Krebs on Security

MARCH 15, 2021

The biggest potential gold mine for de-anonymizing Maza members is the leak of user numbers for ICQ, an instant messaging service formerly owned by AOL that was widely used by cybercrime forum members up until around 2010. That’s about when AOL sold the platform in 2010 to Russian investor DST for $187.5

Passwords 328

Passwords Mining Data breaches Access 328

Data Breach Today

JUNE 26, 2019

Dominion National Says Recently Discovered Incident Dates Back to 2010 A dental and vision insurer's revelation that it recently discovered a 9-year-old data security incident offers an extreme example of the difficulty some organizations have in detecting data breaches.

Insurance 174

Insurance Data breaches Security IT 174

Data Protection Report

JULY 26, 2024

The PDP Bill, which had been under review by the Malaysian Government for some years, introduces significant changes to Malaysia’s Personal Data Protection Act 2010 (the Malaysian PDPA ), aimed at aligning the Malaysian approach more closely with international data protection regimes.

Personal data 81

Personal data Data breaches Compliance GDPR 81

The Last Watchdog

JUNE 10, 2024

This brought to mind 2010, the year I wrote news stories for USA TODAY about Mark Zuckerberg declaring privacy was “ no longer a social norm ” and Google CEO Eric Schmidt admitting that Google’s privacy policy was to “ get right up to the creepy line and not cross it.”

Privacy 261

Privacy Security Mining Data collection 261

Krebs on Security

AUGUST 2, 2022

com , a malware-based proxy network that has been in existence since at least 2010. Cached versions of the site show that in 2010 the software which powers the network was produced with a copyright of “ Escort Software.” .” NEW SOCKS, SAME OLD SHOES. SocksEscort[.]com ” Super-socks[.]biz

Sales 298

Sales IT Passwords Access 298

Krebs on Security

NOVEMBER 15, 2022

Sources briefed on the investigation into Penchukov said that in 2010 — at a time when the Security Service of Ukraine (SBU) was preparing to serve search warrants on Tank and his crew — Tank received a tip that the SBU was coming to raid his home. “The Americans were unhappy, and a little surprised.

Phishing 309

Phishing Passwords IT Ransomware 309

Krebs on Security

JUNE 25, 2021

“The vulnerability report CVE-2018-18472 affects My Book Live devices originally introduced to the market between 2010 and 2012,” reads a reply from Western Digital that Wizcase posted to its blog. That response also suggested this bug has been present in its devices for at least a decade.

Access 339

Access Marketing IT 339

Krebs on Security

DECEMBER 8, 2021

“My exploit pack is hosted there with 0 problems,” DCReaver2 says of a shady online provider that another member asked about in May 2010. Arrested in 2010, Skorjanc was sentenced to nearly five years in prison for selling and supporting Mariposa, which was used to compromise millions of Microsoft Windows computers.

IT 314

IT Ransomware Mining Government 314

Krebs on Security

JUNE 21, 2023

In 2010, someone with the username Pepyak on the Russian language affiliate forum GoFuckBiz[.]com In 2010, someone with the username Pepyak on the Russian language affiliate forum GoFuckBiz[.]com ” In January 2010, Pepyak asked the GoFuckBiz community where one might find a good USB-based modem in Phuket, Thailand.

e-Delivery 251

e-Delivery Passwords Cybersecurity Sales 251

Krebs on Security

JULY 8, 2019

In 2010, the hottabych_k2 address was used to register the domain name dedserver[.]ru At least four posts made in 2010 to the hosting review service makeserver.ru When Oneiilk2 registered on Exploit in January 2015, he used the email address hottabych_k2@mail.ru. us to help users obfuscate their true online locations. .”

Ransomware 264

Ransomware Passwords Marketing Manufacturing 264

Krebs on Security

JUNE 1, 2023

Fitis’s real-life identity was exposed in 2010 after two of the biggest sponsors of pharmaceutical spam went to war with each other, and large volumes of internal documents, emails and chat records seized from both spam empires were leaked to this author. My fingerprints change beyond recognition every few days. Image: Archive.org.

Healthcare 283

Healthcare Passwords Sales Ransomware 283

The Last Watchdog

JULY 6, 2023

Nuvoton was spun-off as a Winbond Electronics affiliate in July 2008 and went public in September 2010 on the Taiwan Stock Exchange (TWSE). About Nuvoton Technology: Nuvoton Technology Corporation (Nuvoton) was founded to bring innovative semiconductor solutions to the market.

