2008 and Government - Information Management Today

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

MARCH 4, 2020

According to the firm, the US cyber spies are targeting various industry sectors and government agencies. The Qihoo 360 experts claim that a CIA hacking unit tracked as APT-C-39 has hacked organizations in the aviation, scientific research, oil, technology industries, it also targeted government agencies. Pierluigi Paganini.

Military

Military Government Security IT

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

Security Affairs

JULY 11, 2019

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. The second one, tracked as CVE-2019.0880, affects Windows 7 and Server 2008. The issue resides in the way splwow64 (Thunking Spooler APIs) handles certain calls. Pierluigi Paganini.

Government

Government Passwords IT Security

An archive with 20 Million Taiwanese? citizens leaked in the dark web

Security Affairs

MAY 29, 2020

According to the experts, the leak includes government data of an entire country, it was leaked online by a reputable actor that goes online with moniker ‘Toogod.”. The seller claims the database dates back as 2019, but Cyble researchers noted the last DOB record was from 2008. ” reads a post published by Cyble.

Archiving

Archiving Data breaches Government Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Too many issues in Pentagon networks expose it to cybersecurity risks

Security Affairs

JANUARY 15, 2019

related recommendations, dating as far back as 2008. The report also includes results from four classified reports and 20 unclassified reports that were drafted between July 1, 2017, and June 30, 2018, by the Government Accountability Office and DoD community. Additionally, as of September 30, 2018, there were 266 open cybersecurity?related

Risk

Risk Cybersecurity IT Government

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

million to settle a legal dispute for selling vulnerable software to the US government. Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. SecurityAffairs – Cisco, US Government). Pierluigi Paganini.

Government

Government Sales Access Security

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Security Affairs

JUNE 19, 2020

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2007 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations.

Security

Security Government IT Information Security

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Security Affairs

OCTOBER 13, 2021

The IronHusky APT has been active at least since 2017 when the group was spotted targeting Russian and Mongolian government entities, aviation companies, and research institutes.

Government

Government IT Security Access

Google dorks were the root cause of a catastrophic compromise of CIA’s communications

Security Affairs

NOVEMBER 5, 2018

Google queries allowed Iran Government to dismantle the CIA communication network used by its agents and kill dozens of tens of spies. In a 2012 incident in China, the Chinese government identified and killed 30 US spies. According to Yahoo ! ” reported Yahoo News. ” states the report.

Communications

Communications Government Security IT

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

has a business unit called Securence , which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. Some of the exposed emails dated back to 2008; others were as recent as the present day. The Minnesota-based Internet provider U.S. Internet Corp. ” U.S.

Education

Education Data breaches Government Security

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. ” DomainTools.com finds Ivan V.

Cloud

Cloud Education Government Communications

New Zealand Security Bureau halts Spark from using Huawei 5G equipment

Security Affairs

DECEMBER 3, 2018

According to New Zealand’s Government Communications Security Bureau, Huawei equipment for 5G infrastructure poses a “significant network security risk,” for this reason, it asked mobile company Spark to avoid using the equipment of the Chinese company. In 2008, New Zealand signed a free-trade deal with China.

Security

Security Government Communications Manufacturing

When Your Smart ID Card Reader Comes With Malware

Krebs on Security

MAY 17, 2022

government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level. government smart cards. government smart cards.

Government

Government Military Access Security

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

” The Lambert APT (aka Longhorn APT ) has been active since at least 2008, but its first samples were spotted in 2014. According to the firm, the US cyber spies are targeting various industry sectors and government agencies. Symantec believes Longhorn is a North American hacking group that has been active since at least 2011.

Government

Government Cybersecurity Education Security

Security Affairs newsletter Round 254

Security Affairs

MARCH 8, 2020

Karkoff 2020: a new APT34 espionage operation involves Lebanon Government. CIA Hacking unit APT-C-39 hit China since 2008. Iranian government blocked Wikipedia Farsi due Coronavirus outbreak. Russian spies are attempting to tap transatlantic undersea cables. $1B Nemty ransomware LOVE_YOU malspam campaign.

