Lenovo Patches Networking OS Vulnerability Dating Back to 2004

Threatpost

A bug in Lenovo’s Enterprise Networking Operating System could allow an attacker to launch an authentication bypass attack. Vulnerabilities Web Security authentication bypass BladeCenter ENOS Enterprise Networking Operating System Lenovo OS Vulnerability RackSwitch

Old-School Bagle Worm Spotted in Modern Spam Campaigns

Threatpost

date back to 2004. Bagle.A and Bagle.B Malware Bagle beagle Comodo Malware analysis Spam campaigns

68
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

States Need Way More Money to Fix Crumbling Voting Machines

WIRED Threat Level

“We are driving the same car in 2019 that we were driving in 2004, and the maintenance costs are mounting,” one South Carolina election official told researchers. Security

Maps and Visualization

Adam Shostack

I posted this image in 2004. It’s even more relevant now. While we have a country that is clearly divided, the dividing lines are not so neat as the maps showing states going one way or the other. politics visualization voting

IT 52

???????????DXC?????FeliCa?????????“?????”????????

DXC

2004??????FeliCa?????????????????NTT????JR???????????????????????????ICAS?????????????2005????????10???NIST???????????????????????????????????????????????????ICAS??????????????????????????????????????????????????????ICAS?????????????????????????????????????????FeliCa??????????????????????

This is the old ChiefTech blog.: Articles & Papers

ChiefTech

2004, Supporting collaboration at Ernst & Young (PDF, 372KB): Helping people to use computer mediated communication to work together around the world, in the conference proceedings for KM Challenge 04 , Driving Performance through Knowledge Collaboration, SAI Global, Sydney. 2004, Success at Ernst & Youngs Center for Business Knowledge: Online Collaboration Tools, Knowledge Managers, and a Cooperative Culture, in Madanmohan Rao (ed.), This is the old ChiefTech blog.

Paper 40

This is the old ChiefTech blog.: The Search for Application Perfection

ChiefTech

Sunday, 16 December 2007 The Search for Application Perfection Back in 2004 I co-authored an article that asked, does the perfect intranet exist ? This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion. Please seek advice for specific circumstances.

Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others

Security Affairs

11 out of 16 targets cracked with 23 successful demos: Chrome, Safari, FireFox Adobe PDF Reader Docker-CE, VMware EXSi, Qemu, CentOS 8 iPhone 11 Pro+iOS 14, GalaxyS20 Windows 10 2004 TP-Link, ASUS Router — TianfuCup (@TianfuCup) November 8, 2020.

Investigative Satirist Paul Krassner Interviewed by Steve Post

Archives Blogs

In 2004 WNYC host Steve Post spoke with Krassner, whom he described as “a kind of counter-cultural renaissance man.” This program was first broadcast on June 5, 2004 as a No Show special. . Satirist Paul Krassner passed away this past Sunday. ” Writer, publisher editor, activist, psychedelic explorer, and concert violinist, Krassner considered himself an investigative satirist.

31

The PCLOB Needs a Director

Schneier on Security

The PCLOB was established in 2004 (when it didn't do much), disappeared from 2007-2012, and reconstituted in 2012. The US Privacy and Civil Liberties Oversight Board is looking for a director. Among other things, this board has some oversight role over the NSA. More precisely, it can examine what any executive-branch agency is doing about counterterrorism. So it can examine the program of TSA watchlists, NSA anti-terrorism surveillance, and FBI counterterrorism activities.

IT 56

Sophos Sandboxie is now available as an open-source tool

Security Affairs

” The sandbox was developed by Ronen Tzur and released on June 26, 2004, he sold the solution to Invincea in 2013. Sophos announced the public release of the source code of the sandbox-based isolation program Sandboxie.

The Updates Must Go Through

Adam Shostack

In 2004, Microsoft shipped the Blaster removal tool to remove a virulent worm. On Monday, the Department of Justice announced that it had cleaned malware (“webshells”) off of hundreds of infected mail systems running Microsoft Exchange. Microsoft has been trying to get folks to apply critical security patches to address a problem that’s being actively exploited. A few minutes ago, I posted a screencapture of Microsoft’s autoupdater going haywire on my Mac.

