2013 - Information Management Today

Target Sues Insurer Over 2013 Data Breach Costs

Data Breach Today

NOVEMBER 21, 2019

in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach. Lawsuit Claims Insurer Owes Retailer for Coverage of Card Replacement Costs Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., Find out how much money the company is seeking.

Insurance

Insurance Data breaches Retail IT

Hacking Kia cars made after 2013 using just their license plate

Security Affairs

SEPTEMBER 26, 2024

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. This will allow us to send arbitrary commands to the vehicle.” ” concludes Curry.

Access

Access Sales Cybersecurity IT

6 cyber-espionage campaigns since 2013 attributed to PKPLUG China-linked group

Security Affairs

OCTOBER 3, 2019

Below the timeline of the PKPLUG attacks over the years: The first campaign associated with the PKPLUG was observed in November 2013, when the group targeted Mongolian individuals with PlugX RAT. The post 6 cyber-espionage campaigns since 2013 attributed to PKPLUG China-linked group appeared first on Security Affairs.

Archiving

Archiving Cybersecurity Security IT

Webinars

Agent Tooling: Connecting AI to Your Tools, Systems & Data

Automation, Evolved: Your New Playbook for Smarter Knowledge Work

From Curiosity to Competitive Edge: How Mid-Market CEOs Are Using AI to Scale Smarter

MORE WEBINARS

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. now has 687 records assembled from publicly disclosed incidents between November 2013 and August 2020.” ” reads the project description.

Ransomware

Ransomware Data collection Education Security

New Study: 2018 State of Embedded Analytics Report

Why do some embedded analytics projects succeed while others fail? We surveyed 500+ application teams embedding analytics to find out which analytics features actually move the needle. Read the 6th annual State of Embedded Analytics Report to discover new best practices. Brought to you by Logi Analytics.

Analytics

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. The threat actors exploit a vulnerability, tracked as CVE-2013-3900, that was discovered and fixed in 2013 but in 2014 Microsoft revised the fix.

Access

Access IT Security Cybersecurity

Voter information for 2 millions of Indonesians leaked online

Security Affairs

MAY 23, 2020

Leaked details include names, addresses, ID numbers, birth dates, and more, they appear to date back to 2013. Appears to date back to 2013. Actor leaks information on 2,300,000 Indonesian citizens. data includes names, addresses, ID numbers, birth dates, and more.

IT

IT Security Data breaches

Medical Center Fined $4.75M in Insider ID Theft Incident

Data Breach Today

FEBRUARY 6, 2024

HHS OCR Says a Malicious Worker Stole and Sold Patient Information in 2013 HHS has fined a New York City medical center $4.75 million to settle potential HIPAA violations discovered during an investigation into a hospital insider who sold patient data to identity thieves in 2013.

Privacy

Privacy Security IT

Indian Court ordered to block email service Proton Mail

Security Affairs

APRIL 30, 2025

Founded in 2013 by scientists from CERN, it operates under Proton AG and is headquartered in Geneva. Indian Court ordered a nationwide block of the privacy-oriented email service Proton Mail on April 29, 2025, following a legal complaint.

Encryption

Encryption Privacy Communications Government

The Truth About Customer Journey Mapping

Speaker: Dave Seaton, CEO of Seaton CX

Is Customer Journey Mapping a tired fad from 2013? Or a critical tool for sparking customer-centric change? 💥 The answer lies not in the map itself, but in the mapping process.

Customer Experience

US DOJ Indicts Foreign Nationals for Defrauding $48 Million

Data Breach Today

NOVEMBER 7, 2023

The alleged reshipping scheme operated between 2013 and 2018 while the three defendants lived in Russia. Alleged Operators of Russian Cyber Fraud Scheme Are Indicted U.S. federal prosecutors unsealed an indictment against three foreign nationals for allegedly participating in a $48 million fraud scheme.

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. In 2013, the Motion Picture Association of America (MPAA) shut down the website due to concerns related to copyright infringement. According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net.

