article thumbnail

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

Kislitsin is accused of hacking into the now-defunct social networking site Formspring in 2012, and conspiring with another Russian man convicted of stealing tens of millions of usernames and passwords from LinkedIn and Dropbox that same year. Nikita Kislitsin, at a security conference in Russia. prison system.

article thumbnail

Horde Webmail Software is affected by a dangerous bug since 2012

Security Affairs

The bug affects all the versions since the commit that took place on 30 Nov 2012. The post Horde Webmail Software is affected by a dangerous bug since 2012 appeared first on Security Affairs. .” The vulnerability discovered by Sonarsource is a stored XSS vulnerability that was introduced with the commit 325a7ae , 9 years ago.

Access 308
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft Patch Tuesday, July 2025 Edition

Krebs on Security

” Adam Barnett at Rapid7 notes that today is the end of the road for SQL Server 2012 , meaning there will be no future security patches even for critical vulnerabilities, even if you’re willing to pay Microsoft for the privilege. Barnett also called attention to CVE-2025-47981 , a vulnerability with a CVSS score of 9.8 (10

article thumbnail

China-linked APT Mustang Panda upgrades tools in its arsenal

Security Affairs

Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. China-linked APT group Mustang Panda (aka Camaro Dragon , RedDelta or Bronze President ).

IT 287
article thumbnail

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2.

article thumbnail

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

Windows Server 2012: If the command returns false, SMBv1 is not enabled. Windows Server 2012 R2 or higher: If the command returns false, SMBv1 is not enabled. Windows Server 2012: Set-SmbServerConfiguration -EnableSMB1Protocol $false -force. Get-SmbServerConfiguration | Select EnableSMB1Protocol. Get-WindowsFeature FS-SMB1).Installed

article thumbnail

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Sales 293