2019 - Information Management Today

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. The company notified the US Department of Health and Human Services (HHS).

Data breaches

Data breaches Access Phishing Privacy

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Government

Government IT Access Information Security

Buy a Microsoft Office 2019 license for Mac or Windows for $25

Collaboration 2.0

OCTOBER 25, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 89% off.

Access

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 7, 2024

CVE-2019-16278 – is a directory traversal issue in the function http_verify in nostromo nhttpd through 1.9.6 Versions up to 2.3.6 and unpatched 2.3.7 are affected, with active exploitation reported in October 2024 by PSAUX. that allows an attacker to achieve remote code execution via a crafted HTTP request.

IT

IT Authentication Cybersecurity Risk

Forrester Research Report: How Sales and Marketing Intelligence Drive Improved Business Outcomes

Advertiser: ZoomInfo

In 2019, DiscoverOrg commissioned Forrester Consulting to evaluate sales and marketing intelligence practices in the B2B space. Fact: Only 8% of sales and marketing professionals say their data is between 91% - 100% accurate. The primary takeaway? Forrester found “only 1.2%

Sales

Grab a Microsoft Office 2019 license for Mac or Windows for $28

Collaboration 2.0

NOVEMBER 10, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 87% off.

Access

Buy a Microsoft Office 2019 license for Mac or Windows for $27

Collaboration 2.0

NOVEMBER 17, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 88% off.

Access

Grab a Microsoft Office 2019 license for Mac or Windows for $27

Collaboration 2.0

NOVEMBER 12, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 88% off.

Access

Buy a Microsoft Office 2019 license for Mac or Windows for $28

Collaboration 2.0

NOVEMBER 6, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 87% off.

Access

The 2019 Technographic Data Report for B2B Sales Organizations

Advertiser: ZoomInfo

In this report, ZoomInfo substantiates the assertion that technographic data is a vital resource for sales teams. In fact, the majority of respondents agree—with 72.3% reporting that technographic data is either somewhat important or very important to their organization.

Sales

Buy Microsoft Office 2019 for Windows or Mac for $25

Collaboration 2.0

SEPTEMBER 10, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 89% off.

Access

Buy a Microsoft Office 2019 license for Windows or Mac for $25

Collaboration 2.0

SEPTEMBER 20, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 89% off.

Access

Buy Microsoft Office 2019 for Windows or Mac for $25 - here's how

Collaboration 2.0

SEPTEMBER 12, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 89% off.

Access

Get a Microsoft Office 2019 license for Windows or Mac for $27

Collaboration 2.0

SEPTEMBER 4, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 88% off.

Access

Get a Microsoft Office 2019 license for Mac or Windows for $27: Deal

Collaboration 2.0

NOVEMBER 20, 2024

This deal gets you a lifetime license to Microsoft Office 2019 for Windows or Mac and access to Microsoft Word, Excel, PowerPoint, and more for 88% off.

Access

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

Salt Typhoon is a China-linked APT group active since at least 2019. In 2019, T-Mobile disclosed data breach affecting prepaid wireless customers. .” The cyber campaign is attributed to the China-linked APT group Salt Typhoon, which is also known as FamousSparrow , UNC2286, and GhostEmperor.

Data breaches

Data breaches Communications Artificial Intelligence Government

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. In May 2019, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

IT

IT Government Security Information Security

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

JANUARY 12, 2022

The threat actors also exploited known vulnerabilities to compromise target networks and accounts, including: CVE-2018-13379 FortiGate VPNs CVE-2019-1653 Cisco router CVE-2019-2725 Oracle WebLogic Server CVE-2019-7609 Kibana CVE-2019-9670 Zimbra software CVE-2019-10149 Exim Simple Mail Transfer Protocol CVE-2019-11510 Pulse Secure CVE-2019-19781 Citrix (..)

Cybersecurity

Cybersecurity Risk Government Phishing

Meta Fined 91 Million Euros By The Irish DPC

Data Breach Today

SEPTEMBER 27, 2024

Fine Is For 2019 Disclosure That Meta Stored User Passwords In Plaintext The Irish data regulator fined social media giant Meta 91 million euros after an investigation found the company insecurely stored passwords of millions of European Facebook and Instagram users.

Passwords

Irish Authorities Levy GDPR Fine in Centric Health Breach

Data Breach Today

MARCH 1, 2023

2019 Ransomware Breach Affected 70,000 Patients, Destroyed Records of 2,500 of Them Irish authorities have fined a healthcare organization 460,000 euros - about $490,000 - for a 2019 Calum ransomware breach that compromised sensitive information of 70,000 patients, including the permanent deletion of data for about 2,500 of them.

GDPR

GDPR Ransomware

Chinese threat actor exploits old ThinkPHP flaws since October 2023

Security Affairs

JUNE 7, 2024

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

File names

File names Passwords Access Cloud

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2.

Authentication

Authentication Security IT Information Security

Why Edward Snowden is urging users to stop using ExpressVPN?