IT

IT Security Information Security

Ransomware, Vendor Hacks Push Breach Number to Record High

Data Breach Today

DECEMBER 7, 2023

Breaches have more than tripled between 2013 and 2022. Billion Personal Records Exposed in the Last 2 Years The number of data breaches in the U.S. has hit an all-time high, amid mounting attacks against third-party vendors and aggressive ransomware attacks, says a report from Apple and a Massachusetts Institute of Technology researcher.

Ransomware

Ransomware Data breaches

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Security Affairs

AUGUST 28, 2024

The indictment alleges that from 2013 to 2022, Kadariya played a key role in distributing the Angler Exploit Kit, which was used to spread various malware, including ransomware, through malvertising and other methods. Kadariya has been indicted for distributing the Angler Exploit Kit and other malware to millions of victims.

Computer and Electronics

Computer and Electronics Access Ransomware Information Security

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Security Affairs

JULY 4, 2019

The hacker who brought offline with massive DDoS attacks online gaming networks between December 2013 and January 2014 has been sentenced to 27 months in prison. Austin Thompson (23) from Utah hit the principal gamins networks in 2013 and 2014, including Sony Online Entertainment. ” reads the press release published by DoJ.

Computer and Electronics

Computer and Electronics Access Security IT

Prestige reservation platform exposes millions of hotel guests

Security Affairs

NOVEMBER 10, 2020

Exposed data, some of which go back to 2013, include sensitive information and credit card details. The unsecured cloud repository used by the hotel reservation platform has exposed 10 million files (24.4 GB worth of data) related to guests at various hotels around the world. ” reads a post published by Website Planet.

Cloud

Cloud Phishing Access Privacy

Microsoft Patches Zero-Day Bug Exploited by Ransomware Group

Data Breach Today

APRIL 12, 2023

Attackers Drop Nokoyawa Ransomware; Experts See Increasing Criminal Sophistication Microsoft has issued fixes for 114 vulnerabilities, including patching a zero-day flaw being actively exploited by a ransomware group and updating guidance to block a vulnerability from 2013 that was recently exploited for the software supply chain attack on 3CX users, (..)

Ransomware

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

. “To make sure that your Exchange organization is better protected against the latest threats (for example Emotet, TrickBot or WannaCry to name a few) we recommend disabling SMBv1 if it’s enabled on your Exchange (2013/2016/2019) server.” ” reads an advisory published by the Microsoft Tech Community.

Authentication

Authentication Communications Encryption IT

Notorious Finnish Hacker sentenced to more than six years in prison

Security Affairs

APRIL 30, 2024

In 2013, investigators discovered malicious code on devices seized from Kivimäki, which was used by HTP to compromise over 60,000 servers exploiting an Adobe ColdFusion zero-day. This exploit was reported by Brian Krebs in September 2013, after the hackers breached the servers of LexisNexis, Kroll, and Dun & Bradstreet.

Data breaches

Data breaches IT Information Security Security

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

CVE ID Vulnerability Name Due Date CVE-2022-26486 Mozilla Firefox Use-After-Free Vulnerability 03/21/22 CVE-2022-26485 Mozilla Firefox Use-After-Free Vulnerability 03/21/22 CVE-2021-21973 VMware vCenter Server, Cloud Foundation Server Side Request Forgery (SSRF) 03/21/22 CVE-2020-8218 Pulse Connect Secure Code Injection Vulnerability 09/07/22 CVE-2019-11581 (..)

Cybersecurity

Cybersecurity Authentication Cloud Security

Chinese-Linked APT Spying On Organizations for 10 Years

Data Breach Today

JUNE 12, 2022

Attacker Use DLL hijacking, DNS tunneling to Evade Post-Compromise Detection A recently identified Chinese hacking group dubbed "Aoqin Dragon" has been found to have targeted government, education and telecommunication organizations in Southeast Asia and Australia since 2013 as part of an ongoing cyberespionage campaign, according to research from (..)

Education

Education Government

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 17, 2022

CVE-2013-6282 : Linux Kernel – The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. CVE-2013-2596 Linux Kernel – Linux kernel fb_mmap function in drivers/video/fbmem.c Code Aurora is used in third-party products such as Qualcomm and Android.

