Lenovo Patches Networking OS Vulnerability Dating Back to 2004

Threatpost

A bug in Lenovo’s Enterprise Networking Operating System could allow an attacker to launch an authentication bypass attack. Vulnerabilities Web Security authentication bypass BladeCenter ENOS Enterprise Networking Operating System Lenovo OS Vulnerability RackSwitch

Old-School Bagle Worm Spotted in Modern Spam Campaigns

Threatpost

date back to 2004. Bagle.A and Bagle.B Malware Bagle beagle Comodo Malware analysis Spam campaigns

67
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

States Need Way More Money to Fix Crumbling Voting Machines

WIRED Threat Level

“We are driving the same car in 2019 that we were driving in 2004, and the maintenance costs are mounting,” one South Carolina election official told researchers. Security

Last Watchdog podcast: Unwrapping ‘resilience’ guidance discussed at RSA Conference 2021

The Last Watchdog

I’ve been covering this cybersecurity gathering since 2004 and each year cybersecurity materially advances. Resilience was the theme of RSA Conference 2021 which took place virtually last week. Related: Web attacks spike 62 percent in 2020. By the same token, the difficulties of defending modern IT systems has redoubled as organizations try to balance security and productivity. The outside pressures are indeed as daunting as ever.

Maps and Visualization

Adam Shostack

I posted this image in 2004. It’s even more relevant now. While we have a country that is clearly divided, the dividing lines are not so neat as the maps showing states going one way or the other. politics visualization voting

IT 52

CVE-2021-31166 Windows HTTP flaw also impacts WinRM servers

Security Affairs

The flaw is wormable and affects different versions of Windows 10, Windows Server 2004 and Windows Server 20H2. The wormable CVE-2021-31166 vulnerability in the HTTP Protocol Stack of the Windows IIS server also affects WinRM on Windows 10 and Server systems.

Risk 111

This is the old ChiefTech blog.: Articles & Papers

ChiefTech

2004, Supporting collaboration at Ernst & Young (PDF, 372KB): Helping people to use computer mediated communication to work together around the world, in the conference proceedings for KM Challenge 04 , Driving Performance through Knowledge Collaboration, SAI Global, Sydney. 2004, Success at Ernst & Youngs Center for Business Knowledge: Online Collaboration Tools, Knowledge Managers, and a Cooperative Culture, in Madanmohan Rao (ed.), This is the old ChiefTech blog.

Paper 40

???????????DXC?????FeliCa?????????“?????”????????

DXC

2004??????FeliCa?????????????????NTT????JR???????????????????????????ICAS?????????????2005????????10???NIST???????????????????????????????????????????????????ICAS??????????????????????????????????????????????????????ICAS?????????????????????????????????????????FeliCa??????????????????????

This is the old ChiefTech blog.: The Search for Application Perfection

ChiefTech

Sunday, 16 December 2007 The Search for Application Perfection Back in 2004 I co-authored an article that asked, does the perfect intranet exist ? This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion. Please seek advice for specific circumstances.

One year into the Hightail and OpenText collaboration

OpenText Information Management

Founded in 2004 as YouSendIt, Hightail was originally designed to help individuals and businesses easily and securely transfer large files from one person to another. The solution pioneered a new file sharing industry, set to displace the frustrations faced with attempting to email large documents, uploading to a clunky FTP site, or passing off thumb … The post One year into the Hightail and OpenText collaboration appeared first on OpenText Blogs.

Microsoft Patch Tuesday, July 2021 Edition

Krebs on Security

“Both core and full installations are affected back to Windows Server 2008, including versions 2004 and 20H2,” said Aleks Haugom , also with Automox. Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software.

IT 232

Expert released PoC exploit code for Windows CVE-2021-31166 bug

Security Affairs

The flaw is wormable and affects different versions of Windows 10, Windows Server 2004 and Windows Server 20H2. A security researcher has published a working proof-of-concept exploit code for a wormable Windows IIS server vulnerability tracked as CVE-2021-31166.