Security Affairs

SEPTEMBER 19, 2021

The trio has worked as hackers-for-hire for the United Arab Emirates cybersecurity company DarkMatter between January 2016 and November 2019. ExpressVPN published an official response that confirmed the accusation of the DoJ but that pointed out that the experts took part to the Project Raven before he joined to the company in 2019.

Cybersecurity

Cybersecurity Military Privacy Compliance

Irish Data Protection Commission fined Meta €91 million for storing passwords in readable format

Security Affairs

SEPTEMBER 28, 2024

In 2019, Meta disclosed that it had inadvertently stored some users’ passwords in plaintext on its internal systems, without encrypting them. The social media giant reported the incident to the Irish Data Protection Commission (DPC), which launched an investigation into the company’s data storage practices in April 2019.

Passwords

Passwords Encryption GDPR Access

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Security Affairs

DECEMBER 27, 2021

“It is important to note that there is a free decryptor for files locked with an older version (before July 17th, 2019) of eCh0raix ransomware. In 2019, Anomali researchers reported a wave of eCh0raix attacks against Synology NAS devices, threat actors conducted brute-force attacks against them. TXTT” extension. and 1.0.6).”

Ransomware

Ransomware Encryption Manufacturing Passwords

UK Nuclear Cleanup Site Faces Criminal Cybersecurity Charges

Data Breach Today

MARCH 29, 2024

Probe Finds 'Largest and Most Hazardous Nuclear Site' Violated Security Laws Britain's nuclear power watchdog said it plans to prosecute the country's "largest and most hazardous nuclear site," Sellafield, for violating nuclear industry cybersecurity regulations from 2019 to 2023.

Cleanup

Cleanup Cybersecurity Security IT

U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 1, 2024

CVE-2019-0344 is a deserialization of untrusted data vulnerability. Since March 2023, Unit 42 researchers have observed a variant of the Mirai botnet spreading by targeting tens of flaws in D-Link, Zyxel, and Netgear devices, including CVE-2023-25280. CVE-2020-15415 is an OS command injection vulnerability in DrayTek Multiple Vigor Routers.

Cloud

Cloud IT IoT Cybersecurity

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

In this 2019 post from Cracked, a forum moderator told the author of the post (Buddie) that the owner of the RDP service was the founder of Nulled, a.k.a. Constella found that a user named Shoppy registered on Cracked in 2019 using the email address finn@shoppy[.]gg. “Finndev.” ” Image: Ke-la.com. .

Archiving

Archiving Passwords Government IT

Oracle fixes critical RCE vulnerabilities in Weblogic Server

Security Affairs

JULY 22, 2021

The CVE-2019-2729 flaw is a remote code execution vulnerability that could be exploited by an unauthenticated attacker. “This Security Alert addresses CVE-2019-2729, a deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services. ” reads the advisory published by Oracle. and 11.2.5.0.

Passwords

Passwords Authentication Security IT

Microsoft fixes Azurescape flaw in Azure Container Instances

Security Affairs

SEPTEMBER 10, 2021

“Back in 2019, we analyzed one of these vulnerabilities, CVE-2019-5736. Our blog post, “ Breaking out of Docker via runC – Explaining CVE-2019-5736 ,” shared our analysis and a proof-of-concept (PoC) exploit for it.” The version used by the ACI is v1.0.0-rc2, ” reported PaloAlto Networks.

Access

Access Security IT Information Security

Crowdfense is offering a larger 30M USD exploit acquisition program

Security Affairs

APRIL 8, 2024

In 2019 the company made the headlines for its 10M USD bug bounty program along with its unique “ Vulnerability Research Hub ” (VRH) online platform. In 2019 price list , the company offered $3 million for a zero-click remote code execution expploit for Android and iOS.

Government

Government IT Security Information Security

Chinese Nation-State Hacker Is Exploiting Cisco Routers

Data Breach Today

JANUARY 12, 2024

Beijing cyberespionage hackers dubbed "Volt Typhoon" are using vulnerabilities that were first disclosed in early 2019. Volt Typhoon' Could Be Preparing for Renewed Burst of Activity A Chinese state hacking group is attacking superseded Cisco routers to target government entities in the United States, the United Kingdom and Australia.

Government

A British national has been charged for his execution of a hack-to-trade scheme

Security Affairs

SEPTEMBER 30, 2024

.” reads the press release published by DoJ. “From January 2019 through May 2020, Westbrook executed a hack-to-trade scheme through which he generated millions of dollars in profits.” From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Passwords

Passwords Security Information Security IT

DOJ Wraps xDedic Dark Web Market Case; 19 Charged Worldwide

Data Breach Today

JANUARY 5, 2024

Authorities in 15 Countries Helped Dismantle Operations Following 2019 Takedown The U.S.

Marketing

Marketing IT

CISA published 2021 Top 15 most exploited software vulnerabilities

Security Affairs

APRIL 28, 2022

The cybersecurity agency also shared a second table containing routinely exploited by threat cyber actors in 2021.

Cybersecurity

Cybersecurity Security Risk Government

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Phobos operation uses a ransomware-as-a-service (RaaS) model, it has been active since May 2019. The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors.