IT

IT Cybersecurity Risk Security

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Security Affairs

MARCH 16, 2020

The vulnerability impacts Microsoft Exchange 2010, 2013, 2016, and 2019. ” The researchers working with the peers at BinaryEdge discovered 220,000 Outlook Web Access installs exposed on the Internet, most are 2013, 2016, and 2019. “How many of these are vulnerable? ” continues the report.

Authentication

Authentication Access Security Cybersecurity

New Cobalt CEO Chris Manton-Jones Pursues Enterprise Clients

Data Breach Today

APRIL 13, 2022

He replaces founder Jacob Hansen, who had served as CEO since Cobalt's inception in 2013 and will remain with the firm as a board member.

France police arrested Telegram CEO Pavel Durov

Security Affairs

AUGUST 25, 2024

Telegram Messenger is a cloud-based, cross-platform instant messaging service launched in 2013 for iOS and Android. Over the years, Telegram has become the privileged communication channel for cybercriminals and other threat actors. Telegram and the French Interior Ministry have not yet commented on the news.

Encryption

Encryption Communications Cloud IT

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. Cisco finally addressed the flaws in 2013 and stopped selling Cisco Video Surveillance Manager (VSM) in 2014. Cisco is going to pay $8.6

Government

Government Sales Access Security

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). “Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013.

Sales

Sales Access Systems administration Marketing

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

The analysis of the submissions times in VirusTotal for the artifacts employed in the Nazar campaign allowed the expert to date the campaign between 2010 and 2013. Somehow, this operation found its way onto the NSA’s radar pre-2013, as far as I can tell, it’s eluded specific coverage from the security industry.

Libraries

Libraries Cybersecurity Access IT

US authorities behind $1 billion Bitcoin transaction of Silk Road funds

Security Affairs

NOVEMBER 6, 2020

In October 2013, the FBI has shut down the popular black market Silk Road after many years of investigation, the website was hosted in the Tor Network and was seized by US law enforcement. According to FBI, between February of 2011 and July 2013, Silk Road managed $1.2 .” On November 5, the U.S. million USD. .

Sales

Sales Marketing Government IT

PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

Security Affairs

NOVEMBER 20, 2022

they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell in the context of the system and gain arbitrary or remote code execution on vulnerable servers. It's perhaps just Exchange 2013 that requires a tweak. Can confirm.

Authentication

Authentication Cybersecurity Security IT

ISO 27002:2022: Unpacking the InfoSec Management Standard

Data Breach Today

MARCH 15, 2022

Gary Hibberd, known as "The Professor of Communicating Cyber" at cybersecurity services provider Cyberfort Group, discusses the biggest changes made since 2013 to the ISO 27001 international standard for an information security management system, which helps organizations secure their data assets.

Communications

Communications Information Security Cybersecurity Security

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

Security Affairs

SEPTEMBER 30, 2020

Researchers from Rapid7 reported that 61 percent of Exchange 2010, 2013, 2016 and 2019 servers are still vulnerable to the vulnerability. 21, 2020, it appears that 61% of the target population (Exchange 2010, 2013, 2016, and 2019) is still vulnerable to exploitation.” ” explained Tom Sellers with Rapid7 in a blog post.

Authentication

Authentication Cybersecurity Risk Security

Google announced the completion of the acquisition of Mandiant for $5.4 billion

Security Affairs

SEPTEMBER 12, 2022

Mandiant is considered a leading cyber security firm, in 2013 FireEye acquired it, but FireEye separated Mandiant Solutions in 2021 as part of a $1.2 (NASDAQ: MNDT) today announced that it has entered into a definitive agreement to be acquired by Google LLC for $23.00 per share in an all-cash transaction valued at approximately $5.4

Cybersecurity

Cybersecurity Cloud Analytics Security

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

UAC-0006 has been active since at least 2013. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of surge in in cyberattacks linked to the financially-motivated threat actor UAC-0006.

Archiving

Archiving Phishing Access Cybersecurity

Hunting the ICEFOG APT group after years of silence

Security Affairs

JUNE 8, 2019

The activities of the APT group were first uncovered by Kaspersky Lab in September 2013, at the time the researchers defined the crew as an emerging group of cyber-mercenaries that was able to carry out surgical hit and run operations against strategic targets. Feedbacks and questions are welcome!

