2006 - Information Management Today

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Krebs on Security

SEPTEMBER 1, 2021

org was originally registered in 2006 to “ Corpse ,” the handle adopted by a Russian-speaking hacker who gained infamy several years prior for creating and selling an extremely sophisticated online banking trojan called A311 Death , a.k.a. Between 2003 and 2006, Corpse focused on selling and supporting his Haxdoor malware.

Sales

Sales Passwords Marketing IT

OWASP discloses a data breach

Security Affairs

APRIL 1, 2024

The incident impacted OWASP members from 2006 to around 2014 who provided their resumes as part of joining OWASP. “OWASP collected resumes as part of the early membership process, whereby members were required in the 2006 to 2014 era to show a connection to the OWASP community.

Data breaches

Data breaches Archiving Security Risk

Threat actors offer for sale data for 50 millions of Moscow drivers

Security Affairs

OCTOBER 24, 2021

Stolen data spans from 2006 and 2019, local media outlets have confirmed their authenticity. “The cybercriminals put up for sale for $ 800 a database of 50 million lines with the data of drivers that were registered in Moscow and the Moscow region from 2006 to 2019.

Sales

Sales Insurance Analytics Authentication

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

'SinkClose' AMD CPU vulnerability explained: How dangerous is it really?

Collaboration 2.0

AUGUST 14, 2024

The flaw endangers essentially all - yes, all - AMD processors made since 2006, but it threatens servers, data centers, and clouds more than the PC in front of you. Here's what you need to know and what you can do about it.

IT

IT Cloud

Attacks against SolarWinds Serv-U SW were possible due to the lack of ASLR mitigation

Security Affairs

SEPTEMBER 2, 2021

SolarWinds did not enable anti-exploit mitigation available since 2006 allowing threat actors to target SolarWinds Serv-U FTP software in July attacks. Software vendor SolarWinds did not enable ASLR anti-exploit mitigation that was available since the launch of Windows Vista in 2006, allowing the attackers to launch targeted attacks in July.

Libraries

Libraries Security Access IT

MI5 seized Boris Johnson’s phone over security risk fears

Security Affairs

JUNE 21, 2021

In April, media reported that Boris Johnson ‘s personal mobile phone number has been freely available on the internet for the past 15 years after it was published in a think tank press release in 2006, but never deleted. ” reported the DailyMail.

Risk

Risk Security Government Access

Urgent: Patch Fixed, Reintroduced OpenSSH Bug, Says Qualys

Data Breach Today

JULY 1, 2024

The flaw is an accidental repeat of a flaw patched in 2006. Over 14 Million Servers May Be Affected by Bug First Fixed Decades Ago More than 14 million servers may be affected by a regressed vulnerability in a remote server management and file transfer tool that can allow hackers to completely take over the affected systems.

Crooks target US universities with malware used by nation-state actors

Security Affairs

APRIL 26, 2020

Hupigon is a remote access Trojan (RAT) that has been active since at least 2006, it was first detected by FireEye in 2010. The malicious code employed in the attacks is the Hupigon RAT , a RAT previously spotted in campaigns carried out by China-linked APTs such as APT3 (aka TG-0100 , Buckeye , Gothic Panda , and UPS).

Phishing

Phishing Education Access Cybersecurity

Critical unauthenticated remote code execution flaw in OpenSSH server

Security Affairs

JULY 1, 2024

The flaw was introduced with the fix for another vulnerability, tracked as CVE-2006-5051. Notably, over 0.14% of these vulnerable instances are running an End-Of-Life/End-Of-Support version of OpenSSH.

Risk

Risk IT Security Information Security

The 3 Pillars of Australia's New AML/CTF Compliance Framework

Data Breach Today

MARCH 27, 2025

NAB's Anthony Hope on How Banks Are Preparing for the March 2026 Deadline Australia's anti-money laundering and counter-terrorism financing legislation is undergoing its first major revision since 2006. Anthony Hope, group head of AML, CTF and fraud risk at NAB, explains what this "generational change" means for financial institutions.

Compliance

Compliance Risk IT

OpenSubtitles data breach impacted 7 million subscribers

Security Affairs

JANUARY 23, 2022

The hack is the result of poor cyber security since its launch in 2006, administrator OSS said. Administrators of the website agreed to pay the ransom due to the low amount, but after receiving the ransom, the attackers never helped them to secure the website and on 11 January 2022 they leaked the data online.

Data breaches

Data breaches Passwords Access Security

NASA data breach – The agency notifies employees of a security intrusion

Security Affairs

DECEMBER 19, 2018

The Space Agency confirmed that the breach may impact NASA Civil Service employees on-boarded, separated from the agency, or transferred between centers from July 2006 to October 2018.

