2010 - Information Management Today

Did Huawei Eavesdrop on KPN Mobile Network?

Data Breach Today

APRIL 20, 2021

KPN Disputes Reported Surveillance Risk to Users, Who Included Dutch Prime Minister A bombshell news report suggests that Dutch mobile network provider KPN in 2010 didn't know if one of its major equipment suppliers - China's Huawei - was spying on users.

Risk

Risk IT

Sharepoint: IT doesn't kill businesses, people do

Collaboration 2.0

MARCH 31, 2011

Sharepoint 2010 is now a credible platform player for collaboration and business social networking. The larger challenge: Changing user perceptions of what the tools are for, and what you can do with them.

IT

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

Security Affairs

SEPTEMBER 30, 2020

Rapid7 reported that 87% of almost 138,000 Exchange 2016 servers and 77% of around 25,000 Exchange 2019 servers are still vulnerable to CVE-2020-0688 attacks, and roughly 54,000 Exchange 2010 servers have not been updated in six years. After Microsoft addressed the flaw experts reportedly observed that APT actors exploiting the flaw.

Authentication

Authentication Cybersecurity Risk Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

NATO Chief calls for a new strategic to address new challenges

Security Affairs

OCTOBER 9, 2020

. “My thought is that the existing Strategic Concept, which we agreed in 2010, has served NATO well. Having said that, I think we all have to realise that since we agreed the Strategic Concept back in 2010, the world has fundamentally changed.” And it has actually served us well for many years.

Military

Military Artificial Intelligence Marketing Security

How to Create Unique Customer Journeys to Optimize Business Outcomes

Speaker: Shawn Phillips, CCXP, Head of Growth and Innovation

A one-size-fits-all approach is a great approach – if it’s 2010. With the growth of AI, customers expect – and often demand – a customer journey based on their unique needs and history with your brand.

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

JULY 26, 2020

The toolkit was first released in 2010 by SANS fellow researcher Lenny Zeltser , who is still maintaining the software. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware.

IT

IT Security Information Security

CISA shares a catalog of 306 actively exploited vulnerabilities

Security Affairs

NOVEMBER 4, 2021

The oldest vulnerability included in the catalog is the CVE-2010-5326? RCE in SAP NetWeaver Application Server and dates back to 2010. The catalog includes vulnerabilities for products from Adobe, Apple, Atlassian, Cisco, Google, IBM, Microsoft, Nagios, Netgear, Oracle, Pulse Secure, and many other companies.

Cybersecurity

Cybersecurity Risk Security IT

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. In 2010, Assange gained unauthorized access to a government computer system of a NATO country and years later he contacted s LulzSec leader who was working for the FBI and provided him a list of targets.

Military

Military Government Risk Passwords

Is the recent accident at Iran Natanz nuclear plant a cyber attack?

Security Affairs

APRIL 11, 2021

.” Reports claim that the attack was launched by Israel-linked hackers, the same state is suspected to have had a main role in the Stuxnet attack that hit the same nuclear plant back in 2010.

Energy and Utilities

Energy and Utilities Military IT Security

The cybersecurity researcher Dan Kaminsky has died

Security Affairs

APRIL 24, 2021

On June 16, 2010, he was named by Internet Corporation for Assigned Names and Numbers (ICANN) as one of the Trusted Community Representatives for the DNSSEC root. Dan Kaminsky was very active in the cyber security community, he was a regular speaker at major cybersecurity and hacking conferences, including Black Hat and DEFCON.

Cybersecurity

Cybersecurity Security IT Information Security

Wikileaks founder Julian Assange is free

Security Affairs

JUNE 25, 2024

He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. In 2010, Assange gained unauthorized access to a government computer system of a NATO country and years later he contacted a LulzSec leader who was working for the FBI and provided him a list of targets.

Military

Military Passwords Access Government

Payment solutions giant Edenred announces malware infection

Security Affairs

NOVEMBER 22, 2019

The Group is independent since June 2010 following the split with Accor. The Payment solutions giant Edenred announced that some of its computing systems have been infected with malware, the company is currently investigating the incident. Edenred is a French company specialized in prepaid corporate services.

Cybersecurity

Cybersecurity Government IT Security

Researchers Uncover 'Inception' Flaw in AMD CPUs

Data Breach Today

AUGUST 10, 2023

They named the flaw after the 2010 movie "Inception," since both the hacking technique and the film's plot involve planting false ideas into memory.