Security

Security Data breaches Ransomware Encryption

Government By Numbers: Some Interesting Insights

John Battelle's Searchblog

OCTOBER 28, 2011

Of course, were such a hypothesis true, one might imagine that the over percentage of GDP represented by government workers would have gone *down* over the past few decades. For example, check out this chart of what’s growing in our government, and what’s not: Aha! No wonder 2008 was such a (continuing) disaster.

Government

Government Education Military Financial Services

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

. “One of the adversaries noticed by our analysts was interesting because the attacker leveraged an older vulnerability for SharePoint (CVE-2019-0604) to exploit remotely unpatched servers (typically Windows Server 2008 and Windows Server 2012) and then implant a web shell to gain persistent access and code execution.”

Authentication

Authentication Passwords Access Security

GE's Enterprise Collaboration Backbone | ZDNet

Collaboration 2.0

JULY 17, 2008

GEs Enterprise Collaboration Backbone By Oliver Marks | July 17, 2008, 4:01pm PDT Summary General Electric, the venerable multinational that was founded in 1878 in New Jersey, have at their core a hugely sophisticated enterprise collaboration system that is arguably the largest in the world. Hot Topics iPhone iPad Enterprise 2.0

Paper

Paper Cloud IT Communications

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada.

IT

IT Ransomware Mining Government

Cyber espionage group used CVE-2018-8589 Windows Zero-Day in Middle East Attacks

Security Affairs

NOVEMBER 14, 2018

The CVE-2018-8589 vulnerability only affects Windows 7 and Windows Server 2008. the FruityArmor APT group is active at least since 2016 when targeted activists, researchers, and individuals related to government organizations. xxxMoveWindow that is caused by the improper locking of messages sent synchronously between threads.

Authentication

Authentication Government Security IT

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

JUNE 10, 2022

The government alleged that between December 2010 and September 2014, the defendants engaged in a conspiracy to identify or pay to identify blocks of Internet Protocol (IP) addresses that were registered to others but which were otherwise inactive. .'”

Marketing

Marketing Government Systems administration Sales

Regin spyware involved in attack against the Russian tech giant Yandex

Security Affairs

JUNE 28, 2019

The Regin malware has been around since at least 2008, most Regin infections were observed in Russia (28%) and Saudi Arabia (24%), but other attacks were spotted in Iran, Ireland, India, Afghanistan, Austria, Belgium, Mexico, and Pakistan.

Authentication

Authentication Security Government Access

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

MAY 26, 2020

Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008. Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ , which is a malware that was employed in past campaigns attributed to the Turla APT group.

Communications

Communications Military Encryption Authentication

Qbot uses a new email collector module in the latest campaign

Security Affairs

AUGUST 31, 2020

QBot, aka Qakbot and Pinkslipbot , has been active since 2008, it is used by malware for collecting browsing data and banking credentials and other financial information from the victims. Threat actors are employing a new module specifically designed to collect and compromise email threads on infected systems. .

Passwords

Passwords Military Manufacturing Encryption

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

MAY 23, 2023

In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously undetected framework dubbed CommonMagic. This means that the threat actor was able to avoid detection for more than 15 years.

Communications

Communications Agriculture Cloud Archiving

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). and later Exchange 2013, 2016, or 2019 Windows Server 2008 R2, Server 2012, Server 2012 R2, Server 2016, Server 2019.

Military

Military Manufacturing Access Security

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Security Affairs

AUGUST 30, 2023

’ Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. “The victims ranged from financial institutions on the East Coast to a critical infrastructure government contractor in the Midwest to a medical device manufacturer on the West Coast.”

Ransomware

Ransomware Manufacturing Data breaches Government

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Krebs on Security

JUNE 3, 2019

For almost the past month, key computer systems serving the government of Baltimore, Md. ” That vulnerability exists in Windows XP, Windows 2003, Windows 7, Windows Server 2008 R2, and Windows Server 2008. have been held hostage by a ransomware strain known as “ Robbinhood.”