IT 246

IT Computer and Electronics Marketing IoT 246

Schneier on Security

MAY 3, 2024

TEDxPSU 2010: “ Reconceptualizing Security ” TEDxCambridge 2013: “ The Battle for Power on the Internet ” TEDMed 2016: “ Who Controls Your Medical Data ?” I have spoken at several TED conferences over the years. ” I’m putting this here because I want all three links in one place.

Security 111

Security 111

Krebs on Security

SEPTEMBER 8, 2020

Microsoft fixed at least five other serious bugs in Sharepoint versions 2010 through 2019 that also could be used to compromise systems running this software. Security firm Tenable notes that this bug is reminiscent of CVE-2019-0604 , another Sharepoint problem that’s been exploited for cybercriminal gains since April 2019.

Authentication 286

Authentication Security Ransomware IT 286

Security Affairs

SEPTEMBER 30, 2020

Rapid7 reported that 87% of almost 138,000 Exchange 2016 servers and 77% of around 25,000 Exchange 2019 servers are still vulnerable to CVE-2020-0688 attacks, and roughly 54,000 Exchange 2010 servers have not been updated in six years. After Microsoft addressed the flaw experts reportedly observed that APT actors exploiting the flaw.

Authentication 131

Authentication Cybersecurity Risk Security 131

Security Affairs

OCTOBER 9, 2020

. “My thought is that the existing Strategic Concept, which we agreed in 2010, has served NATO well. Having said that, I think we all have to realise that since we agreed the Strategic Concept back in 2010, the world has fundamentally changed.” And it has actually served us well for many years.

Military 134

Military Artificial Intelligence Marketing Security 134

IT Governance

FEBRUARY 3, 2021

Alexander Hall’s internal investigation revealed that criminal hackers obtained the card details, addresses and private correspondences (including details of fees paid) of customers who had used its service before 2010.

Access 138

Access Risk Government IT 138

Krebs on Security

FEBRUARY 11, 2020

Another flaw fixed this month in Microsoft Exchange 2010 through 2019 may merit special attention. The bug could allow attackers to exploit the Exchange Server and execute arbitrary code just by sending a specially crafted email.

Security 58

Security IT 58

Schneier on Security

MARCH 22, 2024

The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the program’s launch in 2010 has reached $59 million. It’s $2M less than in 2022, but it’s still a lot. For Android, the world’s most popular and widely used mobile operating system, the program awarded over $3.4

Security 120

Security IT 120

Security Affairs

NOVEMBER 4, 2021

The oldest vulnerability included in the catalog is the CVE-2010-5326? RCE in SAP NetWeaver Application Server and dates back to 2010. The catalog includes vulnerabilities for products from Adobe, Apple, Atlassian, Cisco, Google, IBM, Microsoft, Nagios, Netgear, Oracle, Pulse Secure, and many other companies.

Cybersecurity 141

Cybersecurity Risk Security IT 141

Krebs on Security

AUGUST 26, 2020

For several years beginning around 2010, a lone teenager in Vietnam named Hieu Minh Ngo ran one of the Internet’s most profitable and popular services for selling “ fullz ,” stolen identity records that included a consumer’s name, date of birth, Social Security number and email and physical address.

Computer and Electronics 360

Computer and Electronics Access IT Data collection 360

Security Affairs

APRIL 11, 2021

.” Reports claim that the attack was launched by Israel-linked hackers, the same state is suspected to have had a main role in the Stuxnet attack that hit the same nuclear plant back in 2010.

Energy and Utilities 139

Energy and Utilities Military IT Security 139

Security Affairs

JANUARY 4, 2021

He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. In 2010, Assange gained unauthorized access to a government computer system of a NATO country and years later he contacted s LulzSec leader who was working for the FBI and provided him a list of targets.

Military 144

Military Government Risk Passwords 144

Krebs on Security

JANUARY 24, 2023

RUSdot is the successor forum to Spamdot , a far more secretive and restricted community where most of the world’s top spammers, virus writers and cybercriminals collaborated for years before the forum imploded in 2010. A Google-translated version of the Rusdot spam forum.

