article thumbnail

Colorado Warns Ransomware Attack Caused Massive Data Breach

Data Breach Today

Information From 2004 to 2020 Exposed for High School Students, Teachers and Others Colorado's Department of Higher Education is warning that it suffered a ransomware attack in June, in which attackers stole personal data on current and past students and teachers, dating from 2004 to 2020.

article thumbnail

Last Watchdog podcast: Unwrapping ‘resilience’ guidance discussed at RSA Conference 2021

The Last Watchdog

I’ve been covering this cybersecurity gathering since 2004 and each year cybersecurity materially advances. Resilience was the theme of RSA Conference 2021 which took place virtually last week. Related: Web attacks spike 62 percent in 2020.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CVE-2021-31166 Windows HTTP flaw also impacts WinRM servers

Security Affairs

The flaw is wormable and affects different versions of Windows 10, Windows Server 2004 and Windows Server 20H2. The WinRM service is enabled by default on Windows servers running versions 2004 or 20H2 for this reason it only poses a serious risk to corporate environments, DeVries explained to BleepingComputer. WinRM *IS* vulnerable.

Security 116
article thumbnail

Lenovo Patches Networking OS Vulnerability Dating Back to 2004

Threatpost

A bug in Lenovo’s Enterprise Networking Operating System could allow an attacker to launch an authentication bypass attack.

article thumbnail

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

The company added that the incident may have impacted those that attended a public institution of higher education in Colorado between 2007-2020, attended a Colorado public high school between 2004-2020, individuals with a Colorado K-12 public school educator license between 2010-2014, participated in the Dependent Tuition Assistance Program from 2009-2013, (..)

article thumbnail

CISA adds 95 flaws to the Known Exploited Vulnerabilities Catalog

Security Affairs

CVE-2004-0210 – Microsoft Windows Privilege Escalation Vulnerability: A privilege elevation vulnerability exists in the POSIX subsystem.

article thumbnail

Security Vulnerabilities in Covert CIA Websites

Schneier on Security

The bulk of the websites that we discovered were active at various periods between 2004 and 2013. In addition, blocks of sequential IP addresses registered to apparently fictitious US companies were used to host some of the websites. All of these flaws would have facilitated discovery by hostile parties. […].

Security 107