Associate Professor Michael Tsikerdekis will spend 6 months in Greece in 2025 to research implementing a version of the Public Infrastructure Security Cyber Education System (PISCES) at the University of Macedonia, Thessaloniki, Greece, working with professor Ioannis Mavridis.

PISCES is a U.S.-based non-profit corporation and program supported by various organizations such as the Department of Homeland Security, state governments, and industry partners to provide free security monitoring to municipalities and boost the education of cybersecurity students.

The goal is to understand the challenges of jump-starting such a program and provide training and support. This also includes studying how students learn to perform as cybersecurity analysts when monitoring real-world traffic. Research on how to effectively prepare the new generation of cybersecurity professionals to address the cybersecurity job gap and build bridges across the two countries is a larger long-term objective of this project.

The Fulbright U.S. Scholar Program, which is the U.S. government’s flagship program of international educational and cultural exchange, sends approximately 800 American scholars and professionals each year to approximately 130 countries. In these nations, they deliver lectures and/or engage in research across a diverse range of academic and professional discipline.

(This article was originally published on Statescoop)

The city of Beckley has said it’s still working to identify what data has been affected and how much of an impact that the incident has had on its system, which helps govern a population of roughly 17,000 people. Officials have not declared if it’s a ransomware attack or which group is behind the incident.

“We are working diligently to investigate the source of the incident, confirm the incident’s full scope and impact, and identify whether data may be impacted,” the statement reads.

The cyberattack is one of the first against local governments in 2024, following a year full of cyberattacks targeting all levels of government, including many local governments across the U.S.

In the heart of Big Sky Country, a new chapter in cybersecurity education is unfolding at the University of Montana

Inside the scenic halls of University Center, a small team is emerging, ready to tackle the digital frontiers in partnership with Public Infrastructure Security Cyber Education System (PISCES)- the pioneering organization at the forefront of data security training.

Ford Powers, a representative from PISCES and Pacific Northwest National Laboratory (PNNL), has been collaborating with a team inside the University of Montana (UMT) Security Operations Center (SOC) to officially launch the PISCES program at the university. PISCES offers no-cost cybersecurity monitoring to small local governments. Simultaneously, their innovative approach utilizes metadata and alerts collected from those networks as “live fire” curriculum, engaging with over 20 colleges and universities across the country to train the next generation of cybersecurity network analysts – the 10th-fastest growing job in the country.

The UMT team is composed of Jace, the SOC manager, and his diligent student interns, Phoebe and Ryan.

Beginning with the basics, the students and staff began navigating the PISCES stack, ticket-management in MantisBT, and data mining in Kibana. Armed with newfound knowledge, they delved deeper into the intricate dance of security analysis, deciphering the cryptic messages hidden within the PISCES communities.

In the midst of the hundreds of thousands of alerts, Phoebe’s keen eye caught something interesting and she raised a question— why does this particular alert contain a JA3 Hash bearing the ominous moniker Trojan.AndroidOS.Jocker? The team began to unravel the digital threads, uncovering a theoretical clandestine presence lurking within the particular community’s network. It was a moment of revelation, as Phoebe and Ryan realized they had very well stumbled upon their maiden discovery— a potential threat of the highest order.

Together, they meticulously pieced together the puzzle, researching quickly but thouroughly, ultimately working with the staff to contact the community and alert them to the potential threat that loomed within their midst. Days later, a response echoed back, confirming their suspicions— a rogue Android tablet had been identified within the community’s Water Treatment Plant network, a silent sentinel harboring unseen dangers.

With the stage set, a PISCES’ oversight analyst, stepped into the fray, guiding the community through the labyrinth of verifying and remediating this threat. Through a delicate dance of investigation and collaboration, the true nature of the risk was finally identified— a quirk in the tablet’s installed apps was now secure and the observed alert was removed from this communities’ critical infrastructure.

This is just a small example of the critical work happening at schools around the nation participating in the PISCES program. Partnering together with communities and students, forging ahead into the digital unknown, where each discovery brings them one step closer to securing the future of Montana and the nations’ cyber landscape.

PISCES: infrastructure protection, work force development, research.

Find out more about PISCES at piscesintl.wpenginepowered.com.

This advisory is for organizations that use Veeam ONE to monitor virtual infrastructure, backup infrastructure, and data protection environments. If your organization does not use this platform, this notification may be discarded.

Summary
Veeam has released hotfixes to address four vulnerabilities, two of them critical, present in the Veeam ONE platform. The first critical vulnerability may allow an unauthenticated user to gain information about the SQL server connection that Veeam ONE uses to access its configuration data base, introducing the potential for an attacker to perform remote code execution on the SQL server hosting the database.

The second critical vulnerability may be leveraged to leak the NTLM hash of the account used by the Veeam ONE Reporting Services to an unprivileged user with access to the UI.

CVE-2023-38547 – This unspecified flaw could be exploited by an unauthenticated user to gain information about the SQL server connection used by Veeam ONE to access its configuration database. CVSSv3: 9.9

CVE-2023-38548 – Vulnerability that could allow an unprivileged user with access to the Veeam ONE Web Client to obtain the NTLM hash of the account used by the Veeam ONE Reporting Service. CVSSv3: 9.8

Affected Products/Versions
Veeam ONE 11, 11a, 12

Mitigations
A Hotfix to resolve these vulnerabilities is available for:

1. Veeam ONE 12 P20230314 (12.0.1.2591)
2. Veeam ONE 11a (11.0.1.1880)
3. Veeam ONE 11 (11.0.0.1379)

To apply the hotfix, admins must stop the Veeam ONE monitoring and reporting services on impacted servers, replace the files on the disk with the files provided by the hotfix, and restart the services to deploy the fixes.

