CyberSecurity Insiders

AUGUST 17, 2021

Pearson, a London based e-textbook publishing firm that supplies software to Schools and Universities has been slapped with a fine of $1 million for misleading investors about a 2018 data breach that witnessed siphoning of millions of student records by hackers.

Data breaches 120

Data breaches Education Cyber Risk Cyber Attacks 120

Krebs on Security

JULY 10, 2018

According to SANS, at least three of the flaws — CVE-2018-8278 , CVE-2018-8313 , and CVE-2018-8314 — were previously disclosed publicly, meaning that attackers may have had a head start figuring out how to exploit these flaws for criminal gain.

Software 133

Software Internet Internet Backups 133

Heimadal Security

JULY 7, 2021

British Airways has settled a case brought by customers and staff affected by a massive 2018 data breach that led to personal information being leaked. The post British Airways Settles 2018 Data Breach Lawsuit appeared first on Heimdal Security Blog.

Data breaches 89

Data breaches Cybersecurity 89

Adam Shostack

NOVEMBER 29, 2018

The 2018 Gavle Goat is up and tweeting at @gavelebocken. Previously.

113

113

Security Boulevard

FEBRUARY 21, 2022

The post The Network and Information Systems (NIS UK) Regulations and Directive 2018 appeared first on Cyphere | Securing Your Cyber Sphere. The post The Network and Information Systems (NIS UK) Regulations and Directive 2018 appeared first on Security Boulevard.

98

98

Security Affairs

OCTOBER 16, 2020

Britain’s information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. In September 2018, British Airways suffered a data breach that exposed the personal information of 400,000 customers. ” concludes the ICO. Pierluigi Paganini.

Hacking 114

Hacking Data breaches Advertising Information Security 114

SiteLock

AUGUST 27, 2021

To finish out an amazing year, we headed to the South one final time for one of our biggest events of the year— WordCamp US 2018 in Nashville, TN! link] #WCUS #WordCamp pic.twitter.com/RGGsuvl7wN — WordCamp US (@WordCampUS) December 4, 2018. 2018 – Blockbuster Security and a Legendary Cast. Best swag ever. WordPress 5.0

Media 98

Media 98

Troy Hunt

DECEMBER 31, 2017

The first step is to decide which days to build a campaign upon and add them to your 2018 editorial calendar. The real-time, in-the-moment nature of cause awareness and giving days can inspire donors to give provided that your nonprofit knows how to promote the days effectively. 15: Martin Luther King, Jr.

Internet 247

Internet Internet Media 247

Heimadal Security

OCTOBER 28, 2021

As of 2018, a group of supposedly harmless Android applications has been infecting Israeli users with spyware, and the operation is still ongoing. The post Israeli Users Targeted by Android Spyware Apps Since 2018 appeared first on Heimdal Security Blog. Apparently, the most exploited […].

Spyware 87

Spyware Cybersecurity 87

CyberSecurity Insiders

JULY 6, 2021

The airliner paid the penalty for failing to protect its customer information from being accessed by hackers in 2018. The post British Airways pays a penalty for data leak of 420,000 customers in 2018 appeared first on Cybersecurity Insiders.

Hacking 126

Hacking Cybersecurity 126

Krebs on Security

AUGUST 15, 2018

According to security firm Ivanti , the first of the two zero-day flaws ( CVE-2018-8373 ) is a critical flaw in Internet Explorer that attackers could use to foist malware on IE users who browse to hacked or booby-trapped sites. One nifty little bug fixed in this patch batch is CVE-2018-8345. Microsoft’s analysis is here.

Backups 115

Backups Software Internet Internet 115

SiteLock

AUGUST 27, 2021

Michele Butcher-Jones warning against leaving outdated content on your website at WordCamp Denver 2018. Sunday Workshops at WCDenver 2018. Angela Bowman, WordCamp Denver 2018 keynote. Slides are on SlideShare if you want to learn the secrets! Closing Keynote. The day ended with an inspiring keynote by @askwpgirl, Angela Bowman.

98

98

Adam Shostack

JULY 12, 2018

What would you like me to cover in my Blackhat talk, “ Threat Modeling in 2018 ?” So this week’s threat model Thursday is simply two requests: What would you like to see in the series? ” “Attacks always get better, and that means your threat modeling needs to evolve.

