NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 11 September 2025

    Cyber Security News
    1
    1
    256
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Financial Sector

      • Money Mule Networks Surge 168% Fueling Digital Banking Fraud
        "Organized crime groups have industrialized digital banking fraud operations in the United States, with money mule networks surging 168% in the first half of 2025. Money mules are being recruited at an unprecedented scale, and they're using stablecoins to transfer funds to crypto exchanges. The surge in fraud reflects a fundamental transformation in how criminals launder proceeds from account takeover attacks, investment scams and social engineering schemes before detection systems can intervene, according to BioCatch's 2025 Digital Banking Fraud Trends report."
        https://www.bankinfosecurity.com/money-mule-networks-surge-168-fueling-digital-banking-fraud-a-29406
        https://www.biocatch.com/report-2025-digital-banking-fraud-trends-in-the-united-states

      Healthcare Sector

      • Feds Release Updated HIPAA Security Risk Analysis Tool
        "Federal regulators have updated their HIPAA security risk assessment tool that's long been aimed at helping small and midsized providers and business associates with risk analysis - an activity that many healthcare organizations can't seem to get right. The U.S. Department of Health and Human Services Office for Civil Rights and its Assistant Secretary for Technology Policy - formerly known as the Office of the National Coordinator for Health IT - jointly released version 3.6 of the Security Risk Assessment tool on Tuesday, saying the latest update contains "enhancements and improvements based on current cybersecurity guidance and user feedback from previous versions.""
        https://www.bankinfosecurity.com/feds-release-updated-hipaa-security-risk-analysis-tool-a-29411
        https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool

      Industrial Sector

      • ICS Patch Tuesday: Rockwell Automation Leads With 8 Security Advisories
        "Several industrial control systems (ICS) giants have published new security advisories this Patch Tuesday, including Rockwell Automation, Siemens, Schneider Electric, and Phoenix Contact. Rockwell Automation published the highest number of new advisories this Patch Tuesday. The company released eight new advisories, all of them covering high-severity vulnerabilities found recently in the company’s products."
        https://www.securityweek.com/ics-patch-tuesday-rockwell-automation-leads-with-8-security-advisories/
      • Dynamics Of External And Internal Threats To Industrial Control Systems. Q2 2025
        "In Q2 2025, the balance of power in the fight against cyberthreats continued to shift in favor of industrial enterprises — primarily due to the implementation of proactive protection measures and the blocking of threats at early stages. The percentage of ICS computers on which malicious objects were blocked decreased to 20.5% — the lowest level in the past several years."
        https://ics-cert.kaspersky.com/publications/reports/2025/09/10/dynamics-of-external-and-internal-threats-to-industrial-control-systems-q2-2025/

      New Tooling

      • Garak: Open-Source LLM Vulnerability Scanner
        "LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses. It checks for problems like hallucinations, prompt injections, jailbreaks, and toxic outputs. By running different tests, it helps developers understand where a model might fail and how to make it safer."
        https://www.helpnetsecurity.com/2025/09/10/garak-open-source-llm-vulnerability-scanner/
        https://github.com/NVIDIA/garak

      Vulnerabilities

      • Fortinet, Ivanti, Nvidia Release Security Updates
        "Fortinet, Ivanti, and Nvidia on Tuesday announced security updates that address over a dozen high- and medium-severity vulnerabilities across their product portfolios. Ivanti resolved two high-severity insufficient filename validation issues in Endpoint Manager (EPM) that could be exploited remotely, without authentication, to execute arbitrary code. The exploitation of both defects, however, require user interaction. Additionally, the company announced patches for five high- and six medium-severity vulnerabilities in Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access."
        https://www.securityweek.com/fortinet-ivanti-nvidia-release-security-updates/

