2003 and IT - Information Management Today

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Krebs on Security

MAY 14, 2019

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003 , citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

Ransomware

Ransomware Authentication Security IT

Source Code of Windows XP, Server 2003 leaked

Security Affairs

SEPTEMBER 25, 2020

The source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on bulletin board website 4chan. The source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on the bulletin board website 4chan. MS-DOS 6.0. .

IT

IT Security Data breaches

Mimecast Appoints Marc van Zadelhoff as New CEO

Data Breach Today

JANUARY 16, 2024

Leadership Transition Comes After 21 Years Under Peter Bauer as CEO Mimecast, the cloud security firm specializing in email and cyber resilience, appointed a new CEO after co-founder Peter Bauer served in the chief executive role since its inception in 2003. The leadership transition comes less than two years after the company went private.

Cloud

Cloud Security IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs

Security Affairs

SEPTEMBER 30, 2020

Last week, the source code for MS Windows XP and Windows Server 2003 OSs were leaked online, now a developer successfully compiled them. Last week, the source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on the bulletin board website 4chan. Windows NT 4 MS-DOS 3.30

IT

IT Security Information Security

Details of 1st Government Hack Are Disclosed, 20 Years Later

Data Breach Today

JUNE 30, 2023

The 2003 Cyberattack Has Been Linked to a State-Sponsored Cyberespionage Campaign The United Kingdom's national cybersecurity agency on Friday marked the 20th anniversary of its response to the first-ever cyberattack against the government by disclosing how government agencies responded.

Government

Government Cybersecurity Security IT

To Prevent Another WannaCry, Microsoft Patches Old OSs

Data Breach Today

MAY 15, 2019

Vulnerability in XP, Windows 7 and Server 2008 Could Be 'Wormable' Microsoft has taken the extraordinary step of issuing patches for its old XP, Windows 2003, Windows 7 and Windows Server 2008 operating systems. The problem is an easy-to-exploit Remote Desktop Services vulnerability that could be turned into a worm.

IT

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

In March 2020, the DOJ unsealed two criminal hacking indictments against Kislitsin, who was then head of security at Group-IB , a cybersecurity company that was founded in Russia in 2003 and operated there for more than a decade before relocating to Singapore. Department of Justice. Nikita Kislitsin, at a security conference in Russia.

Cybersecurity

Cybersecurity Passwords Government Security

First American Mortgage Faces NY Regulator Inquiry, Lawsuit

Data Breach Today

JUNE 3, 2019

The company is also offering free credit monitoring for anyone who used its title and settlement services since 2003. Pressure Mounts on Title Company That Exposed 885 Million Records Online First American Mortgage Corp.,

Insurance

Insurance IT

It's time for a serious debate about vaccine passports | Shami Chakrabarti

The Guardian Data Protection

JULY 24, 2021

Related: After Covid, the climate crisis will be the next thing the right says we ‘just have to live with’ | Aditya Chakrabortty Lady Shami Chakrabarti was shadow attorney general for England and Wales from 2016 to 2020, and was director of Liberty from 2003 to 2016 Continue reading.

IT

IT Government Access

First American Faces NY Regulator, Lawsuit Over Exposure

Data Breach Today

JUNE 3, 2019

The company is also offering free credit monitoring for anyone who used its title and settlement services since 2003. Pressure Mounts on Title Company that Exposed 885 Million Records Online First American Mortgage Corp.,

Insurance

Insurance IT

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

Icamis promoted his services in 2003 — such as bulk-domains[.]info A search on “icamis.ru” in Google brings up a 2003 post by him on a discussion forum designed by and for students of Amtek , a secondary school in Cherepovets (Icamis was commenting from an Internet address in Cherepovets). w s, icamis[.]ru

Computer and Electronics

Computer and Electronics Passwords Sales Government

A Trippy Visualization Charts the Internet's Growth

WIRED Threat Level

FEBRUARY 21, 2021

In 2003, Barrett Lyon created a map of the internet. In 2021, he did it again—and showed just how quickly it's expanded.

IT

IT Security

Is AIIM Membership Worth It? Pros and Cons

AIIM

JUNE 16, 2020

I co-presented a session at AIIM 2003. Even though I’ve been an AIIM staff for more than 9 years, I continue to pay for my professional membership out of my own pocket. So it’s pretty obvious that I see the value of an AIIM membership, but you’re here to figure out if it’s worth it for YOU. The Cons of AIIM Professional Membership.

IT

IT Mining Content services GDPR

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Dragos researchers were also able to recover the password using the exploit over Ethernet, significantly increasing the severity of the flaw, tracked as CVE-2022-2003. The CVE-2022-2003 was responsibly disclosed to Automation Direct and the vendor addressed it with the release of a firmware update.

