Connect with us

Technology

Educational Institutions And Services Are Targets Of Recent Data Breaches

Two separate data breach have affected 62 US colleges and more than 7 million users of the K12.com, with vulnerabilites already exploited by hackers.

Photo by Element5 Digital on Unsplash

Published

on

ad1

Education institutions have been victims of two separate data breaches and hacker attacks that have exposed millions of student data to the prying eyes in the wild.

For one of the exposure, more than 62 US colleges have been breached by a hacker that has exploited a vulnerability in an enterprise resource planning (ERP) web app; the U.S. Education Department confirmed this week.

Ellucian Banner Web Tailor, a module of the Ellucian Banner ERP, which allows universities to customize and design their hope-page websites and online applications, has had a vulnerability that was exploited by a hacker who made fake user profiles that are “almost immediately for criminal activity.”

Banner Web Tailor is a web tool, made for higher education institutions, that provides registration, curriculum management, advising, administration, and reporting functionality. Students can access and change their registration, graduation, and financial aid information. It is also used by professors and teachers to input grades which the students can then view online. It is used by hundreds of institutions, many of which have opted to use the Single Sign-on Manager to participate in CAS- and SAML-based single sign-on services.

Joshua Mulliken, a cybersecurity researcher discovered a vulnerability in the authentication mechanism used by the two modules earlier this year. This vulnerability allowed a hacker to hijack students’ web-sessions and take over their accounts. Ellucian fixed the vulnerability in May, and public disclosure was published, by both the researcher and NIST.

“An improper authentication vulnerability (CWE-287) was identified in Banner Web Tailor and Banner Enterprise Identity Services. This vulnerability is produced when SSO Manager is used as the authentication mechanism for Web Tailor, where this could lead to information disclosure and loss of data integrity for the impacted user(s). The vendor has verified the vulnerability and produced a patch that is now available. For more information, see the postings on Ellucian Communities,” reads the public disclosure of the vulnerability.

According to the announcement made by the US Education Department, hackers have already started exploiting the said vulnerability. “The Department has identified 62 colleges or universities that have been affected by the exploitation of this vulnerability,” officials said.

We have also recently received information that indicates criminal elements have been actively scanning the internet looking for institutions to victimize through this vulnerability and developing lists of institutions for targeting with this exploitation.”

The attackers, as said by the officials for the Education Department, “leverage scripts in the admissions or enrollment section of the affected Banner system to create multiple student accounts.” One victim reported that the attackers created thousands of fake accounts over days, with around 600 accounts created within 24 hours.

K12.com exposes users’ data

Meanwhile, a recent data breach involving K12.com has compromised more than seven million students’ data who use one of the company’s programs, leaving the data accessible to anyone online.

In June 25, 2019, Comparitech and security researcher Bob Diachenko uncovered the exposure when they found an unprotected MongoDB out in the open as they scan for unsecured databases.

The exposure affected K12.com’s A+nyWhere Learning System (A+LS), which is used by more than 1,100 school districts. The database has 6,988,504 records containing students’ data. The information held within each file included:

  • Primary personal email address
  • Full name
  • Gender
  • Age
  • Birthdate
  • School name
  • Authentication keys for accessing ALS accounts and presentations
  • Other internal data

“In this instance, an old version of MongoDB (2.6.4) was being utilized. This version of the database hasn’t been supported since October 2016. What’s more, the Remote Desktop Protocol (RDP) was enabled but not secured. As a result, the database was indexed by both the Shodan and BinaryEdge search engines. This means the records contained in the database were visible to the public,” said the researchers.

The researchers were able to reach out to K12.com, and a representative from the company said: “K12 takes data security very seriously. Whenever we are advised of a potential security issue, we investigate the problem immediately and take the appropriate actions to remedy the situation.”

While the danger that comes from the exposed data was not as huge as the first data breach involving the world’s educational system, the researchers said that it carries with it some implications.

“While the leak of this information isn’t as bad as, for example, the exposure of financial data or Social Security numbers, it does have its implications. These pieces of information can be used to target individual students in spear phishing and account takeover fraud. Having their school name made public could potentially put students at risk of physical harm,” they said.

A consumer tech and cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama. I also own a cybersecurity blog called Zero Day.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Gadgets

Apple iPhone 11 rumored to unveil on September 10

A13 chips?

Published

on

ad1

The announcement date for the iPhone 11 is said to be found on the beta version of its new operating system. This news follows Apple’s release of iOS 13’s beta version to developers last August 15.

Within the seventh beta version of iOS 13, there is an asset labeled “HoldForRelease” that suggests the latest iPhone models could be announced on September 10. The image found in the systems files indicating the said date was first spotted by iHelpBR.

In 2018, just before the official event date for the iPhone was revealed, a similar leak happened to Apple. The leak indicated that the launch of the iPhone XS, iPhone XS Max, and iPhone XR would fall on September 12. The prediction proved to be correct.

