2009 - Information Management Today

'Open Enterprise 2009' Winners One Year On

Collaboration 2.0

JULY 6, 2010

Stowe Boyd and I awarded the ‘Open Enterprise 2009‘ award to Booz Allan Hamilton for their ‘Hello’ environment at the Boston Enterprise 2.0 Conference a year ago, and I caught up with Megan Murray of the BAH team one year on to see how their environment was progressing at this year’s Boston event.

IT

Federal Tally Reaches 5,000 Health Data Breaches Since 2009

Data Breach Today

OCTOBER 26, 2022

More People Affected by Breaches Than Total US Population The federal tally of health data breaches reached a new milestone this week: Since its inception in September 2009, more than 5,000 major incidents have been posted to the Department of Health and Human Services' HIPAA breach "wall of shame."

Data breaches

Data breaches IT

Cisco 2009 3rd Party External Social Media Research Findings

Collaboration 2.0

JANUARY 13, 2010

Based on extensive interviews with 105 participants representing 97 organizations in 20 countries around the globe and conducted between April and September 2009, it’s the first of a two-part series that Cisco [.]

IT

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Microsoft Patches 12-Year-Old Vulnerability

Data Breach Today

FEBRUARY 16, 2021

Flaw Was Present in Microsoft Defender Since 2009, SentinelOne Finds Microsoft has patched a 12-year-old vulnerability in Microsoft Defender that, if exploited, could enable nonadministrative users to escalate privilege in the application. The patch was made after security firm SentinelOne recently notified Microsoft about the flaw.

Security

RockYou2024 compilation containing 10 billion passwords was leaked online

Security Affairs

JULY 8, 2024

The compilation has been named ‘RockYou2021’ by the forum user, presumably in reference to the RockYou data breach that occurred in 2009, when threat actors hacked their way into the social app website’s servers and got their hands on more than 32 million user passwords stored in plain text. RockYou2021 had 8.4

Passwords

Passwords Data breaches Risk IT

Facebook's '10 Year Challenge' Is Just a Harmless Meme—Right?

WIRED Threat Level

JANUARY 15, 2019

Opinion: The 2009 vs. 2019 profile picture trend may or may not have been a data collection ruse to train its facial recognition algorithm. But we can't afford to blithely play along.

Data collection

Data collection IT Security

Millions of Dell Devices Vulnerable to Update Driver Flaw

Data Breach Today

MAY 5, 2021

Dell Has Patched Driver Issue Found by SentinelOne Dell has patched five issues in a firmware update driver that has shipped in millions of laptops, tablets and desktops since 2009. The vulnerabilities apparently have not been exploited in the wild and are not remotely exploitable.

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Security Affairs

APRIL 6, 2024

Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032). Shadowserver researchers have scanned the Internet for instances vulnerable to CVE-2024-21894 and reported that about 16,500 are still vulnerable.

Security

Security Information Security IT

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Security Affairs

AUGUST 10, 2019

The vulnerability, tracked as CVE-2009-0692 , could be exploited by an attacker to crash the ISC DHCP client and execute arbitrary code with the permissions of the client. Avaya did not address the vulnerability issue in some of its VoIP devices by applying the necessary patches that were released after the discovery of the flaw in 2009.

IoT

IoT Communications Privacy Risk

Annual Report to Congress on Breaches of Unsecured Protected Health Information

Data Breach Today

NOVEMBER 15, 2017

The Department of Health and Human Services' Office for Civil Rights provided a report to Congress on health information breaches from September 2009 through 2010, as required under the HITECH Act. million Americans were affected by almost 30,800 health information breaches, according to the report.

Experts found 20 Million tax records for Russian citizens exposed online

Security Affairs

OCTOBER 1, 2019

The experts found an unprotected Elasticsearch cluster that was containing personally identifiable information on Russian citizens spanning from 2009 to 2016. “The first database contained more than 14 million personal and tax records from 2010 to 2016, and the second included over 6 million from 2009 to 2015.”

Phishing

Phishing Risk Access Security

IBM releases open-source toolkits implementing FHE to process data while encrypted

Security Affairs

JUNE 8, 2020

IBM invented FHE in 2009, but only recently it is becoming practical thanks to algorithmic progresses. . “In The toolkits released by IBM are already available for macOS and iOS, the IT company plan to release also Android and Linux versions. The FHE toolkits are been released on GitHub for macOS and iOS.

Encryption

Encryption Cloud Analytics Data Privacy

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Security Affairs

JULY 13, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Information Security

Information Security IT Security

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

Weibo is a popular Chinese micro-blogging ( weibo ) website, it was launched by Sina Corporation on 14 August 2009, it claimed over 445 million monthly active users as of Q3 2018. . The presence in the dump of not public users’ details, including gender and location, suggests the hackers had access to the company database.

Personal data

Personal data Sales Passwords Information Security

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The targets of the two groups show significant overlap, Billbug also targeted organizations many military and government organizations in South Asia since at least January 2009. Billbug is a long-established espionage group, active since at least January 2009. Security experts at Symantec speculate that Thrip is a sub-group of Billbug.

