The FBI has warned that cybercriminals were selling stolen credentials information from higher education organizations on Russian hacker forums, CPO Magazine reports.
The attacker sold username and password combinations on publicly accessible forums, and these stolen credentials are believed to have resulted in ongoing cyberattacks on education institutions and organizations in the U.S.
According to the FBI alert, Compromised U.S. Academic Credentials Identified Across Various Public and Dark Web Forums:
The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publicly accessible forums. This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyberattacks against individual users or affiliated organizations.
Horizon3.ai’s Brad Hong, Customer Success Lead, told CPO Magazine, “The education sector continues to make for attractive targets as it’s very rare that a university focuses on its cyber security stack as its #1 priority.”
Hong continued, “As the majority of colleges in the US, especially ones who are not focused on protecting the intellectual property of their research institutes, have neither the staff nor the budget to implement next-generation cyber tools to combat next generation cyber-attacks, the effort to payoff is several tiers lower than any other industry as a whole.”
Be sure to check out the full article in CPO Magazine.
Quick hits:
- The U.S. ran offensive cyber ops to support Ukraine, the Register reports.
- Splunk code execution vulnerability has been patched in Splunk Enterprise, writes Security Week.
- Ars Technica reports on how botched and silent patches from Microsoft put some customers at risk.
- Kaiser Permanente discloses a data breach at Washington health plan with 69,000 individuals impacted, Health IT Security writes.
- The Register discusses how Microsoft forgot to renew the certificate for their windows Insider domain.
- ABC Science reports that Costa Rica is “at war” with Russian hackers – and other countries will be next.
- Business Insider discusses how real-world repercussions of cyberattacks will require new ways of fighting back.