Data breaches

Data breaches Security Cybersecurity Information Security

Experts found three new 15-year-old bugs in a Linux kernel module

Security Affairs

MARCH 13, 2021

The flaws were present in the component since it was being developed in 2006. The Small Computer Systems Interface defined both a parallel I/O bus and a data protocol to connect a wide variety of peripherals (disk drives, tape drives, modems, printers, scanners, optical drives, test equipment, and medical devices) to a host computer.

Security

Security Risk Access IT

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

JANUARY 23, 2022

CVE Number CVE Title Required Action Due Date CVE-2021-32648 October CMS Improper Authentication 2/1/2022 CVE-2021-21315 System Information Library for node.js

CMS

CMS IT Authentication Libraries

Crooks target US universities with malware used by nation-state actors

Security Affairs

APRIL 26, 2020

Hupigon is a remote access Trojan (RAT) that has been active since at least 2006, it was first detected by FireEye in 2010. The malicious code employed in the attacks is the Hupigon RAT , a RAT previously spotted in campaigns carried out by China-linked APTs such as APT3 (aka TG-0100 , Buckeye , Gothic Panda , and UPS).

Phishing

Phishing Education Access Cybersecurity

500M Avira Antivirus Users Introduced to Cryptomining

Krebs on Security

JANUARY 8, 2022

Founded in 2006, Avira Operations GmbH & Co. Avira Crypto. KG is a German multinational software company best known for their Avira Free Security (a.k.a. Avira Free Antivirus). In January 2021, Avira was acquired by Tempe, Ariz.

Mining

Mining Privacy IT Security

Checkmarx Snags Ex-Tricentis CEO Sandeep Johri as New Leader

Data Breach Today

FEBRUARY 28, 2023

Johri Replaces Emmanuel Benzaquen, Who Has Led the App Security Company Since 2006 For the first time in its 17-year history, application security vendor Checkmarx will have a new leader.

Security

Security IT

RIP Mark Klein

Schneier on Security

MARCH 13, 2025

2006 AT&T whistleblower Mark Klein has died.

Privacy

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

In 2006, the researchers conducted a sabotage test with centrifuges, and President George Bush authorized the operation. Symantec researchers discovered that the Stuxnet code was updated over time, in May 2006 and in February 2007, when the Iran’s government began installing the centrifuges at Natanz.

Military

Military Manufacturing Access Security

A Light at the End of Liberty Reserve’s Demise?

Krebs on Security

FEBRUARY 14, 2020

” The government says from 2006 until the service’s takedown, Liberty Reserve processed an estimated 55 million financial transactions worth more than $6 billion, with more than 600,000 accounts associated with users in the United States alone.

Government

Government Phishing Access IT

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

According to iDefense, in 2006 the group was responsible for crafting a rootkit that took advantage of a zero-day vulnerability in Microsoft Word, and was used in attacks on “a large DoD entity” within the USA.

Government

Government Mining Big data Phishing

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Security Affairs

DECEMBER 21, 2018

According to the indictment , the alleged hackers targeted more than 45 companies and government agencies from 2006 to 2018 and stole “hundreds of gigabytes” of sensitive data and personal information from its targets.

Computer and Electronics

Computer and Electronics Healthcare Manufacturing Government

Roblox Game 'Hack-A-Cat' Now Part of the Free KnowBe4 Children’s Interactive Cybersecurity Activity Kit

KnowBe4

JANUARY 24, 2024

Roblox is an online virtual world/metaverse that has been around since 2006 that allows people to play with others and is super popular with young people. If you haven’t heard of Roblox, you probably don’t have kids like me.

Cybersecurity

Emissary Panda updated its weapons for attacks in the past 2 years

Security Affairs

MARCH 1, 2019

In 2018, Emissary Panda was observed using an updated version of the ZxShell RAT first developed in 2006 and whom code was released in 2007. The malware includes the well-known HTran packet redirection tool and was signed with digital certificates that were signed by Hangzhou Shunwang Technology.

IT

IT File names Financial Services Communications

NSA Attacks Against Virtual Private Networks

Schneier on Security

SEPTEMBER 17, 2018

A 2006 document from the Snowden archives outlines successful NSA operations against "a number of "high potential" virtual private networks, including those of media organization Al Jazeera, the Iraqi military and internet service organizations, and a number of airline reservation systems.".

Military

Military Archiving IT

Using Microsoft Powerpoint as Malware Dropper

Security Affairs

NOVEMBER 16, 2018

An external OLEobject (compatibility 2006) was available on that value: Target=”%73%63%72%49%50%54:%68%74%74%70%73%3A%2F%2F%61%2E%64oko%2Emo%65%2Fwr%61%65o%70%2E%73%63%74″ . Analyzing the Microsoft Powerpoint structure it rises on my eyes the following slide structure. Stage 1: Microsoft PowerPoint Dropping Website.