Passwords

Passwords Mining IT Security

Declassified NSA Newsletters

Schneier on Security

APRIL 2, 2024

Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA’s KRYPTOS Society Newsletter, “ Tales of the Krypt ,” from 1994 to 2003. There are many interesting things in the 800 pages of newsletter. There are many redactions. Schneier gives prominence to applications with large sections.on

FOIA

FOIA IT Security

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

had exposed approximately 885 million records related to mortgage deals going back to 2003. In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. First American Financial Corp. Santa Ana, Calif.-based It employs some 18,000 people and brought in $6.2 billion in 2019.

Insurance

Insurance Financial Services Mining Access

DHS CISA urges government agencies to fix SIGRed Windows Server DNS bug within 24h

Security Affairs

JULY 17, 2020

on the CVSS scale and affects Windows Server versions 2003 to 2019. in the Windows DNS server that affects Windows Server versions 2003 to 2019, and can be triggered by a malicious DNS response. The bug affects the DNS server component that ships with all Windows Server versions from 2003 to 2019. ” states Krebs.

Government

Government Security Cybersecurity IT

American Bar Association (ABA) suffered a data breach,1.4 million members impacted

Security Affairs

APRIL 21, 2023

The security breach was detected on March 17, 2003 and according to the company the intrusion begun on or about March 6, 2023. The security breach was detected on March 17, 2003 and according to the company the intrusion begun on or about March 6, 2023. The ABA has 166,000 members as of 2022.

Data breaches

Data breaches Passwords Cybersecurity Education

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Krebs on Security

SEPTEMBER 1, 2021

Between 2003 and 2006, Corpse focused on selling and supporting his Haxdoor malware. But roughly two weeks ago, VIP72’s online storefront — which ironically enough has remained at the same U.S.-based based Internet address for more than a decade — simply vanished. The domain Vip72[.]org

Sales

Sales Passwords Marketing IT

Ubiquitous Surveillance by ICE

Schneier on Security

JULY 7, 2022

Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government’s larger push to amass as much information as possible about all of our lives.

Privacy

Privacy Government Access IT

What Are the Penalties for FACTA Noncompliance

Record Nations

AUGUST 4, 2020

The Fair and Accurate Credit Transactions Act, FACTA, was enacted in 2003 by the Federal Trade Commission (FTC). Businesses collect lots data on a daily basis. Whether it’s business, employee, or customer information, it’s important to keep this data secure.

Compliance

Compliance Privacy Security IT

ICE Is a Domestic Surveillance Agency

Schneier on Security

MAY 11, 2022

Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government’s larger push to amass as much information as possible about all of our lives.

Government

Government Access IT Security

A million at risk from user data leak at Korean beauty platform PowderRoom

Security Affairs

MARCH 23, 2023

Established in 2003, PowderRoom is a South Korean beauty content platform connecting 3.5 South Korean beauty content platform, PowderRoom, has leaked the personal information of nearly one million people. Researchers estimate that the database was publicly available for over a year.

Risk

Risk Metadata Manufacturing Personal data

SEC Investigating Data Leak at First American Financial Corp.

Krebs on Security

AUGUST 12, 2019

that exposed more than 885 million personal and financial records tied to mortgage deals going back to 2003, KrebsOnSecurity has learned. Securities and Exchange Commissio n (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. First American Financial Corp.

Insurance

Insurance Access Authentication Cybersecurity

Experts devised a new attack to bypass Microsoft PatchGuard

Security Affairs

MAY 31, 2021

The feature was first introduced in 2005 with the x64 editions of Windows XP and Windows Server 2003 Service Pack 1. Kento published technical details of its attack in a blog post and also released proof-of-concept (PoC) code for his attack. ” reported The Record. . ” reported The Record.

Security

Security IT Cybersecurity Information Security

On Software Liabilities

Schneier on Security

FEBRUARY 8, 2024

In 2003, I wrote : Clearly this isn’t all or nothing. Expanding on the idea of building codes for building code, Section 4 shows some examples of product-focused standards from other fields. It specifically calls out the list of common software weaknesses tracked by the MITRE Corporation under a government contract.

Paper

Paper Cybersecurity Government Security

GUEST ESSAY: The Top 5 online privacy and data security threats faced by the elderly

The Last Watchdog

JUNE 9, 2022

He has been a member of the California State Bar since 2003. What is it about the elderly that makes them such attractive targets for cybercriminals? A variety of factors play a role. Related: The coming of bio-digital twins. Now add psychological variables to the mix of assets worth stealing.

