Alexander Castro reports: A cybercriminal group breached the state’s public benefits portal last July, lingered inside the network’s backend for five months, and triggered hundreds of firewall alerts when it transferred gigabytes of Rhode Islanders’ data to its own servers in November. But RIBridges system vendor and manager Deloitte, a multinational firm valued at $67.2 billion last…
Category: Commentaries and Analyses
Chinese Hackers Hit Drone Sector in Supply Chain Attacks
Ionut Arghire reports: A Chinese threat actor was seen disrupting the drone supply chain in multi-wave attacks against various organizations in Taiwan and South Korea, Trend Micro reports. Dubbed Earth Ammit and believed to be tied to Chinese APTs, the hacking group was seen launching two attack campaigns between 2023 and 2024, targeting organizations across…
$28 million in Texas’ cybersecurity funding for schools left unspent
How often have we heard about cyberattacks affecting Texas school districts? And how often have we heard that k-12 districts are underfunded for cybersecurity and/or don’t have trained personnel? Yet when they are offered money, many districts have not availed themselves of the support. Why? Brian New, Lexi Salazar, Scott Fralicks, and Mike Lozano have a somewhat…
Cyberattacks on Long Island Schools Highlight Growing Threat
I’d called it an “ongoing threat,” but …. Maggie MacAlpine reports: In a concerning development, over 20 school districts across Long Island have fallen victim to cyberattacks, compromising the personal data of more than 10,000 students. According to state education records, 28 incidents were reported in 2024 alone, affecting districts such as Great Neck, Smithtown,…
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
From Mandiant: UNC3944, which overlaps with public reporting on Scattered Spider, is a financially-motivated threat actor characterized by its persistent use of social engineering and brazen communications with victims. In early operations, UNC3944 largely targeted telecommunications-related organizations to support SIM swap operations. However, after shifting to ransomware and data theft extortion in early 2023, they…
Call for Public Input: Essential Cybersecurity Protections for K-12 Schools (2025-26 SY)
As posted at K12 SIX: The K12 SIX Technical Working Group is pleased to open a call for public input into the fourth annual update and revision to the K12 SIX Essential Cybersecurity Protections Series. The goal of the K12 SIX Essential Cybersecurity Protections is to communicate the most important defenses that K-12 school systems…