Schneier on Security

FEBRUARY 1, 2021

If Georgia had still been using the paperless touchscreen DRE voting machines that they used from 2003 to 2019, then there would have been no paper ballots to recount, and no way to disprove the allegations that the election was hacked. That would have been a nightmare scenario.

Software 306

Software Hacking 306

CSO Magazine

FEBRUARY 2, 2021

He began as a marketing manager in 1997 and started AWS in 2003. The surprise announcement that Jeff Bezos will leave later this year and hand over the reins to AWS leader Andy Jassy marks a remarkable rise for Jassy.

Marketing 131

Marketing 131

Schneier on Security

APRIL 2, 2024

Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA’s KRYPTOS Society Newsletter, “ Tales of the Krypt ,” from 1994 to 2003. There are many interesting things in the 800 pages of newsletter. There are many redactions.

Internet 274

Internet Internet 274

Schneier on Security

JULY 7, 2022

Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government’s larger push to amass as much information as possible about all of our lives.

Surveillance 273

Surveillance Government Technology 273

NopSec

MARCH 26, 2013

Some time ago I recall that there was a old Perl Metasploit module targeting Oracle database 8i unauthenticated remote overflow out there (CVE-2003-0095) According to National Vulnerability Database, the vulnerability reads: “Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, In this case, use VirtualAlloc() to bypass NX.

Penetration Testing 52

Penetration Testing Authentication Engineering Technology 52

Veracode Security

MAY 18, 2023

Even my 2003 testimony to Congress still proved that we have a long way to go in building secure software. The Slow Burn: From L0pht’s Testimony to Government Action L0pht’s 1998 testimony set the stage for the next 25 years of internet security awareness. However, it took years for change to start happening.

Cybersecurity 122

Cybersecurity Security Awareness Internet Internet 122

Schneier on Security

FEBRUARY 8, 2024

In 2003, I wrote : Clearly this isn’t all or nothing. I have long been a fan of software liability as a policy mechanism for improving cybersecurity. And, yes, software is complicated, but we shouldn’t let the perfect be the enemy of the good. There are many parties involved in a typical software attack.

Software 255

Software Government Cybersecurity 255

Heimadal Security

DECEMBER 2, 2021

is a technology company based in San Jose, California created in 2003. Ubiquiti Inc. Having its headquarters in New York City, Ubiquiti produces and distributes wireless data transmission and wired equipment for businesses and residences under a variety of brand names. What Happened?

Wireless 116

Wireless Technology Ransomware Malware 116

Schneier on Security

MAY 11, 2022

Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government’s larger push to amass as much information as possible about all of our lives.

Surveillance 308

Surveillance Government 308

WIRED Threat Level

FEBRUARY 21, 2021

In 2003, Barrett Lyon created a map of the internet. In 2021, he did it again—and showed just how quickly it's expanded.

Internet 107

Internet Internet 107

Dark Reading

MAY 14, 2019

Microsoft releases security updates for some out-of-support systems to fix a bug that could be weaponized as a worm if exploited.

79

79

Security Boulevard

SEPTEMBER 13, 2021

The list has been maintained by OWASP since its release in 2003 with updates every few years. The Open Web Application Security Project (OWASP) has released its draft Top 10 Web Application Security Risks 2021 list with a number of changes from the 2017 list (the last time the list was updated).

Risk 116

Risk 116

Security Boulevard

SEPTEMBER 27, 2021

It has been in draft form for months and has been updated several times since 2003, and before its latest iteration, in 2017. Last week was the 20 th anniversary of the Open Web Application Security Project ( OWASP ), and in honor of that date, the organization issued its long-awaited update to its top 10 exploits.

Network Security 97

Network Security 97

CSO Magazine

JULY 6, 2021

Rainbow tables were invented by IT expert Philippe Oechslin, who published a paper on his work in 2003. A rainbow table is a large, precomputed table designed to cache the output of cryptographic hash functions to decrypt hashed passwords into plaintext.