Ransomware

Ransomware Government Security Encryption

The Future of The Internet (And How to Stop It) - A Dialog with Jonathan Zittrain Updating His 2008 Book

John Battelle's Searchblog

AUGUST 6, 2011

While written in 2008, this is an ever-more important book, for many reasons, in that it makes a central argument about what we've built so far, and where we might be going if we ignore the lessons we've learned as we've all enjoyed this E-ticket ride we call the Internet industry.

IT

IT Marketing Cloud Government

NSA Launches New Cybersecurity Directorate

Security Affairs

OCTOBER 5, 2019

The directorate also reflects a change in the importance of national cybersecurity and provides a hint as to how government agencies are rethinking how cybersecurity divisions should be organized. But this new directorate seems to signal a pivot towards a more public approach to security than the Agency has taken in the past.

Cybersecurity

Cybersecurity Military Security Access

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Krebs on Security

SEPTEMBER 2, 2019

A statement of facts filed by the government indicates Petr Pacas was at one point director of operations at Company A (Adconion). The government alleges the men sent forged letters to an Internet hosting firm claiming they had been authorized by the registrants of the inactive IP addresses to use that space for their own purposes.

Marketing

Marketing Government Systems administration Metadata

GUEST ESSAY: Restore Us Institute (RUI) aims to protect Americans from online harms and crimes

The Last Watchdog

OCTOBER 3, 2022

Government policymakers decided in the 1990s to promote inherently insecure, nascent Internet technology to be the world’s primary global information infrastructure for all the world’s communications, content, and commerce. Government policymakers decided in the 1990s to de facto nationally abdicate governing online.

Government

Government Authentication Communications Privacy

Documentation Theory for Information Governance

ARMA International

NOVEMBER 15, 2019

iv] Further, “the practices of government [and other public and private institutions] become formal or official to the extent that they are documented.” [v] This article aims to consider what a documentary focus can offer to the practices and understandings of information governance. A Documentary Approach.

Information governance

Information governance Government Libraries Paper

Day two at OSNBC 2008

ChiefTech

NOVEMBER 25, 2008

I missed the morning of day two at Online Social Networking and Business Collaboration (I was attending a seminar on MySource Matrix ) but ended up sharing lunch with two Government 2.0 innovators from the speakers line up, Phillip Bower from Centrelink and Dheeraj Chowdhury from the NSW Department of Education (see below).

Education

Education Communications Access Government

Is APT27 Abusing COVID-19 To Attack People ?!

Security Affairs

MARCH 19, 2020

Governments are doing their best to mitigate such a virus while people are stuck home working remotely using their own equipment. According with Trend Micro , the PlugX malware family is well known to researchers having samples dating back to as early as 2008. I am a computer security scientist with an intensive hacking background.

Computer and Electronics

Computer and Electronics IT Security Encryption

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

Symantec researchers discovered that the Stuxnet code was updated over time, in May 2006 and in February 2007, when the Iran’s government began installing the centrifuges at Natanz. Once the systems were infected, the mole didn’t return to Natanz again, while malware continues its action throughout 2008.

Military

Military Manufacturing Access Security

Time for Australian government to wake up to mobile?

ChiefTech

MAY 22, 2012

Less than a quarter of the Australian Government's regular websites can be considered smartphone or mobile-friendly, according to a survey conducted by iTnews. A survey by the ITNews concludes that government Websites fail mobile access tests. Now, there are some very good examples of government in Australia using mobile.

Government

Government e-Delivery Libraries Access

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

Security Affairs

AUGUST 23, 2018

Turla is the name of a Russian cyber espionage APT group (also known as Waterbug, Venomous Bear and KRYPTON) that has been active since at least 2007 targeting government organizations and private businesses. The new analysis revealed a list of high-profile victims that was previously unknown. ” reads the analysis published by ESET.

Metadata

Metadata Military Libraries Access

The Future of the Web | ZDNet

Collaboration 2.0

AUGUST 12, 2008

The Future of the Web By Oliver Marks | August 12, 2008, 9:29pm PDT Summary The semantic web can be quite a hard concept to grasp when discussed in an abstract way: the above video is a particularly useful, clear exposition of the enormous promise and power the future of knowledge sharing holds. Hot Topics iPhone iPad Enterprise 2.0

Paper

Paper Archiving Education IT

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

2008, wherein he addresses forum members with the salutation, “Hello Gentlemen Scammers.” government said Grichishkin and three others set up the infrastructure used by cybercriminals between 2009 to 2015 to distribute malware and attack financial institutions and victims throughout the United States. .