Privacy

Privacy Security Phishing Insurance

1.9 million+ records from the FBI’s terrorist watchlist available online

Security Affairs

AUGUST 17, 2021

The list is extracted by the e FBI Terrorist Screening Center (TSC) , a database used since 2003 by US feds and other agencies to track individuals who are “known or reasonably suspected of being involved in terrorist activities.”. In any case, any thoughts as of where to responsibly report? The exposed Elasticsearch cluster contained 1.9

e-Discovery

e-Discovery Access Government Security

Expert developed a MetaSploit module for the BlueKeep flaw

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. This Metasploit module doesn’t work against Windows Server 2003. Rough draft MSF module. Still too dangerous to release, lame sorry. Maybe after first mega-worm?

Authentication

Authentication Ransomware Security IT

US disrupts Russia-linked Snake implant’s network

Security Affairs

MAY 10, 2023

The development of the Snake malware, aka Uroburos , started in late 2003 and was completed in early 2004. The malware uses custom communications protocols designed to avoid detection. The threat is continuously upgraded and the authors re-designed it after the public disclosures. ” reads the advisory.

Government

Government Libraries Cybersecurity Security

In an Eagerly Anticipated Decision, the Ninth Circuit Sides With Web Scrapers

Data Matters

SEPTEMBER 19, 2019

The Ninth Circuit’s decision arose from a dispute between LinkedIn and a company called hiQ Labs. hiQ Labs is a data analytics company that scrapes publicly accessible LinkedIn user profiles and analyzes that information for its customers, either by summarizing their workforce’s skill set or identifying those employees most likely to leave.

Access

Access Analytics Authentication Passwords

Microsoft fixes critical wormable RCE SigRed in Windows DNS servers

Security Affairs

JULY 14, 2020

on the CVSS scale and affects Windows Server versions 2003 to 2019. in the Windows DNS server that affects Windows Server versions 2003 to 2019, and can be triggered by a malicious DNS response. in the Windows DNS server that affects Windows Server versions 2003 to 2019, and can be triggered by a malicious DNS response.

IT

IT Risk Security Information Security

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

OCTOBER 16, 2020

“The ICO has specific responsibilities set out in the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003. This is the largest fine the British ICO has ever issued.

GDPR

GDPR Personal data Data breaches Communications

PRIVATELOG, a new malware that leverages Common Log File System (CLFS) to avoid detection

Security Affairs

SEPTEMBER 3, 2021

It was introduced with Windows Server 2003 R2 and included in later Windows operating systems. Common Log File System (CLFS) is a general-purpose logging subsystem that is accessible to both kernel-mode as well as user-mode applications for building high-performance transaction logs. ” explained Mandiant researchers.

Encryption

Encryption Access Cybersecurity IT

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

“That extradition should be refused because it would be unjust and oppressive by reason of Mr. Assange’s mental condition and the high risk of suicide pursuant to section 91 of the EA 2003;” said District Judge (Magistrates’ Court) Vanessa Baraitser In the Westminster Magistrates’ Court.

Military

Military Government Risk Passwords

Security Affairs newsletter Round 284

Security Affairs

OCTOBER 4, 2020

Gallagher (AJG) insurance giant discloses ransomware attack FBI and CISA warn of disinformation campaigns about the hack of voter systems Maritime transport and logistics giant CMA CGM hit with ransomware QNAP urges users to update NAS firmware and app to prevent infections Ransomware attack on Tyler Technologies might be worse than initially thought (..)

Security

Security Ransomware Insurance Information Security

New Case Sheds Further Light on the Definition of Autodialer under the TCPA

Data Matters

AUGUST 1, 2018

The FCC had said in orders in 2003 and 2008 that the TCPA’s definition of auto-dialer was broad enough to cover predictive dialers. Circuit struck down the FCC’s overbroad rule defining “auto-dialers” under the Telephone Consumer Protection Act, district courts have debated the scope of the D.C. The plaintiff in the case, Pinkus v.

Sales

Sales Privacy IT Marketing

Measuring the Security of IoT Devices

Schneier on Security

OCTOBER 3, 2019

Data Collected: 22 Vendors 1,294 Products 4,956 Firmware versions 3,333,411 Binaries analyzed Date range of data: 2003-03-24 to 2019-01-24 (varies by vendor, most up to 2018 releases). [.]. This dataset contains products such as home routers, enterprise equipment, smart cameras, security devices, and more.

IoT

IoT Security Data collection Government

Trial Court Examines Stored Communications Act Applicability to Offline Mobile Phone

DLA Piper Privacy Matters

MARCH 22, 2021

2003)); Hilderman v. The Electronic Communications Privacy Act (ECPA) is a law noted for its complexity, and the second portion of it, the Stored Communications Act (SCA) is no exception. One of the complexities of ECPA as a whole is that its definitions are simultaneously precise and ambiguous. In Loughnane v. Services, Inc.