Ransomware

Ransomware Education Sales Government

Bitdefender releases Universal LockerGoga ransomware decryptor

Security Affairs

SEPTEMBER 17, 2022

“We’re pleased to announce the availability of a new decryptor for LockerGoga, a strain of ransomware that rose to fame in 2019 with the attack of the Norsk Hydro company.” The LockerGoga ransomware operation has been active since January 2019, it targeted organizations worldwide, including the aluminum giant Norsk Hydro.

Ransomware

Ransomware Encryption Cybersecurity Security

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

MAY 1, 2024

The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophisticated DNS activities since 2019 to bypass traditional security measures and probe networks worldwide.

IT

IT Security Information Security

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services

Security Affairs

NOVEMBER 18, 2023

The man was arrested in September 2019 while traveling to the U. “From approximately November 2014 to September 2019, AZARI engaged in an extensive spearphishing campaign that targeted individuals and companies in the U. and around worldwide. from abroad. According to DoJ, the Israeli man netted over $4.8 and around the globe.”

Phishing

Phishing Risk Access IT

MediSecure data breach impacted 12.9 million individuals

Security Affairs

JULY 19, 2024

The incident impacted individuals who received services from MediSecure between March 2019 and November 2023. million Australians who used the MediSecure prescription delivery service during the approximate period of March 2019 to November 2023 are impacted by this Incident based on individuals’ healthcare identifiers.

Data breaches

Data breaches Unstructured data Ransomware Phishing

Apple finally starts paying off qualifying MacBook owners as part of a class action settlement

Collaboration 2.0

AUGUST 5, 2024

If you bought a MacBook with a faulty butterfly keyboard between 2015 and 2019 and filed a claim, the check should be in the mail.

Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug

Security Affairs

NOVEMBER 23, 2021

Microsoft addressed the flaw with the release of Microsoft Patch Tuesday security updates for November 2021 , the vulnerability impacts on-premises Exchange Server 2016 and Exchange Server 2019. “We Our recommendation is to install these updates immediately to protect your environment.” read the announcement published by Microsoft.

Authentication

Authentication Security IT Information Security

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. Despite this, Lazarus has not changed the backdoor much since 2019, when it was initially discovered.” ” concludes the report.

Manufacturing

Manufacturing Education Encryption IT

U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 19, 2024

CVE-2019-1069 vulnerability (CVSS score of 7.8) is a remote code execution issue in the Oracle JDeveloper product of Oracle Fusion Middleware (component: ADF Faces). An unauthenticated attacker with network access via IIOP could exploit this vulnerability to compromise Oracle WebLogic Server. The flaw affects versions 12.2.1.3.0,

IT

IT Cybersecurity Access Risk

New Atrium Health data breach impacts 585,000 individuals

The Mask APT is back after 10 years of silence

Webinars

Trending Sources

Buy a Microsoft Office 2019 license for Mac or Windows for $25

Webinars

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Forrester Research Report: How Sales and Marketing Intelligence Drive Improved Business Outcomes

Grab a Microsoft Office 2019 license for Mac or Windows for $28

Buy a Microsoft Office 2019 license for Mac or Windows for $27

Grab a Microsoft Office 2019 license for Mac or Windows for $27

Buy a Microsoft Office 2019 license for Mac or Windows for $28

The 2019 Technographic Data Report for B2B Sales Organizations

Buy Microsoft Office 2019 for Windows or Mac for $25

Buy a Microsoft Office 2019 license for Windows or Mac for $25

Buy Microsoft Office 2019 for Windows or Mac for $25 - here's how

Get a Microsoft Office 2019 license for Windows or Mac for $27

Get a Microsoft Office 2019 license for Mac or Windows for $27: Deal

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Russia-linked threat actors targets critical infrastructure, US authorities warn

Meta Fined 91 Million Euros By The Irish DPC

Irish Authorities Levy GDPR Fine in Centric Health Breach

Chinese threat actor exploits old ThinkPHP flaws since October 2023

Microsoft rolled out emergency updates to fix Windows Server auth failures

Why Edward Snowden is urging users to stop using ExpressVPN?

Irish Data Protection Commission fined Meta €91 million for storing passwords in readable format

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

UK Nuclear Cleanup Site Faces Criminal Cybersecurity Charges

U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Oracle fixes critical RCE vulnerabilities in Weblogic Server

Microsoft fixes Azurescape flaw in Azure Container Instances

Crowdfense is offering a larger 30M USD exploit acquisition program

Chinese Nation-State Hacker Is Exploiting Cisco Routers

A British national has been charged for his execution of a hack-to-trade scheme

DOJ Wraps xDedic Dark Web Market Case; 19 Charged Worldwide

CISA published 2021 Top 15 most exploited software vulnerabilities

Russian Phobos ransomware operator faces cybercrime charges

Bitdefender releases Universal LockerGoga ransomware decryptor

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services

MediSecure data breach impacted 12.9 million individuals

Apple finally starts paying off qualifying MacBook owners as part of a class action settlement

Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog

Stay Connected