Lenovo Patches Networking OS Vulnerability Dating Back to 2004

Threatpost

A bug in Lenovo’s Enterprise Networking Operating System could allow an attacker to launch an authentication bypass attack. Vulnerabilities Web Security authentication bypass BladeCenter ENOS Enterprise Networking Operating System Lenovo OS Vulnerability RackSwitch

Old-School Bagle Worm Spotted in Modern Spam Campaigns

Threatpost

date back to 2004. Bagle.A and Bagle.B Malware Bagle beagle Comodo Malware analysis Spam campaigns

63
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

States Need Way More Money to Fix Crumbling Voting Machines

WIRED Threat Level

“We are driving the same car in 2019 that we were driving in 2004, and the maintenance costs are mounting,” one South Carolina election official told researchers. Security

Maps and Visualization

Adam Shostack

I posted this image in 2004. It’s even more relevant now. While we have a country that is clearly divided, the dividing lines are not so neat as the maps showing states going one way or the other. politics visualization voting

IT 52

This is the old ChiefTech blog.: Articles & Papers

ChiefTech

2004, Supporting collaboration at Ernst & Young (PDF, 372KB): Helping people to use computer mediated communication to work together around the world, in the conference proceedings for KM Challenge 04 , Driving Performance through Knowledge Collaboration, SAI Global, Sydney. 2004, Success at Ernst & Youngs Center for Business Knowledge: Online Collaboration Tools, Knowledge Managers, and a Cooperative Culture, in Madanmohan Rao (ed.), This is the old ChiefTech blog.

Paper 40

One year into the Hightail and OpenText collaboration

OpenText Information Management

Founded in 2004 as YouSendIt, Hightail was originally designed to help individuals and businesses easily and securely transfer large files from one person to another. The solution pioneered a new file sharing industry, set to displace the frustrations faced with attempting to email large documents, uploading to a clunky FTP site, or passing off thumb … The post One year into the Hightail and OpenText collaboration appeared first on OpenText Blogs.

???????????DXC?????FeliCa?????????“?????”????????

DXC

2004??????FeliCa?????????????????NTT????JR???????????????????????????ICAS?????????????2005????????10???NIST???????????????????????????????????????????????????ICAS??????????????????????????????????????????????????????ICAS?????????????????????????????????????????FeliCa?????????????????????? ???????????????????????????????????????????????????????????????????????????????????????Suica???????????????????????IC????????FeliCa?????????????????????FeliCa IC????????FeliCa?????????????????????FeliCa

Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others

Security Affairs

11 out of 16 targets cracked with 23 successful demos: Chrome, Safari, FireFox Adobe PDF Reader Docker-CE, VMware EXSi, Qemu, CentOS 8 iPhone 11 Pro+iOS 14, GalaxyS20 Windows 10 2004 TP-Link, ASUS Router — TianfuCup (@TianfuCup) November 8, 2020.

Investigative Satirist Paul Krassner Interviewed by Steve Post

Archives Blogs

In 2004 WNYC host Steve Post spoke with Krassner, whom he described as “a kind of counter-cultural renaissance man.” This program was first broadcast on June 5, 2004 as a No Show special. . Satirist Paul Krassner passed away this past Sunday. ” Writer, publisher editor, activist, psychedelic explorer, and concert violinist, Krassner considered himself an investigative satirist.

31

The PCLOB Needs a Director

Schneier on Security

The PCLOB was established in 2004 (when it didn't do much), disappeared from 2007-2012, and reconstituted in 2012. The US Privacy and Civil Liberties Oversight Board is looking for a director. Among other things, this board has some oversight role over the NSA. More precisely, it can examine what any executive-branch agency is doing about counterterrorism. So it can examine the program of TSA watchlists, NSA anti-terrorism surveillance, and FBI counterterrorism activities.

IT 56

International data transfers: an opinion the EDPB (probably) won’t publish

Data Protector

One of the consequences of the Scherms II decision is that EU organisations need to take greater care in determining how best to protect the flows of personal data outside the EU.

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

And in 2004, it emerged that identity thieves masquerading as customers of data broker Choicepoint had stolen the personal and financial records of more than 145,000 Americans.

Here’s a Story Where Picking the Right Font Was Never More Important: eDiscovery Trends

eDiscovery Daily

Here’s the problem: the farm declaration, dated 2004, was written in Calibri, while the cottage declaration, dated 1995, was written in Cambria. Per Ars Technica , Cambria was designed no earlier than 2004, while Calibri was designed between 2002 and 2004; both only became widely available in 2007. This is a story that a word geek like me can really appreciate.