Communications

Communications Computer and Electronics Access Privacy

Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Security Affairs

MARCH 14, 2022

According to reports, in 2003, as deputy head of the presidential administration, he was a co-initiator of the legal prosecution and ultimately the breakup of what was once the largest oil company, Yukos.” The Anonymous hacker collective claimed to have hacked the German branch of the Russian energy giant Rosneft. Pierluigi Paganini.

Information Security

Information Security Security Access IT

Make My Baby - Is The Baby Facebook? Updated: No, It's Myspace.

John Battelle's Searchblog

JANUARY 18, 2011

Back in the days when Google and its rival Overture were on the rise (this would be pre-IPO for Google, so around 2002-3), an army of small time arbitragers were gathering, leveraging Adwords (and in 2003, Adsense) to make money in any number of ways. To me, that would be a sign that Facebook was breaking out just like Google did in 2003.

IT

IT Insurance

Gartner 2018 IDPS Magic Quadrant: Alert Logic Places as Challenger

Adapture

APRIL 30, 2019

In fact, Gartner predicted the demise of the entire precursor to this category back in 2003 because, at the time, intrusion prevention systems (IPS) and intrusion detection systems (IDS) were just not delivering the [ ] The post Gartner 2018 IDPS Magic Quadrant: Alert Logic Places as Challenger appeared first on ADAPTURE.

IT

IT Security

LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach

Krebs on Security

JUNE 4, 2019

Medical testing giant LabCorp. said today personal and financial data on some 7.7 million consumers were exposed by a breach at a third-party billing collections firm. Just a few days ago, the news was all about how Quest had suffered a major breach. But today’s disclosure by LabCorp. In a filing today with the U.S. 1, 2018 and March 30, 2019.

Insurance

Insurance Data Privacy Access Security

We've (Still) Lost the Backlink, and I For One Want It Back.

John Battelle's Searchblog

DECEMBER 16, 2010

Well, if not, that's how it was back in 2003 or so, when I started blogging. Remember back in the halcyon days of the web, when bloggers shared a sense of community with each other, linking back and forth to each other as a matter of social grace and conversation, as opposed to calculated consideration? It's also gone for most of the web.

IT

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Source Code of Windows XP, Server 2003 leaked

Webinars

Trending Sources

Mimecast Appoints Marc van Zadelhoff as New CEO

Webinars

Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs

Details of 1st Government Hack Are Disclosed, 20 Years Later

To Prevent Another WannaCry, Microsoft Patches Old OSs

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

First American Mortgage Faces NY Regulator Inquiry, Lawsuit

It's time for a serious debate about vaccine passports | Shami Chakrabarti

First American Faces NY Regulator, Lawsuit Over Exposure

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

A Trippy Visualization Charts the Internet's Growth

Is AIIM Membership Worth It? Pros and Cons

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Declassified NSA Newsletters

NY Charges First American Financial for Massive Data Leak

DHS CISA urges government agencies to fix SIGRed Windows Server DNS bug within 24h

American Bar Association (ABA) suffered a data breach,1.4 million members impacted

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Ubiquitous Surveillance by ICE

What Are the Penalties for FACTA Noncompliance

ICE Is a Domestic Surveillance Agency

A million at risk from user data leak at Korean beauty platform PowderRoom

SEC Investigating Data Leak at First American Financial Corp.

Experts devised a new attack to bypass Microsoft PatchGuard

On Software Liabilities

GUEST ESSAY: The Top 5 online privacy and data security threats faced by the elderly

1.9 million+ records from the FBI’s terrorist watchlist available online

Expert developed a MetaSploit module for the BlueKeep flaw

US disrupts Russia-linked Snake implant’s network

In an Eagerly Anticipated Decision, the Ninth Circuit Sides With Web Scrapers

Microsoft fixes critical wormable RCE SigRed in Windows DNS servers

Britain’s information commissioner fines British Airways for 2018 Hack

PRIVATELOG, a new malware that leverages Common Log File System (CLFS) to avoid detection

British Court rejects the US’s request to extradite Julian Assange

Security Affairs newsletter Round 284

New Case Sheds Further Light on the Definition of Autodialer under the TCPA

Measuring the Security of IoT Devices

Trial Court Examines Stored Communications Act Applicability to Offline Mobile Phone

Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Make My Baby - Is The Baby Facebook? Updated: No, It's Myspace.

Gartner 2018 IDPS Magic Quadrant: Alert Logic Places as Challenger

LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach

We've (Still) Lost the Backlink, and I For One Want It Back.

Stay Connected