Security News

The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Kimsuky, also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet, Springtail, and Velvet Chollima, is just one of the myriad offensive cyber teams operating under the direction of the North Korean government and military.

A large-scale phishing campaign is using an unusual lure to earn at least $900,000 by tricking email recipients into believing they're about to receive a baby grand piano for free. The campaign, discovered by email security firm Proofpoint, was launched in January 2024 and has distributed over 125,000 emails, mainly targeting North American university students and faculty.

Western Sydney University has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment. In an announcement posted on the Western Sydney University website today, the University warned that hackers had accessed its Microsoft Office 365 environment, including email accounts and SharePoint files.

The University System of Georgia is sending data breach notifications to 800,000 individuals whose data was exposed in the 2023 Clop MOVEit attacks. The Clop ransomware gang leveraged a zero-day vulnerability in Progress Software MOVEit Secure File Transfer solution in late May 2023 to conduct a massive worldwide data theft campaign.

Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months. Keen readers of El Reg may remember the story breaking toward the end of October 2023 after Akira posted Stanford to its shame site, with the university subsequently issuing a statement simply explaining that it was investigating an incident, avoiding the dreaded R word.

Kansas State University announced it is managing a cybersecurity incident that has disrupted certain network systems, including VPN, K-State Today emails, and video services on Canvas and Mediasite. Kansas State University is a public land-grant research university offering 65 masters and 45 doctoral programs.

The Memorial University of Newfoundland continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus. MUN is the largest public university in Atlantic Canada, with an academic and administrative staff of 3,800, and over 19,000 students from 100 countries.

The University of Michigan says in a statement today that hackers breaching its network in August accessed systems with information belonging to students, applicants, alumni, donors, employees, patients, and research study participants. Unauthorized access to the servers lasted between August 23-27, the university says, and the data exposed included personal, financial, and medical details.

On Tuesday, the University of Michigan warned staff and students that they must reset their account passwords after a recent cyberattack."The University of Michigan is requiring all community members to change their UMICH password by the end of day on Tuesday, September 12," UMICH CISO Sol Bermann and CIO Ravi Pendse said in emails to university staff and students.

The University of Sydney announced that a breach at a third-party service provider exposed personal information of recently applied and enrolled international applicants. In the data breach announcement, the university says that incident had a limited impact and the preliminary investigation found no evidence that local students, staff, or alumni have been impacted.