Apart from the announcement date, there have been rumors that the newest iPhone line would be released on September 20. The president of Japan’s Softbank Ken Miyauchi implied that the new iPhones would be unveiled during the Apple keynote event on September 10, and they will be released to the market ten days after.

In the past four years, Apple has scheduled the release event in September. The Cupertino-based tech giant has been holding its iPhone event either on the second Tuesday or Wednesday of the month.

It is unlikely that Apple would be hosting the said event on September 11. This makes September 10 as the most probable date. If the rumor proves to be accurate, pre-ordering would most likely start on September 13, and shipping would begin a week after.

While Apple’s announcement is only a few weeks away, there have been leaks and tips regarding the names of the latest iPhones. According to phone case company, ESR, the newest phones would be called iPhone 11, iPhone 11 Pro, and the iPhone 11 Pro Max.

With the growing anticipation for the release of the 2019 Apple iPhone models, the question of what these smartphones can offer is brewing. Apple has recently experienced a 12% decrease in iPhone sales, and it has reported a dip in its quarterly profit as well.

Its rivals — Samsung, Google, and Huawei — recently released their latest smartphones, and they are priced cheaper compared to Apple’s recently released iPhones. With these issues at hand, Apple is expected to deliver a product that can attract new customers and keep its current users.

According to analysts, they don’t see major changes in the iPhone 11. The more extensive changes would be happening in 2020. This might include features like 5G support and 120Hz OLED Retina display.

One of the biggest changes being anticipated with the release of iPhone 11 is its camera set-up. In a Bloomberg report made in January 2019, it seems Apple would be giving at least one of the 2019 iPhone models three rear-facing lenses. This feature would allow the phone to take greater and better wide-angle shots.

The iPhone 11 is rumored to come in four different colors — gold, white, black, and dark green. There are also reports saying that Apple will be dropping the 3D Touch feature this year. Apple might be incorporating a new Haptic Touch technology dubbed as “leap haptics.”

If your other Apple device is running out of battery, the iPhone 11 might be able to give it some juice through its bilateral charging feature. Similar to Samsung’s Galaxy 10 phones, and their ability to power the Galaxy Watch Active and Galaxy Buds, you can use the iPhone 11 to charge the 2019 Apple AirPods or other iPhones.

There is a prediction going around that the 2019 iPhone models would include larger batteries. This means that there is a possibility that their battery life would be much better compared to the older iPhone models.

When it comes to the phone display, Apple is likely offering another LCD phone this year. In last year’s release, the iPhone XR had an LCD display while the iPhone XS and XS Max had high-resolution OLED displays.

With last year’s iPhone releases, the smartphones were equipped with the highly-powerful A12 Bionic chip. Rumors are saying that the iPhone 11 might be powered by a processor that’s quite similar to the one found in the iPad Pros called the A12X. Apple could also be using the new A13 chip.

Continue Reading

Cybersecurity

Kaspersky Antivirus zero-day could ironically allow hackers to track users

Kaspersky has already issued a patch to resolve the vulnerability.

Published

on

Photo: David Orban | Flickr | CC BY 2.0
ad1

A German journalist discovered a flaw in the system of Kaspersky Lab’s antivirus that led to a significant security risk which allowed cybercriminals to track Kaspersky customer without their knowledge.

This all started when Ronald Eikenberg began testing antivirus programs for his own publication. A few months later he discovered that on a website, Kaspersky’s antivirus has been injecting some code. Eikenberg said that it seems that Kaspersky is trying to find ways in interacting with the site even though there is no browser extension on the system.

“One of the purposes of the script is to evaluate Google search results displayed in the user’s browser. If a link is safe, the Kaspersky software will display a green shield behind it,” he added.

In this era, most of the companies and websites would require tracking users across the internet to identify them and learn their interest to provide the target advertisements to be shown to them. Usually, this would require 3rd-party cookies, and this would allow even Facebook or Google to track your movement throughout multiple websites.

The problem however when using Kaspersky Antivirus is that it exposes a user by tagging them with a unique identifier that will record and keep track of what you visited in the past four years, which would allow some sites and third-party services to track them even though users have already blocked them. This will be putting the users at risk since everything that the user does is being monitored or kept track of.

“That’s a bad idea because other scripts that run in the context of the website domain can access the HTML code at any time—and thus the injected Kaspersky ID. This means in plain language that any website can simply read the Kaspersky ID of the user and misuse it for tracking,” the researcher says.

Instead of using unique identifiers, they were given a specific ID assigned to a particular computer; thus, it does not change after several days.

This attack could lead to scamming people by either asking their personal information or bank account information through the form of a payment system. One good example would be that a pop-up will show up and say ‘your license has expired, please enter your credit card information to renew your subscription.’

This process would affect multiple users that are using Kaspersky Antivirus. 