Computer and Electronics

Computer and Electronics File names Security IT

Russians Shut Down Huge Card Fraud Ring

Krebs on Security

MARCH 26, 2020

In 2006, Stroganov and an associate Gerasim Silivanon (a.k.a. The post claimed that among those apprehended was the infamous cybercriminal Alexey Stroganov, who goes by the hacker names “Flint” and “Flint24.”

Retail

Retail Insurance Cybersecurity Data breaches

New Jive Offering: Clearspace becomes 'SBS'

Collaboration 2.0

MARCH 9, 2009

From origins as a forums and instant messenger vendor, Jive launched ‘Clearspace‘, a single application with wikis, blog, discussions, instant messaging, rss, email integration and files into spaces organized by topic in 2006. This in turn [.]

IT

Needless Panic Over a Wi-FI Network Name

Schneier on Security

DECEMBER 1, 2017

In 2006, I wrote an essay titled " Refuse to be Terrorized." (I A Turkish Airlines flight made an emergency landing because someone named his wireless network (presumably from his smartphone) "bomb on board.". I am also reminded of my 2007 essay, " The War on the Unexpected."

IT

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security Affairs

JULY 30, 2019

This timespan might be even longer, as according to Wind River, three of the vulnerabilities were already existent in IPnet when it acquired the stack from Interpeak in 2006.” ” Researchers explained that the VxWorks OS implements some optional mitigations that could make it hard the exploitation of the above vulnerabilities.

Risk

Risk IoT Security Communications

A very brief history of cloud computing

DXC Technology

FEBRUARY 18, 2020

You can argue over when cloud computing really began, but one good starting point is 2006 when then Google CEO Eric Schmidt said at a conference: “I don’t think people have really understood how big this opportunity really is. It starts with the premise that the data services and architecture should be on servers. We call […].

Cloud

Cloud IT

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

AUGUST 6, 2020

In 2006, The Washington Post reported that a group of five men used stolen or illegally created accounts at LexisNexis subsidiaries to lookup SSNs and other personal information more than 310,000 individuals. Also in 2013, KrebsOnSecurity broke the news that ssndob[.]ms Dun & Bradstreet , and Kroll Background America Inc.

Insurance

Insurance Communications Authentication Access

When Your Smart ID Card Reader Comes With Malware

Krebs on Security

MAY 17, 2022

“The Army Reserve started using CAC logon in May 2006,” Danberry wrote on his “About” page. His site has even been officially recommended by the Army (PDF). Mark shared emails showing Saicoo itself recommends militarycac.com. Image: Militarycac.com. I thought Why stop there?

Government

Government Military Access Security

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

From 2006 to 2012, Kislitsin was editor-in-chief of “ Hacker ,” a popular Russian-language monthly magazine that includes articles on information and network security, programming, and frequently features interviews with and articles penned by notable or wanted Russian hackers. “The company is monitoring developments.”

Cybersecurity

Cybersecurity Passwords Government Security

How we ended up in an era of intentional ignorance

WIRED Threat Level

DECEMBER 27, 2017

Here’s a six-month old essay about online media that resonated with me for a couple of reasons.

Education

Education IT

Half a million of us want to donate our data to British science, but it’s languishing unused because of privacy fears | Polly Toynbee

The Guardian Data Protection

OCTOBER 17, 2023

Back in 2006, with half a million others aged between 40 and 69, I signed up to this magnificent project, the world’s most advanced genetic database. They took blood, saliva and urine, measured bone density and made notes on exercise, alcohol and family history, with social class, ethnicity, education, employment and income included.

Education

Education Sales Privacy IT

Predictions 2012: The Roundup

John Battelle's Searchblog

JANUARY 9, 2012

2006 Predictions. 2006 How I Did. Related: Predictions 2011. 2011: How I Did. Predictions 2010. 2010: How I Did. 2009 Predictions. 2009 How I Did. 2008 Predictions. 2008 How I Did. 2007 Predictions. 2007 How I Did. 2005 Predictions. 2005 How I Did. 2004 Predictions. 2004 How I Did.

IT

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Prior to that, akafitis@gmail.com was used as the email address for the account “ Fitis ,” which was active on Exploit between September 2006 and May 2007. Intel 471 shows akafitis@gmail.com was used to register another O.R.Z. user account — this one on Verified[.]ru ru in 2008. account on Carder[.]su su from 2008.