Media 100

Media Engineering 100

Schneier on Security

APRIL 5, 2024

The FCC has also asked carriers to detail any exploits of the protocols since 2018. The regulator wants to know the date(s) of the incident(s), what happened, which vulnerabilities were exploited and with which techniques, where the location tracking occurred, and ­ if known ­ the attacker’s identity.

Surveillance 265

Surveillance Telecommunications 265

Security Affairs

SEPTEMBER 14, 2021

The network equipment maker MikroTik revealed that the routers were previously compromised in 2018. “As far as we have seen, these attacks use the same routers that were compromised in 2018, when MikroTik RouterOS had a vulnerability, that was quickly patched.” ” reads a post published by MikroTik in a forum post.

DDOS 84

DDOS Firewall Passwords Internet 84

Adam Shostack

JULY 26, 2018

And of course, because it’s 2018, there’s cat videos and emoji to augment logic. The current core outline is: What are we working on. The fast moving world of cyber The agile world Models are scary. What can go wrong? Threats evolve! STRIDE Machine Learning Conflict. Yeah, that’s the word. Wednesday, August 8 at 2:40 PM. *

100

100

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. 2018 was characterized by significant changes in the cyber threat landscape especially for TTPs associated with threat agent groups. .

Cyber threats 85

Cyber threats IoT Social Engineering Advertising 85

Adam Shostack

AUGUST 13, 2018

The slides from my Blackhat talk, “ Threat Modeling in 2018: Attacks, Impacts and Other Updates ” are now available either as a PDF or online viewer.

113

113

SiteLock

AUGUST 27, 2021

Voice is Becoming the New Keyboard: Voice Interfaces in 2018 and Beyond. Marc Gratch (@mgratch) April 28, 2018. If you’re not aware, the May 25, 2018 GDPR compliance deadline is looming, and if you own a WordPress website you’ll need to be prepared. Here are a few of my favorites. Content for the Modern World.

Technology 98

Technology Education Media Marketing 98

Security Affairs

DECEMBER 21, 2019

Cisco has warned customers that hackers continue to target Cisco ASA and Firepower Appliance products by exploiting the CVE-2018-0296 flaw. Experts warn that threat actors continue to exploit the CVE-2018-0296 flaw to target Cisco ASA and Firepower Appliance. SecurityAffairs – Cisco ASA, CVE-2018-0296). Pierluigi Paganini.

Firewall 68

Firewall Advertising Software Risk 68

Security Affairs

DECEMBER 5, 2018

Adobe released security updates for Flash Player that address two vulnerabilities, including a critical flaw, tracked as CVE-2018-15982, exploited in targeted attacks. Adobe is aware of reports that an exploit for CVE-2018-15982 exists in the wild.” Securi ty Affairs – Flash zero-day, CVE-2018-15982). Pierluigi Paganini.

Healthcare 107

Healthcare Advertising Hacking Malware 107

SiteLock

AUGUST 27, 2021

Each event is unique, and WordCamp Europe 2018 was no different. Jenny Beaumont (@jennybeaumont) June 15, 2018. John Maeda (@johnmaeda) June 16, 2018. Alycia (@artdecotech) June 15, 2018. WordCamp Europe (@WCEurope) June 16, 2018. WordCamp Europe (@WCEurope) June 16, 2018. The Sponsor Experience. In Summary.

Software 98

Software Internet Internet Marketing 98

SiteLock

AUGUST 27, 2021

Warner (@wpmodder) October 7, 2018. Dwayne McDaniel (@McDwayne) October 6, 2018. Hey #wcbalt attendees. If you missed ?? NewYorkerLaura ? speak about images, I highly recommend viewing her slides. 🙂 pic.twitter.com/horWcYyj2V. Making Your Website Accessible with Amazon Polly.

Marketing 98

Marketing Accountability Technology 98

Security Affairs

OCTOBER 26, 2018

Security researcher discovered a highly critical vulnerability (CVE-2018-14665) in X.Org Server package that affects major Linux distributions. Xorg published a security advisory on the CVE-2018-14665 flaw. OpenBSD #0day Xorg LPE via CVE-2018-14665 can be triggered from a remote SSH session, does not need to be on a local console.