Security

Security IT

330K stolen payment cards and 895K stolen gift cards sold on dark web

Security Affairs

APRIL 8, 2021

.” The investigation of the cybercriminal actor selling the gift cards and payment cards revealed that he is a prolific Russian-speaking hacker who was engaged in similar activities since 2010.

Sales

Sales Security Information Security IT

Annual Report to Congress on Breaches of Unsecured Protected Health Information

Data Breach Today

NOVEMBER 15, 2017

The Department of Health and Human Services' Office for Civil Rights provided a report to Congress on health information breaches from September 2009 through 2010, as required under the HITECH Act. million Americans were affected by almost 30,800 health information breaches, according to the report.

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Security Affairs

SEPTEMBER 26, 2023

. “The personal health information that was copied was collected from a large network of mostly Ontario health care facilities and providers regarding fertility, pregnancy, newborn and child health care offered between January 2010 and May 2023.”

Data breaches

Data breaches Ransomware Data collection Cybersecurity

A Basic Timeline of the Exchange Mass-Hack

Krebs on Security

MARCH 8, 2021

Exchange Server 2010 is no longer supported, but the software giant made a “defense in depth” exception and gave Server 2010 users a freebie patch, too. How long have the vulnerabilities exploited here been around? 2, Microsoft patched four flaws in Exchange Server 2013 through 2019.

Security

Security Access IT

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Security Affairs

APRIL 15, 2020

The Energetic Bear APT group has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors. The Energetic Bear APT group has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors.

Passwords

Passwords Data breaches Access Security

The author of FastPOS PoS malware pleads guilty

Security Affairs

AUGUST 1, 2020

The group is active since 2010, when it created in Ukraine by Svyatoslav Bondarenko. The main website was a crime forum that was founded in 2010, it first operated at infraud.cc Chiochiu was a member of the Infraud global cybercrime organization involved in stealing and selling credit card and personal identity data. and infraud.ws.

Personal data

Personal data Sales IT Access

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Krebs on Security

MARCH 22, 2024

On March 14, KrebsOnSecurity published a story showing that Onerep’s Belarusian CEO and founder Dimitiri Shelest launched dozens of people-search services since 2010, including a still-active data broker called Nuwber that sells background reports on people. Onerep and Shelest did not respond to requests for comment on that story.

Healthcare

Healthcare Privacy Data breaches Government

SAP Security Patch Day for May 2019 fixes many missing authorization checks

Security Affairs

MAY 15, 2019

SAP published updates for Security Notes released in October 2009, September 2010, December 2010, and March 2013. Two flaws received a CVSS score of 6.3, ” adds Onapsis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Financial Services Risk IT

Volvo Cars suffers a data breach. Is it a ransomware attack?

Security Affairs

DECEMBER 10, 2021

In 2010, Volvo Cars became a subsidiary of the Chinese manufacturer Geely Holding Group, which confirmed that it “has become aware that one of its file repositories has been illegally accessed by a third party.” Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems.

Data breaches

Data breaches Ransomware Manufacturing IT

Hospitality Chain McMenamins discloses data breach after ransomware attack

Security Affairs

JANUARY 4, 2022

According to the company, threat actors have stolen data of individuals employed between July 1, 2010, and December 12, 2021. McMenamins is a family-owned chain of brewpubs, breweries, music venues, historic hotels, and theater pubs in Oregon and Washington. .

Data breaches

Data breaches Ransomware Insurance Sales

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs

AUGUST 23, 2019

. “However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively.” ” reads the report published by Trend Micro.

File names

File names Phishing Encryption Security

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 17, 2022

CVE-2010-2568 Microsoft Windows – Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. The older issue added to the catalog in this turn is the CVE-2010-2568 which is the issue used in the Stuxnet attack.

IT

IT Cybersecurity Risk Security

Google dorks were the root cause of a catastrophic compromise of CIA’s communications

Security Affairs

NOVEMBER 5, 2018

The report published by Yahoo also cited a defense contractor for the CIA named John Reidy that warned the agency of it was using insecure communications systems in 2008, and again in 2010. Unfortunately, he was fired by the agency, likely in retaliation for not shutting up. ” states the report. ” states the report.

