Identity, Email security

Advanced spearphishing attacks target US schools

Workers prepare a presentation of advanced email at the CeBIT 2012 technology trade fair.

Hackread reports that major U.S. school districts have been subjected to ongoing sophisticated spearphishing attacks from the Tycoon and Storm-1575 threat operations since November.

Aside from utilizing social engineering tactics and establishing spoofed sites via phishing-as-a-service tools, both Tycoon and Storm-1575 have also been leveraging adversary-in-the-middle phishing to circumvent multifactor authentication protections, according to a report from PIXM. Intrusions involved the delivery of phishing emails with password update lures that redirected to a convincing Microsoft password site and later enabled credential exfiltration and two-factor authentication code requests for MFA bypass. Such a development comes amid mounting data security incidents in the U.S. education sector, with cybersecurity researcher Jeremiah Fowler discovering the exposure of more than 4 million sensitive student, parent, and school staff records as a result of misconfigured Raptor Technologies web buckets in January, as well as the leak of 210,020 student and parent records related to the Online Voucher Application the following month.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.