      Malware

      • FastNetMon Detects a Record-Scale DDoS Attack
        "FastNetMon today announced that it detected a record-scale distributed denial-of-service (DDoS) attack targeting the website of a leading DDoS scrubbing vendor in Western Europe. The attack reached 1.5 billion packets per second (1.5 Gpps) — one of the largest packet-rate floods publicly disclosed. The malicious traffic was primarily a UDP flood launched from compromised customer-premises equipment (CPE), including IoT devices and routers, across more than 11,000 unique networks worldwide. The disclosure comes only days after Cloudflare reported mitigating an 11.5 Tbps DDoS attack, showing how attackers are pushing both packet and bandwidth volumes to unprecedented levels."
        https://fastnetmon.com/2025/09/09/press-release-fastnetmon-detects-a-record-scale-ddos-attack/
        https://www.bleepingcomputer.com/news/security/ddos-defender-targeted-in-15-bpps-denial-of-service-attack/
      • Dual Threat: Threat Actors Combine Credential Phishing And Malware
        "Credential phishing and malware are often considered mutually exclusive; it is generally assumed that an email either delivers credential phishing or malware. While this is typically the case, several recent high-impact campaigns have combined credential phishing and malware delivery. These campaigns are noteworthy as they indicate threat actors diversifying and attempting to gather credentials in multiple ways. This method ensures that if a company has invested heavily in malware detection and response at the cost of credential phishing protection or vice versa, the threat actor will be able to gather credentials."
        https://cofense.com/blog/dual-threat-threat-actors-combine-credential-phishing-and-malware
      • ChillyHell: A Deep Dive Into a Modular MacOS Backdoor
        "During routine sample analysis on VirusTotal, Jamf Threat Labs discovered a file that stood out due to a notable method of process reconnaissance being used. Despite the malware family having been documented in the past, it remains unflagged by antivirus vendors. The sample is developer-signed and successfully passed Apple’s notarization process in 2021. Its notarization status remained active until these recent findings."
        https://www.jamf.com/blog/chillyhell-a-modular-macos-backdoor/
        https://thehackernews.com/2025/09/chillyhell-macos-backdoor-and-zynorrat.html
        https://www.darkreading.com/endpoint-security/dormant-macos-backdoor-chillyhell-resurfaces
        https://www.theregister.com/2025/09/10/chillyhell_modular_macos_malware/
      • EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company
        "A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads. The core component, EggStremeAgent, is a full-featured backdoor that enables extensive system reconnaissance, lateral movement, and data theft via an injected keylogger."
        https://businessinsights.bitdefender.com/eggstreme-fileless-malware-cyberattack-apac
        https://thehackernews.com/2025/09/chinese-apt-deploys-eggstreme-fileless.html
        https://hackread.com/chinese-apt-philippine-military-eggstreme-fileless-malware/
      • AsyncRAT In Action: Fileless Malware Techniques And Analysis Of a Remote Access Trojan
        "Fileless malware continues to evade modern defenses due to its stealthy nature and reliance on legitimate system tools for execution. This approach bypasses traditional disk-based detection by operating in memory, making these threats harder to detect, analyze, and eradicate. A recent incident culminated in the deployment of AsyncRAT, a powerful Remote Access Trojan (RAT), through a multi-stage fileless loader. In this blog, we share some of the key takeaways from this investigation. For an in-depth analysis and full list of identified indicators of compromise (IOCs), download the full report here."
        https://levelblue.com/blogs/security-essentials/asyncrat-in-action-fileless-malware-techniques-and-analysis-of-a-remote-access-trojan
        https://hackread.com/fileless-malware-attack-asyncrat-credential-theft/
      • Analysis Of Backdoor.WIN32.Buterat
