2008 and IT - Information Management Today

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

Security Affairs

NOVEMBER 26, 2020

Researcher discovers a zero-day vulnerability in Windows 7 and Windows Server 2008 while he was working on a Windows security tool. “If you have ever run this script on Windows 7 or Windows Server 2008 R2 , you probably noticed a weird recurring result and perhaps thought that it was a false positive just as I did.

Security

Security IT Access Information Security

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

MARCH 4, 2020

” The US-linked hackers targeted the Chinese organizations between September 2008 and June 2019. . ” The US-linked hackers targeted the Chinese organizations between September 2008 and June 2019. The post CIA Hacking unit APT-C-39 hit China since 2008 appeared first on Security Affairs. Pierluigi Paganini.

Military

Military Government Security IT

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

Security Affairs

SEPTEMBER 22, 2019

With the end-of-life of Windows 7 and Server 2008, their users will no more receive security patches, the only way to remain protected is to trust in micropatches. On January 14, 2020, support for Window 7, Windows Server 2008 and 2008 R2 will end, this means that users will no longer receive security updates.

Security

Security Risk IT Information Security

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

The PLAYFULGHOST backdoor shares functionality with Gh0stRAT whose source code was publicly released in 2008. The backdoor is distributed through: Phishing emails with themes such as code of conduct to trick users into downloading the malware.

File names

File names Archiving Phishing Encryption

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2.

Authentication

Authentication Security IT Information Security

Sunset of Windows Server 2008: Migrate with Docker

Data Breach Today

JANUARY 23, 2019

The coming end-of-support for Windows Server 2008 leaves IT organizations with few viable options to receive security updates beyond the cut-off date of January 14, 2020. Upgrading will be no small feat as roughly 70% of enterprise Windows applications run on Windows Server 2008 or earlier versions*.

Security

Security IT

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket. An advertisement for the ButterFly Bot.

IT

IT Ransomware Mining Government

Too many issues in Pentagon networks expose it to cybersecurity risks

Security Affairs

JANUARY 15, 2019

related recommendations, dating as far back as 2008. The report doesn’t surprise the experts, in September another audit conducted by the Inspector General revealed that 266 DoD cybersecurity-related recommendations were still open, 11 of them being classified and 255 unclassified and 11 classified , dating as far back as 2008. .

Risk

Risk Cybersecurity IT Government

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

Windows Server 2008 R2: By default, SMBv1 is enabled in Windows Server 2008 R2. Windows Server 2008 R2: Set-ItemProperty -Path "HKLM:SYSTEMCurrentControlSetServicesLanmanServerParameters" -Name SMB1 -Type DWORD -Value 0 –Force. .” reads an advisory published by the Microsoft Tech Community. ” continues Microsoft.

Authentication

Authentication Communications Encryption IT

NIST Seeks Input on HIPAA Security Rule Guidance Update

Data Breach Today

MAY 4, 2021

The National Institute of Standards and Technology is seeking public comment as it plans to update its 2008 guidance for implementing the HIPAA Security Rule. But Is It Time to Overhaul the Rule Itself? But is it time to update the security rule itself?

Security

Security IT

Expert developed a MetaSploit module for the BlueKeep flaw

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. Rough draft MSF module. Still too dangerous to release, lame sorry.

Authentication

Authentication Ransomware Security IT

0patch releases free unofficial patches for Windows 0days exploited in the wild

Security Affairs

MARCH 27, 2020

The security patches developed by 0patch address the issues for Windows 7 and Windows Server 2008 R2 without ESU. The service will also release unofficial patches for Windows 7 and Server 2008 R2 with ESU, Windows 8.1, See the link for more details. link] — Security Response (@msftsecresponse) March 23, 2020.

Libraries

Libraries Risk Security IT

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

Security Affairs

FEBRUARY 22, 2021

The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it was leaked online by Shadow Brokers group. Check Point Research team discovered that China-linked APT31 group ( aka Zirconium.) Check Point Research team discovered that China-linked APT31 group ( aka Zirconium.)