CISA adds 95 flaws to the Known Exploited Vulnerabilities Catalog

Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 95 vulnerabilities to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 95 vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spam Kingpin Peter Levashov Gets Time Served

Krebs on Security

In this paid ad from 2004, Severa lists prices to rent his spam botnet. Peter Levashov, appearing via Zoom at his sentencing hearing today.

GUEST ESSAY: What everyone can — and should — do to mark Cybersecurity Awareness Month

The Last Watchdog

NCSAM launched in 2004, at a time where technology was nowhere near where it is today. With new technological advancements comes a need for heightened security measures. Plenty of criminals are searching for vulnerabilities in networks, so it shouldn’t come as a surprise that cybersecurity issues have become more prevalent. Related: President Biden issues cybersecurity executive order.

Investigative Satirist Paul Krassner Interviewed by Steve Post

Archives Blogs

In 2004 WNYC host Steve Post spoke with Krassner, whom he described as “a kind of counter-cultural renaissance man.” This program was first broadcast on June 5, 2004 as a No Show special. . Satirist Paul Krassner passed away this past Sunday. ” Writer, publisher editor, activist, psychedelic explorer, and concert violinist, Krassner considered himself an investigative satirist.

SHARED INTEL: A foolproof consumer’s guide to creating and managing bulletproof passwords

The Last Watchdog

I’ve had a password manager in place since 2004. It can be a real hassle to keep track of the passwords you use. So many people use the same combination of username and password for every account. However, this isn’t a good idea. In fact, it’s terrible. Related: Kaseya hack exacerbates supply chain exposures. You see, these days, many data breaches could be traced back to people using the same password across multiple accounts.

The PCLOB Needs a Director

Schneier on Security

The PCLOB was established in 2004 (when it didn't do much), disappeared from 2007-2012, and reconstituted in 2012. The US Privacy and Civil Liberties Oversight Board is looking for a director. Among other things, this board has some oversight role over the NSA. More precisely, it can examine what any executive-branch agency is doing about counterterrorism. So it can examine the program of TSA watchlists, NSA anti-terrorism surveillance, and FBI counterterrorism activities.

Google to Acquire Mandiant; EDR Acquisition Next?

eSecurity Planet

“Since our founding in 2004, Mandiant’s mission has been to combat cyber attacks and protect our customers from the latest threats. Google today announced that it has agreed to acquire Mandiant for roughly $5.4 billion to bolster its cloud security.

Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others

Security Affairs

11 out of 16 targets cracked with 23 successful demos: Chrome, Safari, FireFox Adobe PDF Reader Docker-CE, VMware EXSi, Qemu, CentOS 8 iPhone 11 Pro+iOS 14, GalaxyS20 Windows 10 2004 TP-Link, ASUS Router — TianfuCup (@TianfuCup) November 8, 2020.

FireEye, Mandiant to Split in $1.2 Billion Deal

eSecurity Planet

Mandia will become CEO of Mandiant, the company he founded in 2004 and sold to FireEye in late 2013. FireEye is selling its core cybersecurity products to a group led by private equity firm Symphony Technology Group (STG) in order to focus on its Mandiant threat response and services group.

Sales 59

If data is the new oil, ISO 20022 is the new gasoline

IBM Big Data Hub

ISO 20022 was first introduced in 2004 to provide more standardization and deliver richer information for Financial Services transactions. The phrase ‘data is the new oil’ has been widely used in the last number of years, but in an unrefined state, it has limited use.

Here’s a Story Where Picking the Right Font Was Never More Important: eDiscovery Trends

eDiscovery Daily

Here’s the problem: the farm declaration, dated 2004, was written in Calibri, while the cottage declaration, dated 1995, was written in Cambria. Per Ars Technica , Cambria was designed no earlier than 2004, while Calibri was designed between 2002 and 2004; both only became widely available in 2007. This is a story that a word geek like me can really appreciate.

Sophos Sandboxie is now available as an open-source tool

Security Affairs

” The sandbox was developed by Ronen Tzur and released on June 26, 2004, he sold the solution to Invincea in 2013. Sophos announced the public release of the source code of the sandbox-based isolation program Sandboxie.