IT 46

Here’s a Story Where Picking the Right Font Was Never More Important: eDiscovery Trends

eDiscovery Daily

Here’s the problem: the farm declaration, dated 2004, was written in Calibri, while the cottage declaration, dated 1995, was written in Cambria. Per Ars Technica , Cambria was designed no earlier than 2004, while Calibri was designed between 2002 and 2004; both only became widely available in 2007. This is a story that a word geek like me can really appreciate.

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

And in 2004, it emerged that identity thieves masquerading as customers of data broker Choicepoint had stolen the personal and financial records of more than 145,000 Americans.

Emergency Preparedness for Local Governments

The Texas Record

2004). It is that time of the year again: hurricane season started on June 1 and runs through November 30. Historically, the peak threat for the Texas coast is in August and September. However, hurricanes have struck the Texas coast during every month of hurricane season.

International data transfers: an opinion the EDPB (probably) won’t publish

Data Protector

One of the consequences of the Scherms II decision is that EU organisations need to take greater care in determining how best to protect the flows of personal data outside the EU.

Kaspersky

InfoGovNuggets

Questions as to the Kaspersky antivirus software company were raised by military intelligence in 2004, well before the 2013 threat assessment issued Pentagon-wide. “Russian Firm Was Long Seen as Threat,” The Wall Street Journal , November 18, 2017 A2. Who dropped the ball? Did the Russians have an inside track? IT Security Information Value Governance Communications Duty of Care Controls Oversight Access Duty Government Supervision

What is ArchiMate?

erwin

Originally based on IEEE 1471 , ArchiMate was developed in the Netherlands as a joint venture between private industry and the Dutch Government between 2002 and 2004.

Steven Sauer to Lead Toshiba Business Solutions

Document Imaging Report

to Toshiba in 2004, Sauer became president of TBS New York. . Toshiba Executive & Industry Veteran Becomes. President of the Company’s Direct Sales Operation . . LAKE FOREST, Calif.,

Sales 52

Mozilla offers bigger rewards for Firefox flaws under its bug bounty program

Security Affairs

Mozilla announced some major changes to its bug bounty program that was first launched in 2004. Mozilla announced some changes to its Firefox bug bounty program, it promises bigger rewards for vulnerabilities and will accept duplicate reports if necessary.

IT 109

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Security Affairs

Both vulnerabilities were addressed by Microsoft in August, the August 2020 Patch Tuesday security updates fixed the flaws in Windows 10, Windows 7, and Windows Server 2008, 2012, 2016, 2019, and Windows Server versions 1903, 1909, and 2004.

Facebook: is it time we all deleted our accounts?

The Guardian Data Protection

Back in 2004, when a 19-year-old Zuckerberg had just started building Facebook, he sent his Harvard friends a series of instant messages in which he marvelled at the fact that 4,000 people had volunteered their personal information to his nascent social network. The Cambridge Analytica revelations may be the final nudge we need to turn away from the social network.

IT 88

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

“The ICO has specific responsibilities set out in the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.

GDPR 87

SMBleed could allow a remote attacker to leak kernel memory

Security Affairs

” The SMBleed flaw impacts Windows 10 and Windows Server, versions 1903, 1909 and 2004, previous versions of the Microsoft OS are not affected.

Who is Tech Investor John Bernard?

Krebs on Security

Two years before that, Davies was released from prison after being held in custody for 16 months on suspicion of murdering his new bride in 2004 on their honeymoon in India. John Bernard , the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups , appears to be a pseudonym for John Clifton Davies , a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015.

The Great $50M African IP Address Heist

Krebs on Security

That individual — Ernest Byaruhanga — was only the second person hired at AFRINIC back in 2004.

Up to Georgia 2,000 websites have been hit by cyber attacks

Security Affairs

” Mikheil was the third President of Georgia for two consecutive terms from 25 January 2004 to 17 November 2013. A wave of cyber attacks hit 2,000 websites in Georgia, including the sites of the president, courts, and local media. A mysterious wave of cyber attacks hit some 2,000 websites in Georgia, including the websites of the president, courts, and media.