Hotfixes
https://www.veeam.com/kb4508#:~:text=Download%20Hotfix%20That%20Matches%20Installed%20Build%20Number

Additional Resources
https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-bugs-in-veeam-one-monitoring-platform/ https://www.veeam.com/kb4508

(This article was originally published on MSU Denver)

For sophisticated hackers, small government agencies and local institutions can seem like sitting ducks. And while the federal government and major corporations all have generous budgets to fund monitoring and protection, most smaller organizations and civic institutions simply do not.

“Colorado has many huge rural counties, way distant from cities, that have zero budget, expertise or practical means of providing protection from hackers,” said Richard Mac Namee, director of the Cybersecurity Center at Metropolitan State University of Denver.

That’s a big problem. Cybercrime accounts for a jaw-dropping amount of money — it’s predicted to reach a global cost of $8 trillion this year — and the threat is only growing. Fortunately, the PISCES (Public Infrastructure Security Cyber Education System) program at MSU Denver has found a solution. The University’s Cybersecurity program supports 10 “customers,” including school districts, county governments and a fire department.

Through PISCES, student analysts provide a monitoring service, and when they spot anything suspicious, they escalate it immediately to the National Cybersecurity Center. The Colorado Springs-based nonprofit, which promotes cybersecurity innovation, education and workforce development, then passes on details of the security concern. Mac Namee says it’s fast, efficient and remarkably effective.

“Smaller organizations desperately want help right now to protect their systems, while students training to be cyberanalysts absolutely need experience working with real data,” explained Mac Namee. “Put them together, and everyone wins.”

Expanding program

Program supporters say the beauty of PISCES, which originated in Washington state before coming to Colorado, lies in the simplicity of its central premise: pairing organizations that lack any digital protection with Cybersecurity students who crave experience in a live working environment.

Although successful, PISCES has operated at a modest level. Mac Namee sees the program’s potential to help many more organizations on a much broader scale.

“The current risk level is the highest I’ve seen in five years,” Mac Namee said. “The introduction of AI, in particular, has meant even novice hackers can now weaponize advanced tech for serious attacks. We’re at a turning point, where immediate action is necessary.”

Others are recognizing the growing threat and the potential of PISCES to address it. Last month, the Colorado Attorney General’s Office awarded the program $500,000 to expand across the state over the next two years, with the potential for another $250,000 in 2025.

Attorney General Phil Weiser said PISCES will create more jobs in the cybersecurity field and recruit participants from rural communities into this good-paying profession.

“And all the while, it will be protecting Colorado residents from cybersecurity threats,” he said.

A proactive approach

One of the organizations benefiting from the students’ help is West Metro Fire Rescue. And the department’s IT director, Eric Bates, said the program has been a runaway success.

“The vast amount of data generated by our systems had been posing a real challenge to us,” Bates said. “But fortunately, PISCES and MSU Denver came to our aid with a game-changing solution that has fundamentally improved our cybersecurity operations.”

Bates has been impressed by the students’ cutting-edge knowledge and fresh perspectives. But most of all, he is struck by their proactive approach to detecting and responding to potential security threats.

“They have shown real skill and dedication in handling our difficult work and often uncover anomalies that our other threat-response services might miss,” he said.

Hands-on experience

Among the biggest winners from the program have been MSU Denver’s Cybersecurity students, whose overall learning experience has vaulted to a whole new level.

“Working with the PISCES program means we get to apply all the concepts we learned in class within a realistic but guided setting and then refine them through continual practice,” said Monica Ball, a Cybersecurity student. “There’s nothing like getting hands-on experience of everything we’ve learned, such as analyzing workflow, contextualizing alerts and judging search parameters, then putting it all together under real-life circumstances. It’s a really cool way to hone your cyberanalysis skills.”

Crucially, Ball added, the program also helps the students demonstrate to potential future employers that they’re made of the right stuff.

“Most employers are looking for graduates with a degree and relevant experience in the field,” Ball said. “Working with PISCES not only boosts our confidence; it also gives us something tangible to discuss in interviews and makes us way more hireable.”

Ready for action

By immersing students in real-world scenarios and setting them to work on reams of live data (and malicious threats), PISCES makes sure they’re primed to tackle challenges in the workplace.

That’s also why Mac Namee is looking to recruit more MSU Denver Cybersecurity students and graduates to join the PISCES program. He knows it’s a unique opportunity for them.

“With cybersecurity, you essentially only really learn by doing,” he said. “And believe me, nothing teaches a student faster than getting thrown into the metaphorical deep end during live situations.”

Although there is a huge demand for cybersecurity professionals (3.5 million job vacancies worldwide, in fact), Mac Namee points out that employers are emphatically looking for students who have also earned their stripes in the real world.

“On its own, a four-year Cybersecurity degree doesn’t necessarily make you workforce-ready,” he said. “You also need the kind of real live experiences that you’ll only get from internships, work placements or opportunities such as the PISCES program.”