Communications

Communications Government Security IT

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

The APT group has been active since 2010, targeted organizations worldwide, including U.S. Analyzing the attacks revealed malware samples linked to DRBControl , a campaign described earlier this year in a report from Trend Micro and attributed to APT27 and Winnti, both groups active since at least 2010 and associate with Chinese hackers.

Ransomware

Ransomware Encryption Financial Services Cybersecurity

Iranian government blocked Wikipedia Farsi due Coronavirus outbreak

Security Affairs

MARCH 4, 2020

The restrictions were implemented for some 24 hours and the government removed them in the afternoon of March 3rd, 2010. It seems that only the mobile version was reachable by Iranian users. ” reported NetBlocks.

Government

Government Access IT Security

Iran announced to have foiled massive cyberattacks on public services

Security Affairs

APRIL 25, 2022

Stuxnet is a malicious computer worm developed to target SCADA systems that were first uncovered in 2010, but researchers believe its development began at least in 2005. . The virus was developed by the US and Israel to interfere with the nuclear enrichment program conducted by Iran in the plant of Natanz.

Ransomware

Ransomware Cybersecurity Government Security

WeLeakInfo Leaked Customer Payment Info

Krebs on Security

MARCH 15, 2021

The biggest potential gold mine for de-anonymizing Maza members is the leak of user numbers for ICQ, an instant messaging service formerly owned by AOL that was widely used by cybercrime forum members up until around 2010. That’s about when AOL sold the platform in 2010 to Russian investor DST for $187.5

Passwords

Passwords Mining Data breaches Access

Colombian authorities arrested hacker behind the Gozi Virus

Security Affairs

JUNE 30, 2021

Kuzmin was arrested by Us law enforcement in November 2010 and pleaded guilty to various computer crimes. In May 2016, Nikita Kuzmin, the Russian national who created the Gozi virus, has been sentenced to time served and ordered to pay nearly $7 million.

Security

Security IT Cybersecurity Information Security

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. “The Microsoft Digital Crimes Unit (DCU) has disrupted the activities of a China-based hacking group that we call Nickel.

Manufacturing

Manufacturing Phishing Government Security

Legacy Content Migration: Urgent Need is Largely Invisible

Weissman's World

MAY 25, 2018

Fun fact: an estimated 75% of today’s content management solutions were installed before the year 2010 – meaning that most organizations are now depending upon systems that at best are dated, and at are worst dangerously close end-of-life. The post Legacy Content Migration: Urgent Need is Largely Invisible appeared first on Holly Group.

Records Management

Records Management Information governance Government

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0 and Visual Studio 2019 versions 16.0,

Security

Security IT Information Security

Crooks target US universities with malware used by nation-state actors

Security Affairs

APRIL 26, 2020

Hupigon is a remote access Trojan (RAT) that has been active since at least 2006, it was first detected by FireEye in 2010. The malicious code employed in the attacks is the Hupigon RAT , a RAT previously spotted in campaigns carried out by China-linked APTs such as APT3 (aka TG-0100 , Buckeye , Gothic Panda , and UPS).

Phishing

Phishing Education Access Cybersecurity

The OpenSSL Project addressed three vulnerabilities

Security Affairs

FEBRUARY 18, 2021

In 2010, the Open SSL project addressed three vulnerabilities, including two DDoS issues rated high severity. The flaw was reported to OpenSSL Project on 21st January 2021 by D. Katz and Joel Luellwitz from Trustwave. The issue affects servers using OpenSSL 1.0.2 which are vulnerable to SSL version rollback attacks.

Encryption

Encryption Security IT Information Security

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

When Keys left Tribune Company-owned Sacramento KTXL Fox 40 in 2010, he shared login credentials of the CMS used by the website with members of Anonymous. Keys was accused of providing Anonymous login credentials that allowed the group to deface access and deface the website of the Los Angeles Times in 2013.

CMS

CMS Cybersecurity Government Access

Insurer: Breach Undetected for Nine Years

Data Breach Today

JUNE 26, 2019

Dominion National Says Recently Discovered Incident Dates Back to 2010 A dental and vision insurer's revelation that it recently discovered a 9-year-old data security incident offers an extreme example of the difficulty some organizations have in detecting data breaches.