Kaspersky

InfoGovNuggets

Questions as to the Kaspersky antivirus software company were raised by military intelligence in 2004, well before the 2013 threat assessment issued Pentagon-wide. “Russian Firm Was Long Seen as Threat,” The Wall Street Journal , November 18, 2017 A2. Who dropped the ball? Did the Russians have an inside track? IT Security Information Value Governance Communications Duty of Care Controls Oversight Access Duty Government Supervision

Sophos Sandboxie is now available as an open-source tool

Security Affairs

” The sandbox was developed by Ronen Tzur and released on June 26, 2004, he sold the solution to Invincea in 2013. Sophos announced the public release of the source code of the sandbox-based isolation program Sandboxie. Sophos is going to release the Windows sandbox-based isolation program Sandboxie in open source. “Sandboxie has long been a favorite sandbox-based isolation tool since its original release over fifteen years ago.

Emergency Preparedness for Local Governments

The Texas Record

2004). It is that time of the year again: hurricane season started on June 1 and runs through November 30. Historically, the peak threat for the Texas coast is in August and September. However, hurricanes have struck the Texas coast during every month of hurricane season. Additionally, due to COVID-19, your agency may be reevaluating your emergency plan(s) concerning your records management functions.

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Security Affairs

Both vulnerabilities were addressed by Microsoft in August, the August 2020 Patch Tuesday security updates fixed the flaws in Windows 10, Windows 7, and Windows Server 2008, 2012, 2016, 2019, and Windows Server versions 1903, 1909, and 2004.

Who is Tech Investor John Bernard?

Krebs on Security

Two years before that, Davies was released from prison after being held in custody for 16 months on suspicion of murdering his new bride in 2004 on their honeymoon in India. John Bernard , the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups , appears to be a pseudonym for John Clifton Davies , a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015.

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

“The ICO has specific responsibilities set out in the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.

GDPR 79

Facebook: is it time we all deleted our accounts?

The Guardian Data Protection

Back in 2004, when a 19-year-old Zuckerberg had just started building Facebook, he sent his Harvard friends a series of instant messages in which he marvelled at the fact that 4,000 people had volunteered their personal information to his nascent social network. The Cambridge Analytica revelations may be the final nudge we need to turn away from the social network.

IT 88

Up to Georgia 2,000 websites have been hit by cyber attacks

Security Affairs

” Mikheil was the third President of Georgia for two consecutive terms from 25 January 2004 to 17 November 2013. A wave of cyber attacks hit 2,000 websites in Georgia, including the sites of the president, courts, and local media. A mysterious wave of cyber attacks hit some 2,000 websites in Georgia, including the websites of the president, courts, and media.

What is ArchiMate?

erwin

Originally based on IEEE 1471 , ArchiMate was developed in the Netherlands as a joint venture between private industry and the Dutch Government between 2002 and 2004.

eNotes: If you build it they will come…15 years later

InfoGoTo

In April of 2004, MERS announced the launch of the eRegistry, the system that would be the holder for the eNote controller and location. Although the technology was available to create, store and process eNotes in 2004, it wasn’t until fifteen years later that the mortgage industry has finally begun to see rapid adoption of the eNote. Over the next few years providers began establishing a market space for eSign, electronic form creation, and eVault capabilities.

Paper 40

Steven Sauer to Lead Toshiba Business Solutions

Document Imaging Report

to Toshiba in 2004, Sauer became president of TBS New York. . Toshiba Executive & Industry Veteran Becomes. President of the Company’s Direct Sales Operation . . LAKE FOREST, Calif., April 15, 2020 — Toshiba America Business Solutions (TABS) today names Steven Sauer president of Toshiba Business Solutions (TBS), the company’s direct sales operation. .

Sales 40

SMBleed could allow a remote attacker to leak kernel memory

Security Affairs

” The SMBleed flaw impacts Windows 10 and Windows Server, versions 1903, 1909 and 2004, previous versions of the Microsoft OS are not affected. Microsoft addressed a Server Message Block (SMB) protocol issue, named SMBleed, that could allow an attacker to leak kernel memory remotely, without authentication.

Q&A: How cutting out buzzwords could actually ease implementation of powerful security tools

The Last Watchdog

Having covered tech security since 2004, I can attest that there is plenty of room for more clarity, and less hype, in security products marketing. The central dilemma posed by digital transformation is this: How do companies reap the benefits of high-velocity software development without creating onerous security exposures? Related: Golden Age of cyber spying dawns.

Mozilla offers bigger rewards for Firefox flaws under its bug bounty program

Security Affairs

Mozilla announced some major changes to its bug bounty program that was first launched in 2004. Mozilla announced some changes to its Firefox bug bounty program, it promises bigger rewards for vulnerabilities and will accept duplicate reports if necessary. The organization paid out $965,750 for roughly 350 vulnerabilities, the average payout for each issue was approximately $2,700.

IT 78

The Great $50M African IP Address Heist

Krebs on Security

That individual — Ernest Byaruhanga — was only the second person hired at AFRINIC back in 2004. A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers.