        "Backdoor malware is a covert type of malicious software designed to bypass standard authentication mechanisms and provide persistent, unauthorized access to compromised systems. Unlike conventional malware that prioritizes immediate damage or data theft, backdoors focus on stealth and longevity, enabling attackers to control infected endpoints remotely, deploy additional payloads, exfiltrate sensitive information, and move laterally across networks with minimal detection. The Buterat backdoor is a notable example of this threat class, known for its sophisticated persistence techniques and adaptive communication methods with remote command-and-control (C2) servers. First identified in targeted attacks against enterprise and government networks, Buterat commonly spreads through phishing campaigns, malicious attachments, or trojanized software downloads."
        https://www.pointwild.com/threat-intelligence/analysis-of-backdoor-win32-buterat
        https://hackread.com/buterat-backdoor-malware-enterprise-govt-networks/
      • Open Repo, Get Pwned (Cursor RCE)
        "Oasis Security’s research team uncovered a vulnerability in Cursor, the popular AI Code Editor, that allows a maliciously crafted code repository to execute code as soon as it's opened using Cursor, no trust prompt. Cursor ships with Workspace Trust disabled by default, so VS Code-style tasks configured with runOptions.runOn: "folderOpen" auto-execute the moment a developer browses a project. A malicious .vscode/tasks.json turns a casual “open folder” into silent code execution in the user’s context. You can read the Oasis Security Research team’s full report and PoC here."
        https://www.oasis.security/blog/cursor-security-flaw
        https://www.oasis.security/resources/cursor-workspace-trust-vulnerability
        https://www.infosecurity-magazine.com/news/cursor-autorun-flaw-repos-execute/
      • Frankenstein Variant Of The ToneShell Backdoor Targeting Myanmar
        "ToneShell is a lightweight backdoor tied to the China-nexus group Mustang Panda. Typically delivered via DLL sideloading inside compressed archives with legitimate signed executables and often spread through cloud-hosted lures. Zscaler’s 2025 analysis described updates to its FakeTLS C2 (shifting from TLS 1.2- to 1.3-style headers), use of GUID-based host IDs, a rolling-XOR scheme, and a minimal command set for file staging and interactive shell access. Notably, some of this activity was observed in Myanmar, a region of strategic importance to China. Targeting Myanmar is particularly interesting as it reflects China’s broader geopolitical interests, spanning border security, infrastructure projects, and political developments, and highlights how cyber operations are leveraged to maintain influence in neighboring states."
        https://intezer.com/blog/frankenstein-variant-of-the-toneshell-backdoor-targeting-myanmar/
      • Notes Of Cyber Inspector: Three Clusters Of Threat In Cyberspace
        "Hacktivism and geopolitically motivated APT groups have become a significant threat to many regions of the world in recent years, damaging infrastructure and important functions of government, business, and society. In late 2022 we predicted that the involvement of hacktivist groups in all major geopolitical conflicts from now on will only increase and this is what we’ve been observing throughout the years. With regard to the Ukrainian-Russian conflict, this has led to a sharp increase of activities carried out by groups that identify themselves as either pro-Ukrainian or pro-Russian."
        https://securelist.com/three-hacktivist-apt-clusters-tools-and-ttps/117324/
      • KillSec Ransomware Is Attacking Healthcare Institutions In Brazil
        "On September 8, 2025, the notorious ransomware group KillSec claimed responsibility for a cyberattack on MedicSolution, a software solutions provider for the healthcare industry in Brazil. The group has threatened to leak sensitive data unless negotiations are initiated promptly. The attack scenario via a critical supply chain IT vendor may put many healthcare organizations in Brazil at risk, especially their patients, as such systems aggregate massive amounts of sensitive personally identifiable information (PII). Hackers attack supply chain because it allows them to compromise multiple targets efficiently and generate more profit through large-scale data theft, ransom demands, and payment diversion."