Insurance

Insurance Data breaches Security IT

Malaysia introduces watershed amendments to Personal Data Protection Act 2010

Data Protection Report

JULY 26, 2024

The PDP Bill, which had been under review by the Malaysian Government for some years, introduces significant changes to Malaysia’s Personal Data Protection Act 2010 (the Malaysian PDPA ), aimed at aligning the Malaysian approach more closely with international data protection regimes.

Personal data

Personal data Data breaches Compliance GDPR

Ke3chang hacking group adds new Ketrum malware to its arsenal

Security Affairs

MAY 28, 2020

In May 2016, researchers from Palo Alto found evidence that the threat actors behind the Operation Ke3chang had been active since at least 2010. The Ketrum 1 sample was uploaded to VirusTotal in December 2019 and has a fake January 7, 2010, timestamp, It implements many features from Okrumand abandons more advanced Okrum features.

IT

IT Military Communications Security

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2010 Workspace ONE UEM patch 20.10.0.23 .” Below is the list of impacted versions: I mpacted Versions Fixed Version 2109 Workspace ONE UEM patch 21.9.0.13 and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27 and above 2101 Workspace ONE UEM patch 21.1.0.27

Access

Access Authentication Cloud Security

RSAC Fireside Chat: Jscrambler levels-up JavaScript security, slows GenAI-fueled privacy loss

The Last Watchdog

JUNE 10, 2024

This brought to mind 2010, the year I wrote news stories for USA TODAY about Mark Zuckerberg declaring privacy was “ no longer a social norm ” and Google CEO Eric Schmidt admitting that Google’s privacy policy was to “ get right up to the creepy line and not cross it.”

Privacy

Privacy Security Mining Data collection

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

BlackTech is a Chinese APT group that has been active since at least 2010 and that known for conducting cyber espionage campaigns in Asia aimed at entities in Hong Kong, Japan, and Taiwan.

Military

Military Government Access Cybersecurity

Expert found 1,236 websites infected with Magecart e-skimmer

Security Affairs

MAY 13, 2020

Security firms have monitored the activities of a dozen groups at least since 2010. . Hacker groups under the Magecart umbrella continue to target e-stores to steal payment card data with software skimmers.

e-Discovery

e-Discovery Security IT

Did Huawei Eavesdrop on KPN Mobile Network?

Sharepoint: IT doesn't kill businesses, people do

Webinars

Trending Sources

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

Webinars

NATO Chief calls for a new strategic to address new challenges

How to Create Unique Customer Journeys to Optimize Business Outcomes

REMnux 7, a Linux toolkit for malware analysts released

CISA shares a catalog of 306 actively exploited vulnerabilities

British Court rejects the US’s request to extradite Julian Assange

Is the recent accident at Iran Natanz nuclear plant a cyber attack?

The cybersecurity researcher Dan Kaminsky has died

Wikileaks founder Julian Assange is free

Payment solutions giant Edenred announces malware infection

Researchers Uncover 'Inception' Flaw in AMD CPUs

330K stolen payment cards and 895K stolen gift cards sold on dark web

Annual Report to Congress on Breaches of Unsecured Protected Health Information

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

A Basic Timeline of the Exchange Mass-Hack

Russia-linked Energetic Bear APT behind San Francisco airport attacks

The author of FastPOS PoS malware pleads guilty

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

SAP Security Patch Day for May 2019 fixes many missing authorization checks

Volvo Cars suffers a data breach. Is it a ransomware attack?

Hospitality Chain McMenamins discloses data breach after ransomware attack

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Google dorks were the root cause of a catastrophic compromise of CIA’s communications

Experts linked ransomware attacks to China-linked APT27

Iranian government blocked Wikipedia Farsi due Coronavirus outbreak

Iran announced to have foiled massive cyberattacks on public services

WeLeakInfo Leaked Customer Payment Info

Colombian authorities arrested hacker behind the Gozi Virus

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Legacy Content Migration: Urgent Need is Largely Invisible

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Crooks target US universities with malware used by nation-state actors

The OpenSSL Project addressed three vulnerabilities

Journalist Matthew Keys is now charged with an attack on a magazine

Insurer: Breach Undetected for Nine Years

Malaysia introduces watershed amendments to Personal Data Protection Act 2010

Ke3chang hacking group adds new Ketrum malware to its arsenal

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

RSAC Fireside Chat: Jscrambler levels-up JavaScript security, slows GenAI-fueled privacy loss

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Expert found 1,236 websites infected with Magecart e-skimmer

Stay Connected