IT

IT Access Security Information Security

An archive with 20 Million Taiwanese? citizens leaked in the dark web

Security Affairs

MAY 29, 2020

The seller claims the database dates back as 2019, but Cyble researchers noted the last DOB record was from 2008. A few weeks ago, threat intelligence firm Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. ” reads a post published by Cyble.

Archiving

Archiving Data breaches Government Security

Windows 7: Microsoft Ceases Free Security Updates

Data Breach Today

JANUARY 14, 2020

Security Experts Recommend Holdouts Review Their IT Strategy and Cloud Options Microsoft has ceased offering free security updates for its Windows 7 operating system, as well as Windows Server 2008 and 2008 R2.

Security

Security Cloud IT

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Security Affairs

JUNE 19, 2020

The exploit used by Turla, referred to as CVE-2008-3431 , abuses two vulnerabilities, but only one was ever fixed in the aforementioned CVE. The other vulnerability was chained by Turla operators with the CVE-2008-3431 flaw in the first version of their exploit. of the driver. can be used for Turla’s exploit.

Security

Security Government IT Information Security

News Alert: Nuvoton underscores its commitment to 8-bit MCU production sustainability

The Last Watchdog

JULY 6, 2023

Nuvoton was spun-off as a Winbond Electronics affiliate in July 2008 and went public in September 2010 on the Taiwan Stock Exchange (TWSE). Nuvoton is committed to sustainable 8-bit MCU production and product longevity to ensure a reliable supply, giving customers the confidence to commit to long-term products, platforms, and projects.

IT

IT Computer and Electronics Marketing IoT

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Security Affairs

OCTOBER 13, 2021

Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 (build 14393) Microsoft Windows Server 2016 (build 14393) Microsoft Windows 10 (build 17763) Microsoft Windows Server 2019 (build 17763). ” concludes Kaspersky.

Government

Government IT Security Access

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389.

Authentication

Authentication Security Ransomware IT

DHS also issued an alert for the Windows BlueKeep flaw

Security Affairs

JUNE 18, 2019

Enable Network Level Authentication in Windows 7, Windows Server 2008, and Windows Server 2008 R2. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Disable services not being used by the OS. This best practice limits exposure to vulnerabilities. Enable Network Level Authentication.

Authentication

Authentication Cybersecurity Security Marketing

Zoom is working on a patch for a zero-day in Windows client

Security Affairs

JULY 9, 2020

The vulnerability affects Windows client running on old versions of Windows OS, including Windows 7 and Windows Server 2008 R2 and earlier. The zero vulnerability was reported to ACROS by a security researcher who wanted to remain anonymous. Clients running on Windows 8 or Windows 10 are not affected.

Security

Security Privacy IT Information Security

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. The investigation was also supported by the Federal Criminal Police Office (BKA), the FBI and a Munich forensic IT expert company. According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net.

IT

IT Security Information Security

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Krebs on Security

MAY 14, 2019

The vulnerability ( CVE-2019-0708 ) resides in the “remote desktop services” component built into supported versions of Windows, including Windows 7 , Windows Server 2008 R2 , and Windows Server 2008. “This vulnerability is pre-authentication and requires no user interaction,” Pope said.

Ransomware

Ransomware Authentication Security IT

Qakbot is back and targets the Hospitality industry

Security Affairs

DECEMBER 18, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Experts warn of a new phishing campaign distributing the QakBot malware, months after law enforcement dismantled its infrastructure. The malware spreads via malspam campaigns, it inserts replies in active email threads.

Ransomware

Ransomware Phishing IT Information Security

Microsoft issues emergency patch for IE Zero Day exploited in the wild

Security Affairs

DECEMBER 20, 2018

The IE zero-day vulnerability impacts IE 9 on Windows Server 2008, IE 10 on Windows Server 2012, IE 11 from Windows 7 to Windows 10, and IE 11 on Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows Server 2012 R2. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security IT

Microsoft Patch Tuesday, November 2021 Edition

Krebs on Security

NOVEMBER 9, 2021

Both involve weaknesses in Microsoft’s Remote Desktop Protocol (RDP, Windows’ built-in remote administration tool) running on Windows 7 through Windows 11 systems, and on Windows Server 2008-2019 systems. Microsoft Corp. today released updates to quash at least 55 security bugs in its Windows operating systems and other software.