Passwords 129

Passwords 129

Security Boulevard

AUGUST 23, 2021

It's been 18 years since OWASP first published their list of Top 10 Web Application Security Risks in 2003. It wouldn't be unreasonable to think it would have been possible to solve web application security problems in that time frame. Yet, attacks continue to happen, and successfully target vulnerabilities in web applications.

Risk 96

Risk 96

Security Boulevard

APRIL 27, 2023

The Safeguards Rule took effect in 2003 as part of the Gramm-Leach-Bliley Act (GLBA) and aims to protect U.S.-based What Are the FTC MFA Requirements? In October 2021, the FTC announced that it was updating the Safeguards Rule. based consumers from data breaches, cyberattacks and their resultant effects, such as fraud and identity theft.

Identity Theft 52

Identity Theft Data breaches Authentication Risk 52

SecureBlitz

FEBRUARY 8, 2021

Wondershare Recoverit is a file recovery toolkit that has been around since 2003. In this post, I will review the Wondershare Recoverit file recovery tool for Windows and Mac PC. It can retrieve over a thousand different file formats and file systems from PC. It offers you the best file recovery technology that can recover.

Technology 96

Technology Cybersecurity 96

Schneier on Security

OCTOBER 3, 2019

Data Collected: 22 Vendors 1,294 Products 4,956 Firmware versions 3,333,411 Binaries analyzed Date range of data: 2003-03-24 to 2019-01-24 (varies by vendor, most up to 2018 releases). [.]. In August, CyberITL completed a large-scale survey of software security practices in the IoT environment, by looking at the compiled software.

IoT 207

IoT Firmware Data collection Architecture 207

Heimadal Security

SEPTEMBER 21, 2021

The Internet Information Services (IIS) is Microsoft Windows web server software included with all Windows versions since Windows 2000, XP, and Server 2003. Windows IIS servers were compromised by threat actors to add expired certificate notification pages asking visitors to download a malicious fake installer.

Internet 78

Internet Internet Software Cybersecurity 78

Krebs on Security

JUNE 29, 2023

In March 2020, the DOJ unsealed two criminal hacking indictments against Kislitsin, who was then head of security at Group-IB , a cybersecurity company that was founded in Russia in 2003 and operated there for more than a decade before relocating to Singapore.

Cybersecurity 246

Cybersecurity Cybercrime Hacking Technology 246

Dark Reading

AUGUST 1, 2018

An over-reliance on artificial intelligence and machine learning for the wrong uses will create unnecessary risks.

Artificial Intelligence 45

Artificial Intelligence Firewall Risk 45

Security Affairs

JULY 15, 2022

Dragos researchers were also able to recover the password using the exploit over Ethernet, significantly increasing the severity of the flaw, tracked as CVE-2022-2003. The CVE-2022-2003 was responsibly disclosed to Automation Direct and the vendor addressed it with the release of a firmware update.

Passwords 116

Passwords Software Firmware Malware 116

Security Boulevard

SEPTEMBER 8, 2021

In 2003, two years after the organization was founded, the Open Web Application Security Project (OWASP) published the first OWASP Top Ten—an attempt to raise awareness about the biggest application security risks that organizations face.

Risk 64

Risk 64

Krebs on Security

JANUARY 8, 2024

Icamis promoted his services in 2003 — such as bulk-domains[.]info A search on “icamis.ru” in Google brings up a 2003 post by him on a discussion forum designed by and for students of Amtek , a secondary school in Cherepovets (Icamis was commenting from an Internet address in Cherepovets). w s, icamis[.]ru

Cybercrime 207

Cybercrime Banking Computers and Electronics DDOS 207

Security Boulevard

JUNE 24, 2022

Since 2003, LogRhythm has been an ally in cybersecurity, helping reduce customers’ cyber risk, eliminate blind spots, and quickly shut down attacks.…. As part of our commitment to customers, we’re continuing to innovate and invest in the LogRhythm SIEM Platform. The post Introducing LogRhythm Version 7.9:

Cyber Risk 59

Cyber Risk Risk Cybersecurity 59

Anton on Security

DECEMBER 8, 2023

As I said in my now-dead Gartner blog, a lot of security operation centers looked like they were built on a blueprint of a classic paper written by somebody from ArcSight around 2003 (don’t get me wrong, that was an epic SOC paper … for 2003!).