Computer and Electronics

Computer and Electronics Passwords Government Sales

A better way to navigate the requirements of BCBS 239

Collibra

NOVEMBER 6, 2024

This global standard was created in response to the 2008 financial crisis. Collibra’s industry-leading Data Intelligence Platform simplifies compliance with BCBS 239 by unifying and automating key enterprise capabilities across catalog, lineage, governance, privacy and data quality.

Compliance

Compliance Risk Metadata Financial Services

Two flavors of software as a service: Intuit QuickBase and Etelos | ZDNet

Collaboration 2.0

AUGUST 14, 2008

Two flavors of software as a service: Intuit QuickBase and Etelos By Oliver Marks | August 14, 2008, 3:37pm PDT Summary There are dozens of flavors of clever applications aimed at the office productivity market, often spawned as a result of the Web 2.0 And now in 2008, the most honest thing we can say is that "Web 2.0" Where the Web 2.0

Marketing

Marketing Paper Sales Cloud

The evolutions of APT28 attacks

Security Affairs

DECEMBER 4, 2019

The following timeline tracks APT28 back to 2008 and gives us a quick view on how big and organized is the threat group over the past decade. It is also known as Sofacy Group (by Kaspersky) or STRONTIUM (by Microsoft) and it’s used to target Aereospace, Defence, Governmente Agencies, International Organizations and Media.

Computer and Electronics

Computer and Electronics Libraries Security Military

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

FEBRUARY 13, 2021

It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S. Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others.

Cybersecurity

Cybersecurity Manufacturing Government Communications

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Krebs on Security

DECEMBER 16, 2019

Yakubets , who the government says went by the nicknames “ aqua ,” and “ aquamo ,” among others. KrebsOnSecurity first encountered Aqua’s work in 2008 as a reporter for The Washington Post. What follows is an insider’s look at the back-end operations of this gang. Image: FBI. HITCHED TO A MULE.

Government

Government IT Communications Education

CIA Hacking unit APT-C-39 hit China since 2008

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

Webinars

Trending Sources

An archive with 20 Million Taiwanese? citizens leaked in the dark web

Webinars

Too many issues in Pentagon networks expose it to cybersecurity risks

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Google dorks were the root cause of a catastrophic compromise of CIA’s communications

U.S. Internet Leaked Years of Internal, Customer Emails

Stark Industries Solutions: An Iron Hammer in the Cloud

New Zealand Security Bureau halts Spark from using Huawei 5G equipment

When Your Smart ID Card Reader Comes With Malware

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs newsletter Round 254

Government By Numbers: Some Interesting Insights

Iran-linked APT is exploiting the Zerologon flaw in attacks

GE's Enterprise Collaboration Backbone | ZDNet

Canada Charges Its “Most Prolific Cybercriminal”

Cyber espionage group used CVE-2018-8589 Windows Zero-Day in Middle East Attacks

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Regin spyware involved in attack against the Russian tech giant Yandex

New Turla ComRAT backdoor uses Gmail for Command and Control

Qbot uses a new email collector module in the latest campaign

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

The Future of The Internet (And How to Stop It) - A Dialog with Jonathan Zittrain Updating His 2008 Book

NSA Launches New Cybersecurity Directorate

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

GUEST ESSAY: Restore Us Institute (RUI) aims to protect Americans from online harms and crimes

Documentation Theory for Information Governance

Day two at OSNBC 2008

Is APT27 Abusing COVID-19 To Attack People ?!

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Time for Australian government to wake up to mobile?

Latest Turla backdoor leverages email PDF attachments as C&C mechanism

The Future of the Web | ZDNet

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

A better way to navigate the requirements of BCBS 239

Two flavors of software as a service: Intuit QuickBase and Etelos | ZDNet

The evolutions of APT28 attacks

Chinese Supply-Chain Attack on Computer Systems

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Stay Connected