        https://www.resecurity.com/blog/article/killsec-ransomware-is-attacking-healthcare-institutions-in-brazil
        https://securityaffairs.com/182063/cyber-crime/killsec-ransomware-is-attacking-healthcare-institutions-in-brazil.html
        https://www.infosecurity-magazine.com/news/killsec-ransomware-hits-brazilian/
      • Technical Analysis Of KkRAT
        "Zscaler ThreatLabz has identified a malware campaign targeting Chinese-speaking users, which has been active since early May 2025. The campaign delivers three types of malware: ValleyRAT, FatalRAT, and a new Remote Access Trojan (RAT) that ThreatLabz named kkRAT. The latter shares code similarities with both Ghost RAT and Big Bad Wolf (大灰狼), a RAT typically leveraged by China-based cybercriminals. In this blog post, ThreatLabz examines the attack chain used in the malware campaign and provides a technical analysis of the kkRAT including its core features, network communication protocol, commands, and plugins."
        https://www.zscaler.com/blogs/security-research/technical-analysis-kkrat
      • Researchers Find Spyware On Phones Belonging To Kenyan Filmmakers
        "Digital forensic researchers on Wednesday accused Kenyan authorities of installing spyware on the phones of two filmmakers who helped produce a documentary about the country’s youth uprising. The filmmakers Bryan Adagala and Nicholas Wambugu were arrested on May 2 and released a day later, but authorities held their phones until July 10. The Kenyan government is believed to have installed the spyware FlexiSPY while authorities had custody of the devices, according to Ian Mutiso, a lawyer representing the filmmakers."
        https://therecord.media/researchers-spyware-kenya-filmmaker-phone
      • Akira Ransomware Group Utilizing SonicWall Devices For Initial Access
        "Last month, an Akira ransomware campaign kicked off targeting SonicWall devices. SonicWall followed up with a security advisory. Initially, this was believed to be a new emerging threat, but SonicWall has since disclosed that this is related to the August 2024 CVE (SNWLID-2024-0015), in which remediation steps were not successfully completed. Rapid7 responded by sending emergent threat communications to our customers alerting them to this threat and advising them to prioritize patching. Since that time, the Rapid7 Incident Response (IR) team has observed an uptick in intrusions involving SonicWall appliances."
        https://www.rapid7.com/blog/post/dr-akira-ransomware-group-utilizing-sonicwall-devices-for-initial-access/
        https://www.theregister.com/2025/09/10/akira_ransomware_abusing_sonicwall/
      • AdaptixC2: A New Open-Source Framework Leveraged In Real-World Attacks
        "In early May 2025, Unit 42 researchers observed that AdaptixC2 was used to infect several systems. AdaptixC2 is a recently identified, open-source post-exploitation and adversarial emulation framework made for penetration testers that threat actors are using in campaigns. Unlike many well-known C2 frameworks, AdaptixC2 has remained largely under the radar. There is limited public documentation available demonstrating its use in real-world attacks. Our research looks at what AdaptixC2 can do, helping security teams to defend against it. AdaptixC2 is a versatile post-exploitation framework. Threat actors use it to execute commands, transfer files and perform data exfiltration on compromised systems. Because it’s open-source, threat actors can easily customize and adapt it for their specific objectives. This makes it a highly flexible and dangerous tool."
        https://unit42.paloaltonetworks.com/adaptixc2-post-exploitation-framework/
      • CyberVolk Ransomware: Analysis Of Double Encryption Structure And Disguised Decryption Logic
        "The CyberVolk ransomware, which first emerged in May 2024, has been launching attacks on public institutions and key infrastructures of various countries, posing a continuous threat. The ransomware is particularly notable for its pro-Russia nature, as it primarily targets anti-Russian countries, making it a geopolitically significant cyber threat. This post provides a technical analysis of the internal workings, encryption structure, and reasons why decryption is not possible in order to offer insights for preparing against similar threats in the future."
        https://asec.ahnlab.com/en/90077/

      Breaches/Hacks/Leaks

      • Jaguar Land Rover Confirms Data Theft After Recent Cyberattack
        "Jaguar Land Rover (JLR) confirmed today that attackers also stole "some data" during a recent cyberattack that forced it to shut down systems and instruct staff not to report to work. JRL functions as a standalone entity under Tata Motors India after its purchase from Ford in 2008. With an annual revenue of over $38 billion (£29 billion), JLR employs approximately 39,000 people and makes more than 400,000 vehicles each year. The automobile manufacturer disclosed the attack on September 2, stating that its "production activities have been severely disrupted." JLR has been working to restart its operations and investigating the incident since then with the help of the U.K. National Cyber Security Centre (NCSC)."
        https://www.bleepingcomputer.com/news/security/jaguar-land-rover-jlr-confirms-data-theft-after-recent-cyberattack/
        https://www.bankinfosecurity.com/jaguar-land-rover-hackers-stole-data-a-29407
        https://www.securityweek.com/jaguar-land-rover-admits-data-breach-caused-by-recent-cyberattack/
        https://www.theregister.com/2025/09/10/jaguar_land_rover_breach/

      General News

      • Deepfakes Are Rewriting The Rules Of Geopolitics
        "Deception and media manipulation have always been part of warfare, but AI has taken them to a new level. Entrust reports that deepfakes were created every five minutes in 2024, while the European Parliament estimates that 8 million will circulate across the EU this year. Technologies are capable of destabilizing a country without a single shot being fired. Humans respond faster to bad news and are more likely to spread it. On top of that, they are very bad at detecting fake information. The anti-immigrant riots in the UK show just how fast false claims on social media can spin out of control and turn into real-world violence."
        https://www.helpnetsecurity.com/2025/09/10/deepfakes-and-misinformation-in-geopolitics/
      • Fixing Silent Failures In Security Controls With Adversarial Exposure Validation
        "Organizations often operate as if their security controls are fully effective simply because they’re deployed, configured, and monitored. Firewalls are in place, endpoints are protected, and SIEM rules are running. All good, right? Not so fast. Appearances can be deceiving. And deception can be devastating. Picus Security’s Blue Report 2025 shows that even well-configured environments continue to miss a substantial portion of attacks. In fact, across more than 160 million attack simulations, Picus Labs found that organizations are detecting only 1 out of 7 attacks, exposing a serious gap between perceived and actual security effectiveness."
        https://www.helpnetsecurity.com/2025/09/10/picus-blue-report-security-controls/
        https://picussecurity.com/hubfs/Blue-Report-2025/Blue-Report-2025.pdf
      • AI Agents Are Here, Now Comes The Hard Part For CISOs
        "AI agents are being deployed inside enterprises today to handle tasks across security operations. This shift creates new opportunities for security teams but also introduces new risks. Google Cloud’s new report, The ROI of AI 2025, shows that 52% of organizations using generative AI have moved to agentic AI. These agents are more than chatbots. They can make decisions, execute tasks, and interact with other systems under human oversight. For CISOs, this means security includes managing the behavior and outputs of autonomous systems that directly affect business processes."
        https://www.helpnetsecurity.com/2025/09/10/google-ai-security-roi/
      • CISOs, Stop Chasing Vulnerabilities And Start Managing Human Risk
        "Breaches continue to grow in scale and speed, yet the weakest point remains unchanged: people. According to Dune Security’s 2025 CISO Risk Intelligence Survey, over 90 percent of incidents still originate from user behavior rather than technical flaws. The survey results show that attackers have shifted their methods and that enterprise defenses are struggling to keep pace."
        https://www.helpnetsecurity.com/2025/09/10/ciso-human-centric-risk/
      • Hackers Left Empty-Handed After Massive NPM Supply-Chain Attack
        "The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but the attacker made little profit off it. The attack occurred earlier this week after maintainer Josh Junon (qix) fell for a password reset phishing lure and compromised multiple highly popular NPM packages, among them chalk and degub-js, that cumulatively have more than 2.6 billion weekly downloads. After gaining access to Junon’s account, the attackers pushed malicious updates with a malicious module that stole cryptocurrency by redirecting transactions to the threat actor."
        https://www.bleepingcomputer.com/news/security/hackers-left-empty-handed-after-massive-npm-supply-chain-attack/
        https://www.wiz.io/blog/widespread-npm-supply-chain-attack-breaking-down-impact-scope-across-debug-chalk
        https://www.securityalliance.org/news/2025-09-npm-supply-chain
        https://www.darkreading.com/application-security/huge-npm-supply-chain-attack-whimper
        https://cyberscoop.com/open-source-npm-package-attack/
        https://www.securityweek.com/highly-popular-npm-packages-poisoned-in-new-supply-chain-attack/
      • Maturing The Cyber Threat Intelligence Program
        "The familiar idiom “walk before you run” summarizes a fundamental truth about skill acquisition: you must master certain foundational capabilities before you can successfully execute more complex activities. This principle applies universally, from learning a new sport to developing highly specialized technical skills. Any area will have foundational skills, activities that anyone competent in the domain can perform, and characteristics that show that an individual (or team) has reached the highest levels of mastery. Capability maturity models (CMMs) outline the hierarchy of skills and activities that may be required within a particular area. The capabilities and characteristics are listed for teams of different levels of maturity operating within a domain. These descriptions can be used to evaluate the current level of a team or to identify the capabilities that must be acquired in order to improve."
        https://blog.talosintelligence.com/maturing-the-cyber-threat-intelligence-program/
      • The Quiet Revolution In Kubernetes Security
        "Security in Kubernetes often feels like a battle fought with legacy assumptions. Even as we push toward ephemeral workloads and container-native applications, most organizations still anchor their clusters on traditional, bloated base operating systems (Ubuntu, CentOS, RHEL), with all the complexity and risk that comes with them. The prevailing security tooling expects (and, in many cases, requires) a shell, a mutable file system, and a general-purpose OS that can run arbitrary agents and scripts. This legacy assumption bleeds into everything: monitoring tools, vulnerability scanners, compliance checks, and even incident response playbooks. Ironically, it also creates an attack surface that contradicts the very security goals these tools aim to achieve."
        https://www.darkreading.com/vulnerabilities-threats/quiet-revolution-kubernetes-security
      • Ransomware Payments Plummet In Education Amid Enhanced Resiliency
        "Ransomware demands and payments have plummeted in the education sector in the past year amid improved resilience and recovery capabilities, according to a new Sophos study. The average ransom demand issued by attackers to lower education providers fell by 74% compared to 2024, from $3.85m to $1.02m. The fall was even more significant in higher education, from $3.55m to $697,000, an 80% decline."
        https://www.infosecurity-magazine.com/news/ransomware-payments-plummet/
        https://www.sophos.com/en-us/whitepaper/state-of-ransomware-in-education
      • Mythical Beasts: Diving Into The Depths Of The Global Spyware Market
        "Lurking in the murky depths of the global marketplace for offensive cyber capabilities sits a particularly dangerous capability—spyware.1 Spyware’s danger stems from its acute contribution to human rights abuses and national security risks. Most recently, NSO Group, a notorious spyware vendor known to have contributed to the surveillance of journalists, diplomats, and civil society actors across the globe, was fined $168 million in punitive damages by a US court for targeting WhatsApp’s infrastructure with Pegasus spyware. This most recent case reasserts the threat of spyware proliferation to national security and human rights. These risks and harms, coupled with a lack of market transparency, demand ongoing attention to the market’s structure and how actors circumvent accountability."
        https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/mythical-beasts-diving-into-the-depths-of-the-global-spyware-market/
        https://www.atlanticcouncil.org/in-depth-research-reports/report/mythical-beasts-and-where-to-find-them-mapping-the-global-spyware-market-and-its-threats-to-national-security-and-human-rights/
        https://therecord.media/us-investors-in-spyware-tripled-in-2024
      • CISA Presents Vision For The Common Vulnerabilities And Exposures (CVE) Program
        "The Cybersecurity and Infrastructure Security Agency (CISA) released CISA Strategic Focus: CVE Quality for a Cyber Secure Future. The detailed roadmap identifies priorities that will elevate the program to meet the needs of the global cybersecurity community. The roadmap and priorities are informed by feedback the agency received from a broad spectrum of domestic and international partners and CISA’s years of program sponsorship. It marks the transition from the CVE Program’s Growth Era to its Quality Era, a strategic focus that will enhance trust, boost responsiveness and improve the caliber of vulnerability data."
        https://www.cisa.gov/news-events/news/cisa-presents-vision-common-vulnerabilities-and-exposures-cve-program
        https://www.cisa.gov/resources-tools/resources/cisa-strategic-focus-cve-quality-cyber-secure-future
      • Students Pose Inside Threat To Education Sector
        "K-12 institutions face an onslaught of attacks, especially ones attributed to ransomware gangs. But insider threats are just as prevalent—and they often originate from students. Today's K-12 students grew up with technology at their fingertips. They know how to watch videos, play games, scroll social media, communicate with friends, and create content. They also know how to hack. And they're using that skill to circumvent schools' security protocols."
        https://www.darkreading.com/insider-threats/students-inside-threat-education-sector

      อ้างอิง
      Electronic Transactions Development Agency(ETDA) 3ace2838-b82a-474c-844f-17b772d1976f-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post