IoT 259

IoT Data breaches Ransomware Access 259

Krebs on Security

JULY 20, 2021

In 2010, Microsoft — in tandem with a number of security researchers — launched a combined technical and legal sneak attack on the Waledac botnet, successfully dismantling it. A screenshot of the “SevAntivir” fake antivirus or “scareware” affiliate program run by Severa.

Government 332

Government Phishing Communications IT 332

Security Affairs

JULY 26, 2020

The toolkit was first released in 2010 by SANS fellow researcher Lenny Zeltser , who is still maintaining the software. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware.

IT 145

IT Security Information Security 145

Security Affairs

JUNE 25, 2024

He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. In 2010, Assange gained unauthorized access to a government computer system of a NATO country and years later he contacted a LulzSec leader who was working for the FBI and provided him a list of targets.

Military 127

Military Passwords Access Government 127

Schneier on Security

DECEMBER 24, 2020

Interesting analysis of China’s efforts to identify US spies: By about 2010, two former CIA officials recalled, the Chinese security services had instituted a sophisticated travel intelligence program, developing databases that tracked flights and passenger lists for espionage purposes. intelligence agencies.

Personal data 144

Personal data Government Security IT 144

Krebs on Security

MARCH 9, 2023

” In 2010, someone using the email address dugidox@gmail.com registered the domain dugidox[.]com. Constella ties dugidox@gmail.com to a number of website registrations, including the Dugidox handle on BlackHatWorld and HackForums, and to IP addresses in Croatia for both. org, which is registered in Mr.

Access 290

Access Passwords Sales Retail 290

Krebs on Security

JUNE 22, 2022

RUSdot is the successor forum to Spamdot , a far more secretive and restricted forum where most of the world’s top spammers, virus writers and cybercriminals collaborated for years before the community’s implosion in 2010. Even today, the RUSdot Mailer is advertised for sale at the top of the RUSdot community forum.

Sales 308

Sales Access Systems administration Marketing 308

Security Affairs

APRIL 24, 2021

On June 16, 2010, he was named by Internet Corporation for Assigned Names and Numbers (ICANN) as one of the Trusted Community Representatives for the DNSSEC root. Dan Kaminsky was very active in the cyber security community, he was a regular speaker at major cybersecurity and hacking conferences, including Black Hat and DEFCON.

Cybersecurity 145

Cybersecurity Security IT Information Security 145

Security Affairs

SEPTEMBER 26, 2023

. “The personal health information that was copied was collected from a large network of mostly Ontario health care facilities and providers regarding fertility, pregnancy, newborn and child health care offered between January 2010 and May 2023.”

Data breaches 137

Data breaches Ransomware Data collection Cybersecurity 137

Security Affairs

AUGUST 1, 2020

The group is active since 2010, when it created in Ukraine by Svyatoslav Bondarenko. The main website was a crime forum that was founded in 2010, it first operated at infraud.cc Chiochiu was a member of the Infraud global cybercrime organization involved in stealing and selling credit card and personal identity data. and infraud.ws.

Personal data 122

Personal data Sales IT Access 122

Security Affairs

NOVEMBER 22, 2019

The Group is independent since June 2010 following the split with Accor. The Payment solutions giant Edenred announced that some of its computing systems have been infected with malware, the company is currently investigating the incident. Edenred is a French company specialized in prepaid corporate services.

Cybersecurity 136

Cybersecurity Government IT Security 136

Krebs on Security

OCTOBER 8, 2019

Other notable vulnerabilities addressed this month include a pair of critical security holes in Microsoft Excel versions 2010-2019 for Mac and Windows, as well as Office 365. These flaws would allow an attacker to install malware just by getting a user to open a booby-trapped Office file.

Security 38

Security IT 38

Krebs on Security

SEPTEMBER 24, 2022

RUSdot is the successor forum to Spamdot , a far more secretive and restricted forum where most of the world’s top spammers, virus writers and cybercriminals collaborated for years before the community’s implosion in 2010.

Data breaches 228

Data breaches Ransomware Information Security Security 228

The Last Watchdog

AUGUST 29, 2023

” While these standards were first published in 2010, they have since been updated for newer threats and became the only Acceptable Means of Compliance (AMC) for airborne avionics systems in 2018 and now mandatory since 2022. For example, as noted previously there’s the ED-202A guidelines in Europe and DO-326A in the U.S.,

Risk 264

Risk Artificial Intelligence Cybersecurity Compliance 264