Passwords

Passwords Security Authentication Ransomware

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Security Affairs

JUNE 3, 2022

LuoYu has been active since at least 2008, it focuses on targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. It communicates with IP addresses selected randomly inside a specific AS.

Information capture

Information capture Communications Security IT

Experts add a BlueKeep exploit module to MetaSploit

Security Affairs

SEPTEMBER 7, 2019

It has been developed to target only the 64-bit versions of Windows 7 and Windows 2008 R2. It has been developed to target only the 64-bit versions of Windows 7 and Windows 2008 R2. The initial PR of the exploit module targets 64-bit versions of Windows 7 and Windows 2008 R2.” osum0x0 and Ryan Hanson.

Libraries

Libraries Security IT Information Security

Black Basta ransomware operators leverage QBot for lateral movements

Security Affairs

JUNE 7, 2022

QBot, aka Qakbot and Pinkslipbot , has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials and other financial information from the victims. Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. .

Ransomware

Ransomware Security Cybersecurity IT

Qakbot operations continue to evolve to avoid detection

Security Affairs

JULY 13, 2022

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection. The malware spreads via malspam campaigns, it inserts replies in active email threads.

File names

File names Archiving Compliance IT

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

From the forum’s inception until around 2008, Djamix was one of its most active and eloquent contributors. ru at DomainTools.com reveals this address has been used to register at least 10 domain names since 2008. Some of those photos date back to 2008. One representation of the leaked Mazafaka database.

Military

Military IT Communications Risk

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. Cisco is going to pay $8.6 million to settle a legal dispute for selling vulnerable software to the US government. ” reported The New York Times.

Government

Government Sales Access Security

QakBot threat actors are still operational after the August takedown

Security Affairs

OCTOBER 7, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’ ” concludes the report.

Ransomware

Ransomware Phishing Metadata Archiving

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

Guerrero-Saade discovered that the SIG37 campaign references hacking activities dated back as far as 2008 that was carried out by an unknown threat actor, the expert tracked it as Nazar. Native Farsi speakers told the expert that the term ‘nazar’ translates to ‘supervision’ or ‘monitoring’ from Persian to Roman characters.

Libraries

Libraries Cybersecurity Access IT

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

FEBRUARY 7, 2021

The Mifare Classic smart card technology is known to be insecure since 2008, when security researchers from Radboud University Nijmegen performed reverse engineering of the chip and published their findings. The vulnerability was disclosed by the security researcher Polle Vanhoof. We can easily do this using the mfoc tool.

Encryption

Encryption Security Communications IT

FBI Raids Chinese Point-of-Sale Giant PAX Technology

Krebs on Security

OCTOBER 26, 2021

Indeed, some of history’s largest cyberheists involved point-of-sale malware, including the 2008 breach at Heartland Payment Systems that exposed 100 million payment cards, and the 2013-2014 string of breaches at Target , Home Depot and elsewhere that led to the theft of roughly another 100 million cards.

Sales

Sales Retail Computer and Electronics Risk

French authorities launch disinfection operation to eradicate PlugX malware from infected hosts

Security Affairs

JULY 28, 2024

The PlugX malware is a remote access trojan (RAT) that has been used since 2008 by multiple China-linked APT groups, including Mustang Panda , Winnti , and APT41 The RAT uses DLL side-loading to load its own malicious payload malicious DLL when a digitally signed software application, such as the x32dbg debugging tool (x32dbg.exe), is executed.

