Wednesday, December 6, 2023

Ethical Hackers Cracked the Universities Cyber Defenses Within Two Hours

A test carried out by ethical hackers against the cyber defenses of 50 universities found that they can cripple the defense and exfiltrate sensitive data within two hours.

The penetration testing conducted ethical hackers” working for Jisc, who provides internet services for universities in the UK. They stimulated attack on universities and them able to access the personal data, finance systems, and research networks.

They are able to reach student and staff personal information, override financial systems and access research databases within two hours and in some cases within an hour.

In the test attack, they used the spear-phishing technique to drop malware into their system through a phishing email.

John Chapman, head of Jisc’s security operations center told that “we are not confident that all UK universities are equipped with adequate cyber-security knowledge, skills and investment”, told BBC.

Universities and colleges are among the risk group that is mostly affected by the frequent cyber attacks, the attackers may be members of the university staff or students.

The universities and colleges hold a lot of information regarding intellectual property and various researches which may be interesting from the commercial point of view.

Cyber attacks are done for different reasons and in the end, there are different benefits.

UK universities and research centers reported more than 1,000 attempts last year to steal data or disrupt services.

The attacks on universities are often linked to the academic calendar of the educational institutions so that their consequences can bring real damage.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.


Latest articles

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles