惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Hacker News: Ask HN
Hacker News: Ask HN
N
News and Events Feed by Topic
Forbes - Security
Forbes - Security
The Last Watchdog
The Last Watchdog
TaoSecurity Blog
TaoSecurity Blog
Schneier on Security
Schneier on Security
SecWiki News
SecWiki News
V
Vulnerabilities – Threatpost
Project Zero
Project Zero
O
OpenAI News
W
WeLiveSecurity
Security Archives - TechRepublic
Security Archives - TechRepublic
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
H
Hacker News: Front Page
Cisco Talos Blog
Cisco Talos Blog
Spread Privacy
Spread Privacy
Help Net Security
Help Net Security
P
Privacy & Cybersecurity Law Blog
K
Kaspersky official blog
S
Security @ Cisco Blogs
Latest news
Latest news
AWS News Blog
AWS News Blog
U
Unit 42
Martin Fowler
Martin Fowler
阮一峰的网络日志
阮一峰的网络日志
S
Secure Thoughts
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Know Your Adversary
Know Your Adversary
Scott Helme
Scott Helme
博客园 - 司徒正美
B
Blog RSS Feed
C
Check Point Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
D
Docker
Google Online Security Blog
Google Online Security Blog
Jina AI
Jina AI
aimingoo的专栏
aimingoo的专栏
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Last Week in AI
Last Week in AI
月光博客
月光博客
C
CXSECURITY Database RSS Feed - CXSecurity.com
S
SegmentFault 最新的问题
NISL@THU
NISL@THU
T
The Blog of Author Tim Ferriss
C
Cisco Blogs
Attack and Defense Labs
Attack and Defense Labs
小众软件
小众软件

GRAHAM CLULEY

Anubis ransomware: what you need to know Smashing Security podcast #476: Remote-control rickshaws and rogue book marketers The ransomware negotiator who was working for the other side Invited to a "job interview" with Netflix or OpenAI? Beware! Your Google password could be at risk Smashing Security podcast #475: JadePuffer - the AI that ran a ransomware attack all by itself Two arrested over credit card phishing - as the Netherlands is named Europe's worst for payment fraud The Gentlemen ransomware: what you need to know Smashing Security podcast #474: Polymarket can predict the future. So how did it miss this hack? Scammers race to cash in on Venezuelan earthquake disaster USB drives carrying China-linked malware infected Japanese military networks for nearly a year Smashing Security podcast #473: How a hacker could have Rickrolled the entire World Cup Hacker hijacks Brazil's national alert system, sending "misanthropy" to millions of phones Apple's Hide My Email tweak leaves privacy fans fuming Imposter scams cost Americans $3.5 billion in 2025 – and it’s getting worse Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed Maine forced to take down data breach portal after fake notices filed with authorities Privacy own-goal: World Cup blunder leaks Lionel Messi's passport details Silent Ransom Group: what you need to know Smashing Security podcast #471: This AI worm just rewrote its own rules Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5 Meta’s own AI chatbot to blame for Instagram accounts being stolen in seconds Smashing Security podcast #470: This AI security flaw might be impossible to fix Police arrest man following hack of Ajax football club MyPillow listed on ransomware gang's leak site, but denies it has been breached Smashing Security podcast #469: What your Oura ring won’t tell you FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts — no password required Defenders fall behind, as AI rewrites the rules of a data breach Smashing Security podcast #468: High-speed train hacks and homicidal lawnmowers FBI warns students and staff that ShinyHunters may come knocking after Canvas breach Suspected Dream Market kingpin arrested after gold bars sent to his home address When ransomware gets physical: cybercriminals turn to threats of violence Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities One in eight UK workers has sold their company passwords, and bosses think it’s fine Inside Department 4: Russia's secret school for hackers Sri Lanka makes 37 arrests as it raids another scam centre Smashing Security podcast #466: Meta sees everything, Copy Fail, and a deepfake gets hired Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions Alleged Silk Typhoon hacker extradited to the United States to face charges French police arrest 21-year-old "HexDex" hacker over 100 alleged data breaches Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not Singer loses life savings to fake wallet downloaded from the Apple App Store Sometimes changing the password on your email mailbox isn’t enough 108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users AI and cryptocurrency scams are costing Americans billions, FBI reports Life imprisonment for Cambodian scam compound operators - but will it make a difference? Nigerian romance scammer jailed after being caught out by fellow fraudster Alleged RedLine malware developer extradited to United States Iranian hackers breach FBI director's personal email, and post his CV and photos online World Leaks data extortion: What you need to know How one man used 10,000 bots to steal $8,000,000 from music artists Denver's crosswalks hacked to broadcast anti-Trump messages LeakNet ransomware: what you need to know Free parking in Russia after Distributed Denial-of-Service attack knocks city's parking system offline Fraudsters are using public planning records to target permit applicants Your Signal account is safe - unless you fall for this trick Twitter suspended 800 million accounts last year — so why does manipulation remain so rampant? How hackers bypassed MFA with a $120 phishing kit - until a global takedown shut it down They seized $4.8m in crypto... then gave the master key to the internet
Why schools remain one of cybercriminals' favourite targets
Graham CLULEY · 2026-06-10 · via GRAHAM CLULEY

Schools on both sides of the Atlantic have been revealed in recent days to have been hit by hackers, reminding all of us that ransomware gangs see educational instituions as targets all year round.

Evanston Township High School (ETHS), located approximately 14 miles north of Chicago, says it was hit by a ransomware attack on Sunday, June 7 2026.

The school closed its campus entirely on Monday and Tuesday, cancelling summer school classes, sports camps, and all other on-campus activities.

According to an advisory published by the school, the attack knocked out not only ETHS's computer systems, internet services, and phone lines - but also what it described as "critical systems needed to safely operate the building", including door access controls, and public address systems.

It was these safety systems going offline that forced the closure, according to the high school:

"Without these systems fully operational, we cannot safely run school, sports camps, or other on-campus activities."

The school district says it has notified the FBI, locked down all staff accounts as a precaution, and called upon the services of external cybersecurity experts in its attempt to rebuild its systems safely.

Employees have been told not to touch their PCs until cleared by IT, and to not reuse old passwords. Among the systems taken offline is Home Access Center, a student portal powered by PowerSchool.

If that name is familiar to you, it may because you remember that PowerSchool suffered a serious cybersecurity breach in 2024, which saw the records of tens of millions of students and teachers exposed. The current incident at ETHS is not believed to be linked to the 2024 PowerSchool breach.

No ransomware group has claimed responsibility for the attack against ETHS, and it is not known if any personal data has been exfiltrated by cybercriminals. The school is, however, expecting to reopen on Wednesday June 10, once emergency systems are properly restored.

Just says before the attack in the United States, Powys County Council in Wales disclosed that 13 of its own schools had suffered at the hands of hackers.

The attack, which was first identified in April but was not made public for another two months, has not resulted in the closure of any schools, but it has been confirmed that the personal data of pupils and staff at at least one school was accessed.

Citing the "sensitive nature" of the exposed data, Powys County Council has declined to name the affected academic establishments. Instead, it says it is "contacting affected individuals directly where necessary and providing advice on steps they can take to protect themselves."

The sad truth is that schools are attractive targets to cybercriminals. They store sensitive data about children, and run on tight budgets with limited resources when it comes to cybersecurity defence.

And, as is demonstrated by the closure of ETHS, schools often rely upon networked systems for everything from the platforms used to teach pupils to providing physical access controls.

Meanwhile, schools don't just face serious threats from organised criminal gangs but also from within their own walls. The UK's Information Commissioner's Office warned last year that schools face a considerable threat from their own pupils unlawfully accessing computer systems with malicious intent.

The education sector knows it is a soft target for cybercriminals, which makes it all the more important that it is given the funds and expertise to properly defend itself.