Military

Military Communications Government Education

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

Security Affairs

AUGUST 8, 2022

“It’s worth pointing out that the wallet address is the miner reward receiving address of the Bitcoin Genesis Block , which occurred on January 3, 2009, and is believed to be held by Nakamoto.” .” reads the analysis published by the researchers. Follow me on Twitter: @securityaffairs and Facebook.

Mining

Mining IT Security Information Security

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

OCTOBER 21, 2021

The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015.

Systems administration

Systems administration Marketing Risk IT

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Cybersecurity

Cybersecurity Ransomware Security IT

PwnKit: Local Privilege Escalation bug affects major Linux distros

Security Affairs

JANUARY 26, 2022

The flaw, dubbed PwnKit, was introduced more than 12 years ago (May 2009) since the initial commit of pkexec, this means that all the versions are affected. The good news is that this issue is not remotely exploitable, but if an attacker can log in as any unprivileged user, it can allow to gain root privileges.

Communications

Communications IT Security Information Security

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Orange Belgium is using Huawei equipment since 2007 for its mobile network in Belgium and Luxembourg, while the collaboration between Proximus and the Shenzhen-based company started in 2009 for the progressive upgrading of its network.

Manufacturing

Manufacturing Risk Communications Security

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. BeagleBoyz (aka Lazarus , APT38 , Bluenoroff, and Stardust Chollima) represents a subset of the HIDDEN COBRA threat actors.

Access

Access Government Ransomware Cybersecurity

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

The group, also known as Cicada, Stone Panda , and Cloud Hopper , has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Healthcare

Healthcare Archiving Cloud Manufacturing

The man behind Cardplanet credit card market sentenced to 9 years in prison

Security Affairs

JUNE 27, 2020

The man operated the Cardplanet site between at least early 2009 through at least August 2013. In 2019, Burkov was accused of running the online criminal marketplace, Cardplanet, according to the investigators, the site helped crooks to organize more than $20 million in credit card fraud.

Marketing

Marketing Sales Insurance Access

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Ransomware

Ransomware IT Information Security Security

The analysis of the code reuse revealed many links between North Korea malware

Security Affairs

AUGUST 10, 2018

For example, the “Common SMB module” that was part of the WannaCry Ransomware (2017) was similar to the code used the malware Mydoom (2009), Joanap , and DeltaAlfa. “The first code example appeared in the server message block (SMB) module of WannaCry in 2017, Mydoom in 2009, Joanap , and DeltaAlfa.

Libraries

Libraries Ransomware Security Access

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Healthcare

Healthcare Phishing Passwords Ransomware

Experts link attack on Chilean interbank network Redbanc NK Lazarus APT

Security Affairs

JANUARY 16, 2019

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Communications

Communications Ransomware Security IT

GE's Enterprise Collaboration Backbone | ZDNet

Collaboration 2.0

JULY 17, 2008

Windows 7 Microsofts Windows 7 arrived in late 2009 and kicked off a PC upgrade cycle thats expected to. Google unplugs Windows Google decides that a security invasion from China was the last straw and bans the use of. Hot Topics iPhone iPad Enterprise 2.0 Microsoft Office Green tech Smart phones Collaboration 2.0

Paper

Paper Cloud IT Communications

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Phishing

Phishing Cybersecurity IT Security

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Krebs on Security

NOVEMBER 15, 2022

Gary Warner , director of research in computer forensics at the University of Alabama at Birmingham, noted in his blog from 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava , had been born and gave her birth weight. tank: Levak was written there. lucky12345: It’s f *d.

Phishing

Phishing Passwords IT Ransomware

DHS issued an alert on attacks aimed at Managed Service Providers

Security Affairs

OCTOBER 5, 2018

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. APT actors have targeted victims in several U.S.

Communications

Communications Manufacturing Cybersecurity Phishing

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Security Affairs

OCTOBER 23, 2023

billion Aadhaars issued by the UIDAI since this ID service launched in 2009, this system represents one of the largest biometric ID programs on the planet, according to a report published by think tank Brookings Institution. With roughly 1.4

Sales

Sales e-Discovery Data breaches Risk

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

Those records indicate the user Kerens registered on Verified in March 2009 from an Internet address in Novosibirsk, a city in the southern Siberian region of Russia. Intel 471 reports that gumboldt@gmail.com was used in 2009 to register a user by the nickname “ Kolumb ” on the Russian hacking forum Antichat.

e-Delivery

e-Delivery Passwords Cybersecurity Sales

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months.

Education

Education Data breaches Ransomware Access

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

Darkode was taken down in 2015 as part of an FBI investigation sting operation , but screenshots of the community saved by this author show that DCReavers2 was already well known to the Darkode founders when his membership to the forum was accepted in May 2009. DCReavers2 was just the 22nd account to register on the Darkode cybercrime forum.