Agriculture

Agriculture Government Military Communications

CERT-UA warns of a phishing campaign targeting government entities

Security Affairs

AUGUST 13, 2024

UAC-0006 has been active since at least 2013. .” concludes the CERT-UA. In May, CERT-UA warned of a surge in in cyberattacks linked to the financially-motivated threat actor UAC-0006.

Phishing

Phishing Government File names Access

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Security Affairs

APRIL 12, 2021

Inglis retired from NSA in 2014 where he served the US government for 28 years, since 2013 as the agency’s deputy director. The first name was John Chris Inglis, who was nominated as the first-ever National Cyber Director, a role that was introduced by Congress in the Fiscal Year 2021.

Military

Military Government Cybersecurity Security

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 d26m CVE-2013-5223 D-Link DSL-2760U Gateway CVE-2020-8958 Guangzhou 1GE ONU V2801RW 1.9.1-181203 Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2016-6277 NETGEAR R6250 before 1.0.4.6.Beta,

IoT

IoT Communications IT Security

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” ua,” the campaign aims at infecting the target systems with malware. The group targeted government and military organizations in Ukraine.

Military

Military Phishing Archiving File names

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months.

Education

Education Data breaches Ransomware Access

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

It seems that the huge trove of data was the result of a data breach that took place in 2017, the oldest entries are dated back as 2013. Actor leaks Mobilink's (now @jazzpk ) database – Pakistan's leading telecom service. – Database apparently got hacked in 2017.

Sales

Sales Data breaches Authentication Personal data

Exploit broker Zerodium is looking for Pidgin 0day exploits

Security Affairs

JUNE 2, 2021

Researchers from Trend Micro reported the existence of Asrar al-Dardashah, a plugin released in 2013 that was developed for Pidgin to add encryption to the instant messaging functions, securing instant messaging with the press of a single button.

Encryption

Encryption Communications Security IT

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

JUNE 10, 2022

In 2019, AFRINIC fired a top employee after it emerged that in 2013 he quietly commandeered millions of IPs from defunct African entities or from those that were long ago acquired by other firms, and then conspired to sell an estimated $50 million worth of the IPs to marketers based outside Africa.

Marketing

Marketing Government Systems administration Sales

Target Sues Insurer Over 2013 Data Breach Costs

Hacking Kia cars made after 2013 using just their license plate

Webinars

Trending Sources

6 cyber-espionage campaigns since 2013 attributed to PKPLUG China-linked group

Webinars

CIRWA Project tracks ransomware attacks on critical infrastructure

New Study: 2018 State of Embedded Analytics Report

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Voter information for 2 millions of Indonesians leaked online

Medical Center Fined $4.75M in Insider ID Theft Incident

Indian Court ordered to block email service Proton Mail

The Truth About Customer Journey Mapping

US DOJ Indicts Foreign Nationals for Defrauding $48 Million

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Ransomware, Vendor Hacks Push Breach Number to Record High

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Prestige reservation platform exposes millions of hotel guests

Microsoft Patches Zero-Day Bug Exploited by Ransomware Group

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Notorious Finnish Hacker sentenced to more than six years in prison

CISA urges to fix actively exploited Firefox zero-days by March 21

Chinese-Linked APT Spying On Organizations for 10 Years

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

New Cobalt CEO Chris Manton-Jones Pursues Enterprise Clients

France police arrested Telegram CEO Pavel Durov

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Meet the Administrators of the RSOCKS Proxy Botnet

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

US authorities behind $1 billion Bitcoin transaction of Silk Road funds

PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

ISO 27002:2022: Unpacking the InfoSec Management Standard

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

Google announced the completion of the acquisition of Mandiant for $5.4 billion

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Hunting the ICEFOG APT group after years of silence

CERT-UA warns of a phishing campaign targeting government entities

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

BotenaGo botnet targets millions of IoT devices using 33 exploits

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Data belonging 44 Million Pakistani mobile users leaked online

Exploit broker Zerodium is looking for Pidgin 0day exploits

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Stay Connected