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

And in 2004, it emerged that identity thieves masquerading as customers of data broker Choicepoint had stolen the personal and financial records of more than 145,000 Americans.

Kaspersky

InfoGovNuggets

Questions as to the Kaspersky antivirus software company were raised by military intelligence in 2004, well before the 2013 threat assessment issued Pentagon-wide. “Russian Firm Was Long Seen as Threat,” The Wall Street Journal , November 18, 2017 A2. Who dropped the ball? Did the Russians have an inside track? IT Security Information Value Governance Communications Duty of Care Controls Oversight Access Duty Government Supervision

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Security Affairs

Both vulnerabilities were addressed by Microsoft in August, the August 2020 Patch Tuesday security updates fixed the flaws in Windows 10, Windows 7, and Windows Server 2008, 2012, 2016, 2019, and Windows Server versions 1903, 1909, and 2004.

International data transfers: an opinion the EDPB (probably) won’t publish

Data Protector

One of the consequences of the Scherms II decision is that EU organisations need to take greater care in determining how best to protect the flows of personal data outside the EU.

Who is Tech Investor John Bernard?

Krebs on Security

Two years before that, Davies was released from prison after being held in custody for 16 months on suspicion of murdering his new bride in 2004 on their honeymoon in India. John Bernard , the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups , appears to be a pseudonym for John Clifton Davies , a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015.

Different Years, Always New: The New Year in Photos

Unwritten Record

However, consider how different the New Year celebrations looked in 2004, 1952, 1943, and even 1869. 31, 2004. As we move into 2022, celebrations of the New Year take shape in many different forms.

Facebook: is it time we all deleted our accounts?

The Guardian Data Protection

Back in 2004, when a 19-year-old Zuckerberg had just started building Facebook, he sent his Harvard friends a series of instant messages in which he marvelled at the fact that 4,000 people had volunteered their personal information to his nascent social network. The Cambridge Analytica revelations may be the final nudge we need to turn away from the social network.

IT 88

Turla APT group used a new backdoor in attacks against Afghanistan, Germany and the US

Security Affairs

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2004 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations.

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

“The ICO has specific responsibilities set out in the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.

GDPR 108

What is ArchiMate?

erwin

Originally based on IEEE 1471 , ArchiMate was developed in the Netherlands as a joint venture between private industry and the Dutch Government between 2002 and 2004.

Steven Sauer to Lead Toshiba Business Solutions

Info Source

to Toshiba in 2004, Sauer became president of TBS New York. . Toshiba Executive & Industry Veteran Becomes. President of the Company’s Direct Sales Operation . . LAKE FOREST, Calif.,

Sales 52

The Great $50M African IP Address Heist

Krebs on Security

That individual — Ernest Byaruhanga — was only the second person hired at AFRINIC back in 2004.

Standard contractual clauses and data transfers after Schrems II: EDPB-EDPS Joint Opinion on Draft SCCs

DLA Piper Privacy Matters

The Draft SCCs would repeal the existing SCCs (dating from 2001, 2004 and 2010) and would introduce one set of modular SCCs, useable in the four different scenarios or “modules” (either controller to controller, controller to processor, processor to processor, or processor to controller).

Mozilla offers bigger rewards for Firefox flaws under its bug bounty program

Security Affairs

Mozilla announced some major changes to its bug bounty program that was first launched in 2004. Mozilla announced some changes to its Firefox bug bounty program, it promises bigger rewards for vulnerabilities and will accept duplicate reports if necessary.

IT 98

Emergency Preparedness for Local Governments

The Texas Record

2004). It is that time of the year again: hurricane season started on June 1 and runs through November 30. Historically, the peak threat for the Texas coast is in August and September. However, hurricanes have struck the Texas coast during every month of hurricane season.

SMBleed could allow a remote attacker to leak kernel memory

Security Affairs

” The SMBleed flaw impacts Windows 10 and Windows Server, versions 1903, 1909 and 2004, previous versions of the Microsoft OS are not affected.