IT

IT Ransomware Mining Government

End of Mainstream Support for Dynamics AX 2009 and AX 2012

Ascent Innovations

OCTOBER 2, 2018

End of Mainstream Support for Dynamics AX 2009 and AX 2012. Microsoft is ending the mainstream support for Dynamics AX 2009, AX 2012 FP and R2 on October 9th, 2018. Dynamics AX 2009. –. Extended Support will expire as well, and the end dates are: Dynamics AX 2009. –. What are the end dates? Dynamics AX 2012. –.

Cloud

Cloud Education Sales Security

Maryland Department of Labor discloses a data breach

Security Affairs

JULY 9, 2019

” Threat actors accessed to files stored in the Literacy Works Information System that are dated back 2009, 2010, and 2014. . “Upon notification of the possibility of unauthorized access, Maryland DoIT implemented countermeasures and initiated an investigation.” ” continues the Department. .

Data breaches

Data breaches Insurance Access Security

Ransomware Patch or Perish: Attackers Exploit ColdFusion

Data Breach Today

SEPTEMBER 27, 2021

Cring Ransomware Unleashed After Attackers Exploit Unpatched Flaw From 2009 For combating ransomware, doing the security basics is essential, including keeping systems updated and patched.

Ransomware

Ransomware Security

Experts discovered a Kernel Level Privilege Escalation in Oracle Solaris

Security Affairs

JULY 26, 2018

.” The experts discovered that the flaw was first discovered in 2007 and it was publicly disclosed in 2009 during the CanSecWest security conference. “The original issue was disclosed on stage at CanSec 2009 ( [link] ).” ” reads the analysis published by Trustwave.

Authentication

Authentication Security IT

China planted tiny chips on US computers for cyber espionage

Security Affairs

OCTOBER 4, 2018

In 2009 the company announced a development partnership with In-Q-Tel Inc. , Elemental manufactured equipment for Department of Defense data centers, the CIA’s drone operations, and onboard networks of Navy warships. “Elemental also started working with American spy agencies. government.” ” continues the report.

Manufacturing

Manufacturing Government Security IT

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Security

Security Phishing Information Security Communications

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, SIM swapping).

Cybersecurity

Cybersecurity Authentication Cloud Security

Ten years ago someone breached into a server of the Yale University

Security Affairs

AUGUST 1, 2018

Hackers breached into the database of the famous University between April 2008 and January 2009 and apparently accessed a server where it is hosted a single database. ” reads the security alert published by the Yale University.

Archiving

Archiving Access Security IT

Report: Missouri Governor’s Office Responsible for Teacher Data Leak

Krebs on Security

FEBRUARY 22, 2022

She stated in 2009, policy was changed to move all information technology services to the Office of Administration.” . “I asked her if the ITSD was within the Office of Administration, or if DESE had their on-information technology section, and she indicated it was within the Office of Administration.

Education

Education Access Security Communications

'Open Enterprise 2009' Winners One Year On

Federal Tally Reaches 5,000 Health Data Breaches Since 2009

Webinars

Trending Sources

Cisco 2009 3rd Party External Social Media Research Findings

Webinars

Microsoft Patches 12-Year-Old Vulnerability

RockYou2024 compilation containing 10 billion passwords was leaked online

Facebook's '10 Year Challenge' Is Just a Harmless Meme—Right?

Millions of Dell Devices Vulnerable to Update Driver Flaw

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Annual Report to Congress on Breaches of Unsecured Protected Health Information

Experts found 20 Million tax records for Russian citizens exposed online

IBM releases open-source toolkits implementing FHE to process data while encrypted

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

538 Million Weibo users’ records being sold on Dark Web

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

Administrators of bulletproof hosting sentenced to prison in the US

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

PwnKit: Local Privilege Escalation bug affects major Linux distros

Belgium telecom operators Proximus and Orange drop Huawei

North Korea-linked APT group BeagleBoyz targets banks

China-linked APT10 leverages ZeroLogon exploits in recent attacks

The man behind Cardplanet credit card market sentenced to 9 years in prison

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

The analysis of the code reuse revealed many links between North Korea malware

North Korea-linked Lazarus APT targets the COVID-19 research

Experts link attack on Chilean interbank network Redbanc NK Lazarus APT

GE's Enterprise Collaboration Backbone | ZDNet

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

DHS issued an alert on attacks aimed at Managed Service Providers

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Why Malware Crypting Services Deserve More Scrutiny

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Canada Charges Its “Most Prolific Cybercriminal”

End of Mainstream Support for Dynamics AX 2009 and AX 2012

Maryland Department of Labor discloses a data breach

Ransomware Patch or Perish: Attackers Exploit ColdFusion

Experts discovered a Kernel Level Privilege Escalation in Oracle Solaris

China planted tiny chips on US computers for cyber espionage

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

CISA urges to fix actively exploited Firefox zero-days by March 21

Ten years ago someone breached into a server of the Yale University

Report: Missouri Governor’s Office Responsible for Teacher Data Leak

Stay Connected