Healthcare

Healthcare Passwords Sales Ransomware

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

Cyber intelligence firm Intel 471 found that Internet address also was used to register the account “Nordex” on the Russian hacking forum Exploit back in 2006. That Bankir account was registered from the Internet address 193.27.237.66 Constella tracked another Bankir[.]com

Marketing

Marketing Passwords Government Military

Fears over DNA privacy as 23andMe goes public in deal with Richard Branson

The Guardian Data Protection

FEBRUARY 9, 2021

Launched in 2006, 23andMe sells tests to determine consumers’ genetic ancestry and risk of developing certain illnesses, using saliva samples sent in by mail. Related: Your DNA is a valuable asset, so why give it to ancestry websites for free?

Privacy

Privacy Cybersecurity Risk IT

Adapture Attains AWS Service Delivery Provider Status

Adapture

MARCH 6, 2025

About AWS Founded in 2006, AWS is the leading cloud provider globally with clients that range across all sizes and industries. The term elastic comes from the way users can create, launch and terminate instances as needed, paying by the second. An AWS EC2 Partner helps clients maximize security, agility and cost efficiency.

Cloud

Cloud Marketing Security IT

Videoconferencing saves the NSW justice system an estimated $6.5 million in 2006/07

ChiefTech

SEPTEMBER 23, 2008

The NSW Attorney General reports that the use of videoconferencing in the NSW justice system is increasing and saved an estimated $6.5 million in remote witness and prisoner transportation costs during the last financial year.

Communications

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

One of the domains registered in 2006 to the address unforgiven57@mail.ru According to DomainTools, the Unforgiven email address was used to register roughly a dozen domains, including three that were originally registered to Keren’s email address — pepyak@gmail.com (e.g., antivirusxp09[.]com). was thelib[.]ru

e-Delivery

e-Delivery Passwords Cybersecurity Sales

MY TAKE: DigiCert and Oracle partner to extend digital trust and scalable infrastructure globally

The Last Watchdog

MAY 9, 2023

Amazon had introduced Amazon Web Services in 2006 and Microsoft Azure became commercially available in 2010. This ultimately resulted in the 2020 roll out of DigiCert ONE, a new platform of tools and services aimed at “embedding digital trust across the board within the enterprise and between all parts of the cloud ecosystem,” Chauhan says.

Cloud

Cloud Digital transformation Military Retail

15-Year-Old Malware Proxy Network VIP72 Goes Dark

OWASP discloses a data breach

Webinars

Trending Sources

Threat actors offer for sale data for 50 millions of Moscow drivers

Webinars

'SinkClose' AMD CPU vulnerability explained: How dangerous is it really?

Attacks against SolarWinds Serv-U SW were possible due to the lack of ASLR mitigation

MI5 seized Boris Johnson’s phone over security risk fears

Urgent: Patch Fixed, Reintroduced OpenSSH Bug, Says Qualys

Crooks target US universities with malware used by nation-state actors

Critical unauthenticated remote code execution flaw in OpenSSH server

The 3 Pillars of Australia's New AML/CTF Compliance Framework

OpenSubtitles data breach impacted 7 million subscribers

NASA data breach – The agency notifies employees of a security intrusion

Experts found three new 15-year-old bugs in a Linux kernel module

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

Crooks target US universities with malware used by nation-state actors

500M Avira Antivirus Users Introduced to Cryptomining

Checkmarx Snags Ex-Tricentis CEO Sandeep Johri as New Leader

RIP Mark Klein

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

A Light at the End of Liberty Reserve’s Demise?

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Roblox Game 'Hack-A-Cat' Now Part of the Free KnowBe4 Children’s Interactive Cybersecurity Activity Kit

Emissary Panda updated its weapons for attacks in the past 2 years

NSA Attacks Against Virtual Private Networks

Using Microsoft Powerpoint as Malware Dropper

Russians Shut Down Huge Card Fraud Ring

New Jive Offering: Clearspace becomes 'SBS'

Needless Panic Over a Wi-FI Network Name

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

A very brief history of cloud computing

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

When Your Smart ID Card Reader Comes With Malware

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

How we ended up in an era of intentional ignorance

Half a million of us want to donate our data to British science, but it’s languishing unused because of privacy fears | Polly Toynbee

Predictions 2012: The Roundup

Ask Fitis, the Bear: Real Crooks Sign Their Malware

$10M Is Yours If You Can Get This Guy to Leave Russia

Fears over DNA privacy as 23andMe goes public in deal with Richard Branson

Adapture Attains AWS Service Delivery Provider Status

Videoconferencing saves the NSW justice system an estimated $6.5 million in 2006/07

Why Malware Crypting Services Deserve More Scrutiny

MY TAKE: DigiCert and Oracle partner to extend digital trust and scalable infrastructure globally

Stay Connected