Advertising 103

Advertising Hacking 103

SiteLock

AUGUST 27, 2021

SiteLock (@SiteLock) August 12, 2018. Guillaume Hamel (@guihamel) August 12, 2018. Don’t forget to visit us at the SiteLock booth to enter our raffle for an Amazon Gift Card and to chat #website #Security pic.twitter.com/uXnseB5kBb. Don’t Break Live: How Using a Staging Site Can Make Your Life a Lot Easier.

Firewall 98

Firewall Malware Marketing Internet 98

PerezBox Security

OCTOBER 20, 2018

On September 28th, 2018, Facebook announced it’s biggest data breach to date. The post The 2018 Facebook Data Breach appeared first on PerezBox. They estimated 50 million accounts were affected at the time of the disclosure. Subsequent to the disclosure, security.

Data breaches 80

Data breaches Accountability Information Security Cybersecurity 80

Schneier on Security

DECEMBER 10, 2018

The research group AI Now just published its annual report. It's an excellent summary of today's AI security challenges, as well as a policy agenda to address them. This is related, and also worth reading.

209

209

Security Affairs

SEPTEMBER 28, 2018

Google Project Zero disclosed details for a high severity Linux kernel a use-after-free vulnerability tracked as CVE-2018-1718. The vulnerability is a use-after-free tracked as CVE-2018-17182, it was discovered by Google Project Zero’s Jann Horn. ships a kernel that was last updated 2018-08-27.” of the Linux kernel.

Advertising 102

Advertising Hacking 102

Security Affairs

OCTOBER 6, 2018

Users are reporting problems with the CCleaner software that appears to be partially broken after the installation of Windows 10 October 2018 Update. Other users discovered that some files on their machines were deleted after the Windows 10 October 2018 Update was installed. Security Affairs – Windows 10 October 2018 Update ).

Advertising 92

Advertising Software Hacking 92

Security Affairs

SEPTEMBER 23, 2021

BulletProofLink has been active since 2018, it was used by multiple threat actors in either one-off or monthly subscription-based business models. The post BulletProofLink, a large-scale phishing-as-a-service active since 2018 appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.

Phishing 94

Phishing Cybercrime Advertising Hacking 94

Security Affairs

SEPTEMBER 18, 2021

” Our research shows that this actor has been targeting the aviation industry since at least 2018, with files mentioning both “Trip Itinerary Details” and “Bombardier” at the time using the URL akconsult[.]linkpc[.]net.” ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware 104

Malware Phishing DNS Cybercrime 104

Security Affairs

DECEMBER 12, 2018

Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. Pierluigi Paganini.

Spyware 99

Spyware Advertising Accountability Malware 99

Bleeping Computer

MARCH 28, 2023

A new North Korean hacking group has been revealed to be targeting government organizations, academics, and think tanks in the United States, Europe, Japan, and South Korea for the past five years. [.]

Hacking 132

Hacking Government 132

Threatpost

MARCH 12, 2019

Scammers used both older, tested-and-true phishing tactics in 2018 - but also newer tricks, such as fresh distribution methods, according to a new report.

Phishing 78

Phishing Media Cryptocurrency Scams 78

Troy Hunt

MARCH 6, 2024

Back in 2018, we started making Have I Been Pwned domain searches freely available to national government cybersecurity agencies responsible for protecting their nations' online infrastructure. Today, we're very happy to welcome Germany as the 35th country to use this service, courtesy of their CERTBund department.

Government 295

Government Data breaches Cybersecurity 295

Security Affairs

NOVEMBER 14, 2018

Kaspersky revealed that the CVE-2018-8589 Windows 0-day fixed by Microsoft Nov. 2018 Patch Tuesday has been exploited by at least one APT group in attacks in the Middle East. Kaspersky Lab described the CVE-2018-8589 flaw as a race condition in win32k!xxxMoveWindow Securi ty Affairs – CVE-2018-8589, hacking).

Advertising 92

Advertising Malware Authentication Government 92

SiteLock

AUGUST 27, 2021

During Q2 2018, SiteLock analyzed over 6 million websites protected by web application firewalls and malware scanners in order to identify trends among cybercriminals. The SiteLock Website Security Insider Q2 2018 goes over these and other tips for protecting your website from attackers. No website is too small or too new to hack.

Malware 52

Malware Engineering Firewall Internet 52