Engineering 130

Engineering Phishing 130

Schneier on Security

MAY 28, 2019

The earliest document number available on the site -- 000000075 -- referenced a real estate transaction from 2003. Modifying the document number in his link by numbers in either direction yielded other peoples' records before or after the same date and time, indicating the document numbers may have been issued sequentially.

Insurance 217

Insurance Small Business Accountability 217

CyberSecurity Insiders

JUNE 16, 2022

NOTE 2 – In the year 2003, MS announced it is going to give its Windows source codes to nations, fearing any security concerns. NOTE 1- GSP is being offered by the American tech giant for people to trust in its products and services.

Government 124

Government Cyber Attacks Software Cybersecurity 124

The Last Watchdog

MAY 3, 2024

On January 15, 2002, Bill Gates issued his famous “ Trustworthy Computing ” (TC) company-wide memo, slamming the brakes on Windows Server 2003 development and temporarily redirecting his top engineers to emphasize security as a top priority.

Software 100

Software Engineering Internet Internet 100

Security Affairs

JULY 17, 2020

on the CVSS scale and affects Windows Server versions 2003 to 2019. in the Windows DNS server that affects Windows Server versions 2003 to 2019, and can be triggered by a malicious DNS response. The bug affects the DNS server component that ships with all Windows Server versions from 2003 to 2019. ” states Krebs.

DNS 104

DNS Government Advertising Engineering 104

WIRED Threat Level

FEBRUARY 28, 2020

Letting a company know about flaws in their products has gotten easier sine 2003—but not by much.

65

65

Dark Reading

MAY 17, 2019

Microsoft's decision to patch unsupported machines for the critical CVE-2019-0708 flaw is a reminder that XP, 2003, and other older versions of Windows still run in some enterprises.

67

67

Schneier on Security

FEBRUARY 2, 2018

What's more, it predated Stuxnet, with the first known instance occurring in 2003. Now, researchers have presented proof that digitally signed malware is much more common than previously believed.

Malware 150

Malware Antivirus Software Accountability 150

Security Boulevard

SEPTEMBER 8, 2021

2003 , 20 Dec. 2003 , 18 Jul. 2003 , 18 Jul. 2003, 21 Sep. 2003, 21 Sep. 2003, 21 Sep. na Low quality a.k.a.: na Nationality: Afghan Passport no.: na National identification no.: na Address: na Listed on: 25 Jan. 2001 (amended on 3 Sep. 2005 , 9 Jul. 2007 , 21 Sep. 2007 , 29 Nov.

Education 52

Education Banking Security Intelligence Government 52

Krebs on Security

JULY 23, 2020

had exposed approximately 885 million records related to mortgage deals going back to 2003. In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp.

Insurance 296

Insurance Financial Services Penetration Testing Scams 296

Security Affairs

APRIL 21, 2023

The security breach was detected on March 17, 2003 and according to the company the intrusion begun on or about March 6, 2023. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018. The organization on Thursday began notifying members.

Data breaches 94

Data breaches Passwords Education Accountability 94

Security Affairs

MAY 31, 2021

The feature was first introduced in 2005 with the x64 editions of Windows XP and Windows Server 2003 Service Pack 1. Kento published technical details of its attack in a blog post and also released proof-of-concept (PoC) code for his attack. ” reported The Record.

Hacking 138

Hacking Malware Software Information Security 138