Facebook Files, Initial Thoughts

John Battelle's Searchblog

Not since Google’s 2004 filing have so many journalists sped-read one document at the same time, eager to glean any possible insight unique to their particular point of view or publication and rush to post it before anyone else. Yes, I’m one of those journalists, I suppose, but I know I have to read this thing for any number of reasons, so I may as well use the race as an excuse to force myself into action.

IT 63

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

In 2004, CIA and Mossad requested help to the the Dutch intelligence to get access to the plant, only in 2007 the mole, who posed as a mechanic working for a front company doing work at Natanz, dropped the virus into the target systems. “[T In 2004, Mossad and the CIA asked for help from AIVD. Journalists revealed the role of a mole recruited by the Dutch intelligence in the US-Israeli Stuxnet attack on the Natanz plant in Iran.

A sad story of pedophilia on how disgusting images fed the web

Security Affairs

This is the story of the LS-Studios, by Alexander Chursin , who had to close his business in 2004 after an FBI raid. The journalist Livio Varriale sheds the light on a story about pedophilia that starts from afar and still today finds its roots in the darker side of the internet. Today, I’m going to tell you a horrible story that dwells on the dark web , a story abou t pedophilia that starts from afar and still today finds its roots in the darker side of the internet.

US will help Baltic states to secure baltic energy grid

Security Affairs

The three states joined both the European Union and NATO in 2004, but they are still part of a power grid controlled by Russia. The United States and Baltic announced cooperation to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. The US and Baltic agreed to cooperate to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid.

Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens

Security Affairs

The certificates are issued in compliance with the Law on Communications 2004 passed in November 2015. Bad news for citizens of Kazakhstan, the government is beginning to intercept all the encrypted traffic, and to do it, it is forcing them to install a certificate. The Kazakhstan government is beginning to intercept all the encrypted traffic and to do it is forcing users in the country to install a certificate.

Congrats AOL

John Battelle's Searchblog

Read my rant asking Time Warner to set it free back in March of 2004 here AOL was finally set free today , years after it should have been. Congrats to the AOL team and Tim Armstrong, and I imagine, to the Time Warner folks who managed to destroy so much value by blaming everything on the merger in the first place (sure, it was a bad deal, but man, AOL was not the reason Time Inc. went south!).

IT 40

NEW TECH: CyCognito employs offensive bot network to put companies a step a head of attackers

The Last Watchdog

I first wrote about criminal botnets at USA TODAY in 2004. When it comes to defending their networks, most companies have had it drilled into them, by now, that it’s essential to erect layered defenses. Related :Promise vs. pitfalls of IoT For small- and mid-sized businesses, firewalls, antivirus suites and access management systems represent the entry stakes for participating in today’s digital economy.

Agile intranet strategies

ChiefTech

I co-wrote this piece for Image & Data Magazine in 2004 (PDF), but its still relevant to the question posted by Andrew Wright on LinkedIn : How should great intranets be developed? Our recommendation back in 2004 was that we should stop searching for intranet perfection, instead work in a way that is more 'agile': Flexibility and the ability to prioritise are key to success.

IT 55

Predictions 2012: The Roundup

John Battelle's Searchblog

2004 Predictions. 2004 How I Did. ( image ) As promised, here are all my predictions in one place. I’ve written a brief overview of each as well. Predictions 2012: #1 – On Twitter and Media. Twitter will become a force as a media company, not just a platform for others’ media. To do so, it will improve its #Discover feature and roll out something like Flipboard. Predictions 2012: #2 – Twitter As Free Radical, Swiss Bank, Arms Merchant…And Google Five Years Ago.

IT 65

Mainframes, Freight Trains and Education Pains

Rocket Software

To be fair, I was in school in the early aughts, from 2001 to 2004; this type of talk was fully accepted. By David Robertson , guest blogger. When I was in college, I had an instructor that, for all intents and purposes, was viewed as a relic. He was a throwback from a time where there wasn’t a computer that wasn’t made by Honeywell, IBM, or Amdahl.

Down under

InfoGovNuggets

Fine of $530 million proposed for bank who failed to catch transfers of money in and out of an account owned by someone who left the country (Australia) in 1999 (and who “had also been charged in Lebanon in 2004 with belonging to a terrorist organization…”). Banks normally monitor ( i.e. , manage) money transfers ( i.e. , information), in part to make sure that nefarious people are not transferring money to other nefarious people.

Last Watchdog’s IoT and ‘zero trust’ coverage win MVP awards from Information Management Today

The Last Watchdog

I’ve been paying close attention to privacy and cybersecurity since 2004, first as a technology reporter at USA TODAY, then as Editor-In-Chief of ThirdCertainty.com, a corporate-underwritten news analysis blog. I’m privileged to share news that two Last Watchdog articles were recognized in the 2019 Information Management Today MVP Awards.