunningly forged relationships with targeted researchers through prolonged interactions and discussions.

“In one case, they carried on a months-long conversation, attempting to collaborate with a security researcher on topics of mutual interest. After initial contact via X, they moved to an encrypted messaging app such as Signal, WhatsApp or Wire. Once a relationship was developed with a targeted researcher, the threat actors sent a malicious file that contained at least one 0-day in a popular software package,” Google explained.

Google did not identify the vulnerable software package.

Google said the zero-day exploit was used to plant shellcode that conducts a series of anti-virtual machine checks and then sends the collected information, along with a screenshot, back to an attacker-controlled command and control domain. 

“The shellcode used in this exploit is constructed in a similar manner to shellcode observed in previous North Korean exploits,” Google said, noting that the security defect has been reported to the affected vendor and is in the process of being patched. 

Advertisement. Scroll to continue reading.

Google said it is withholding technical details and analysis of the exploits until a patch is available. 

In addition to targeting researchers with zero-day exploits, Google’s malware hunters also caught the APT group distributing a standalone Windows tool that has the stated goal of ‘download debugging symbols from Microsoft, Google, Mozilla and Citrix symbol servers for reverse engineers.’ 

The source code for the utility, was first published on GitHub a year ago,  has been updated multiple times with features to…

Source…

OODA Loop – North Korean Hackers Caught Using Malware With Microphone Wiretapping Capabilities


Source…