Cybersecurity

Cybersecurity Communications Access IT

Microsoft Issues Emergency Fix for IE Zero Day

Krebs on Security

DECEMBER 19, 2018

Satnam Narang , senior research engineer at Tenable , said the vulnerability affects the following installations of IE: Internet Explorer 11 from Windows 7 to Windows 10 as well as Windows Server 2012, 2016 and 2019; IE 9 on Windows Server 2008; and IE 10 on Windows Server 2012.

Risk

Risk Security IT

Magento 1.x EOL is set on June 30, 75% of installs potentially impacted

Security Affairs

JUNE 28, 2020

x branch was released in 2008 and was initially scheduled to reach EOL in November 2018. Adobe, Mastercard, Visa are warning the owners of the online store running Magento 1.x x of updating their installs because it will reach EOL by June 30. Adobe, Mastercard, Visa are warning the owners of online store running Magento 1.x x store owners.

Security

Security Risk IT Information Security

To Prevent Another WannaCry, Microsoft Patches Old OSs

Data Breach Today

MAY 15, 2019

Vulnerability in XP, Windows 7 and Server 2008 Could Be 'Wormable' Microsoft has taken the extraordinary step of issuing patches for its old XP, Windows 2003, Windows 7 and Windows Server 2008 operating systems. The problem is an easy-to-exploit Remote Desktop Services vulnerability that could be turned into a worm.

IT

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. ” he observed.

Cloud

Cloud Education Government Communications

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The group mainly laundered the illicit funds through the Russian crypto exchange Garantex.

Ransomware

Ransomware Blockchain Retail Insurance

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Security Affairs

NOVEMBER 3, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. The researcher Z??osum0x0 They only expose port 3389.

Honeypots

Honeypots Security Information Security Authentication

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2008 Workspace ONE UEM patch 20.8.0.36 .” Below is the list of impacted versions: I mpacted Versions Fixed Version 2109 Workspace ONE UEM patch 21.9.0.13 and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27 and above 2101 Workspace ONE UEM patch 21.1.0.27

Access

Access Authentication Cloud Security

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

CIA Hacking unit APT-C-39 hit China since 2008

Webinars

Trending Sources

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

Webinars

PLAYFULGHOST backdoor supports multiple information stealing features

Microsoft rolled out emergency updates to fix Windows Server auth failures

Sunset of Windows Server 2008: Migrate with Docker

Canada Charges Its “Most Prolific Cybercriminal”

Too many issues in Pentagon networks expose it to cybersecurity risks

Microsoft recommends Exchange admins to disable the SMBv1 protocol

NIST Seeks Input on HIPAA Security Rule Guidance Update

Expert developed a MetaSploit module for the BlueKeep flaw

0patch releases free unofficial patches for Windows 0days exploited in the wild

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

An archive with 20 Million Taiwanese? citizens leaked in the dark web

Windows 7: Microsoft Ceases Free Security Updates

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

News Alert: Nuvoton underscores its commitment to 8-bit MCU production sustainability

Chinese APT IronHusky use Win zero-day in recent wave of attacks

NSA urges Windows Users and admins to Patch BlueKeep flaw

DHS also issued an alert for the Windows BlueKeep flaw

Zoom is working on a patch for a zero-day in Windows client

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Qakbot is back and targets the Hospitality industry

Microsoft issues emergency patch for IE Zero Day exploited in the wild

Microsoft Patch Tuesday, November 2021 Edition

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Experts add a BlueKeep exploit module to MetaSploit

Black Basta ransomware operators leverage QBot for lateral movements

Qakbot operations continue to evolve to avoid detection

From Cybercrime Saul Goodman to the Russian GRU

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

QakBot threat actors are still operational after the August takedown

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Hacking Nespresso machines to have unlimited funds to purchase coffee

FBI Raids Chinese Point-of-Sale Giant PAX Technology

French authorities launch disinfection operation to eradicate PlugX malware from infected hosts

Microsoft Issues Emergency Fix for IE Zero Day

Magento 1.x EOL is set on June 30, 75% of installs potentially impacted

To Prevent Another WannaCry, Microsoft Patches Old OSs

Stark Industries Solutions: An Iron Hammer in the Cloud

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Stay Connected