A sad story of pedophilia on how disgusting images fed the web

Security Affairs

This is the story of the LS-Studios, by Alexander Chursin , who had to close his business in 2004 after an FBI raid. The journalist Livio Varriale sheds the light on a story about pedophilia that starts from afar and still today finds its roots in the darker side of the internet.

eNotes: If you build it they will come…15 years later

InfoGoTo

In April of 2004, MERS announced the launch of the eRegistry, the system that would be the holder for the eNote controller and location. Although the technology was available to create, store and process eNotes in 2004, it wasn’t until fifteen years later that the mortgage industry has finally begun to see rapid adoption of the eNote. Over the next few years providers began establishing a market space for eSign, electronic form creation, and eVault capabilities.

Paper 40

Q&A: How cutting out buzzwords could actually ease implementation of powerful security tools

The Last Watchdog

Having covered tech security since 2004, I can attest that there is plenty of room for more clarity, and less hype, in security products marketing. The central dilemma posed by digital transformation is this: How do companies reap the benefits of high-velocity software development without creating onerous security exposures? Related: Golden Age of cyber spying dawns.

NEW TECH: CyCognito employs offensive bot network to put companies a step a head of attackers

The Last Watchdog

I first wrote about criminal botnets at USA TODAY in 2004. When it comes to defending their networks, most companies have had it drilled into them, by now, that it’s essential to erect layered defenses.

Domestic Kitten has been conducting surveillance targeting over 1,000 individuals

Security Affairs

The Infy malware was first submitted to VirusTotal on August 2007, meanwhile, the C&C domain used by the oldest sample spotted by the experts has been associated with a malicious campaign dated back December 2004.

Facebook Files, Initial Thoughts

John Battelle's Searchblog

Not since Google’s 2004 filing have so many journalists sped-read one document at the same time, eager to glean any possible insight unique to their particular point of view or publication and rush to post it before anyone else. Yes, I’m one of those journalists, I suppose, but I know I have to read this thing for any number of reasons, so I may as well use the race as an excuse to force myself into action.

IT 63

US will help Baltic states to secure baltic energy grid

Security Affairs

The three states joined both the European Union and NATO in 2004, but they are still part of a power grid controlled by Russia. The United States and Baltic announced cooperation to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. The US and Baltic agreed to cooperate to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid.

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

In 2004, CIA and Mossad requested help to the the Dutch intelligence to get access to the plant, only in 2007 the mole, who posed as a mechanic working for a front company doing work at Natanz, dropped the virus into the target systems. “[T In 2004, Mossad and the CIA asked for help from AIVD. Journalists revealed the role of a mole recruited by the Dutch intelligence in the US-Israeli Stuxnet attack on the Natanz plant in Iran.

Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens

Security Affairs

The certificates are issued in compliance with the Law on Communications 2004 passed in November 2015. Bad news for citizens of Kazakhstan, the government is beginning to intercept all the encrypted traffic, and to do it, it is forcing them to install a certificate. The Kazakhstan government is beginning to intercept all the encrypted traffic and to do it is forcing users in the country to install a certificate.

New Book Supports Library Staff and Students to Develop in their Roles as Teachers

CILIP

Since 2004, her advanced teaching librarian course on the MLIS and Diploma programmes at UCD has prepared trainee librarians for the instructional work that is increasingly part of their professional remit in different sectors.

Congrats AOL

John Battelle's Searchblog

Read my rant asking Time Warner to set it free back in March of 2004 here AOL was finally set free today , years after it should have been. Congrats to the AOL team and Tim Armstrong, and I imagine, to the Time Warner folks who managed to destroy so much value by blaming everything on the merger in the first place (sure, it was a bad deal, but man, AOL was not the reason Time Inc. went south!).

IT 40

Agile intranet strategies

ChiefTech

I co-wrote this piece for Image & Data Magazine in 2004 (PDF), but its still relevant to the question posted by Andrew Wright on LinkedIn : How should great intranets be developed? Our recommendation back in 2004 was that we should stop searching for intranet perfection, instead work in a way that is more 'agile': Flexibility and the ability to prioritise are key to success.

IT 55

Mainframes, Freight Trains and Education Pains

Rocket Software

To be fair, I was in school in the early aughts, from 2001 to 2004; this type of talk was fully accepted. By David Robertson , guest blogger. When I was in college, I had an instructor that, for all intents and purposes, was viewed as a relic.