There was a patch that was issued last month to update all Kaspersky antivirus program for all the user of a specific version. However, there is still a version of the security tool that still allows a malicious hacker to know that antivirus software is installed on the machine.

Another way to somehow mitigate the problem is to manually uncheck in the software settings depending on the situation that you feel you are being spied on.

Kaspersky has already removed the unique identifiers for the GET request to enhance somehow the process of checking web pages when it comes to malicious activity. The change was provoked by Eikenberg after he notified Kaspersky about the possible risk of personal information disclosure when using unique identifiers for the GET request.

A statement released by Kaspersky revealed that based on their research, there is a minimal chance that this could be carried out in practice, but it is theoretically possible to happen. The complexity of the program would help fend off the leak of private information and also its low profitability would somehow be a discouragement for the hacker. 

Nevertheless, the company would still need to improve their system in order to prevent further mishaps, the private information that should be protected by the company is a due responsibility that should not be taken short for. Thus it is a severe issue if Kaspersky does not resolve the problem at hand right away. 

On a brighter note, if users want to disable tracking altogether, they can manually disable the URL advisor feature from the settings – additional – network- uncheck traffic processing box. This procedure will allow the user to be safe and not be monitored for the meantime while using the said application.

Users of specific tools that sole purpose is to protect our information and protect the user, having this kind of issue will bring distraught to the public in trusting some of the protection programs to install on their devices.

Continue Reading

Gadgets

Huawei warns Trump of disrupting the dominance of Apple, Google

Huawei CEO said that if the U.S. government continues to deny them of using Android, they will be forced to use HongMeng OS on their new smartphones, disrupting the dominance of Google and Android.

Published

on

Photo by Kamil Kot on Unsplash
ad1

Huawei is poised to take over and disrupt the dominance of two long-standing tech giants in the smartphone industry, Google and Apple, and when pushed by the U.S. government to their last recourse if Washington continues denying the Chinese company access to the Android operating systems for their future smartphone products, it will have no choice but to fight against Google and Apple, which is bad for the U.S., Huawei CEO Ren Zhengfei warned.

Ren stated in an interview that if Google strips them from the Android operating system, then the world will know a third operating system. Ren also claimed that releasing a third operating system will not be the best choice for the two major companies since there will be more competition.

The blacklisting was announced last May, and since then, Huawei has been claiming to launch a new smartphone with a new operating system. The operating system, named HongMeng or Harmony OS, will be better than both the current operating system available, the tech giant said.

People have been wanting a better version of the smartphones that we are using now, instead what we got instead are clever phones that have low-latency, better smart-TVs and even watches that are able to connect to the internet.

Huawei claimed that they don’t have a “plan-B” if ever the banning of Google would happen, according to Ren. If ever Google is not used, they plan to shift HarmonyOS to be viable to smartphones, but it would take some time since the shift would require them to create a whole new system that would be on par when it comes to its performance.

The problem all started when there were claims that due to the coziness of Huawei with the Chinese government, it is feared that the devices would be used as a tool to spy on other countries. This was all the reason that caused the U.S. to ban companies from using equipment from Huawei way back in 2012.

An executive order from President Donald Trump placed Huawei on the list of the U.S. Department of Commerce’s Bureau of Industry and Security on May 15. However, Trump agreed to be more lenient on the restriction as a part of a deal to resume business trade talks with China in June.

If the U.S. really does deny access to Google’s operating system, then Huawei has no choice but to create an alternative, and it will be backed up by China for Huawei to create this alternative.

Ren warned Google, “you cannot rule out the chance that the third operating system might outrun them someday.”

The U.K. can’t practically decide on what to do right now as other major telcos still work hand in hand with Huawei by continuing to sign agreements with them. While the U.S. still is still tangled in trade talks with agriculture, so the cycle of their industry is still the same, fast-moving and no change. 

Supplying ‘authoritarian regimes’

In an interview, Ren also admitted that Huawei supplies “authoritarian regimes.”

“I actually do not make any prejudgement of a government first before we sell to our customers. Because every country has a sovereign system, it’s not in our position to interfere with the sovereignty of other states. If we did, then we would be playing the game of politics, right? And that’s a matter for sovereign states.”

The situation where Huawei is on right now might be a little difficult since it will require a gamble if ever they were denied access with Google’s operating system. Right now, Huawei still does not have any ‘plan-b’ course of action, but they will have to make an alternative when the time comes. They also plan to compete with the two biggest Operating system provider (Google and Apple). 

The U.S. is still pondering on whether to continue the relationships with Huawei or to completely ban them and make them a permanent blacklist on U.S. Department of Commerce’s Bureau of Industry and Security, halting any form of trade with Huawei and demolishing the support that they are still currently having with Google.

The long term plan is still hazy, but if ever the U.S. does force China into a full-scale Android alternative, others will jump on board. And, despite the rhetoric, the U.S. really does not want that.

Continue Reading

Trending