Veracode Security

SEPTEMBER 10, 2021

Back in the summer of 2003, the internet was plagued with worms such as Blaster and Sobig. This time I testified as a cybersecurity professional using my real name. I was the director of research and development at @stake, an information security consulting company.

Software 40

Software Government Internet Internet 40

Schneier on Security

FEBRUARY 1, 2021

If Georgia had still been using the paperless touchscreen DRE voting machines that they used from 2003 to 2019, then there would have been no paper ballots to recount, and no way to disprove the allegations that the election was hacked. That would have been a nightmare scenario.

Hacking 324

Hacking Software 324

CSO Magazine

FEBRUARY 2, 2021

He began as a marketing manager in 1997 and started AWS in 2003. The surprise announcement that Jeff Bezos will leave later this year and hand over the reins to AWS leader Andy Jassy marks a remarkable rise for Jassy.

Marketing 131

Marketing 131

Schneier on Security

JULY 7, 2022

Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government’s larger push to amass as much information as possible about all of our lives.

Surveillance 293

Surveillance Government Technology 293

NopSec

MARCH 26, 2013

Some time ago I recall that there was a old Perl Metasploit module targeting Oracle database 8i unauthenticated remote overflow out there (CVE-2003-0095) According to National Vulnerability Database, the vulnerability reads: “Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, In this case, use VirtualAlloc() to bypass NX.

Penetration Testing 52

Penetration Testing Authentication Engineering Technology 52

Anton on Security

JANUARY 20, 2022

My writing at the time shows that I was quite obsessed with correlation, especially correlation of normalized / categorized data that allowed detection content (rule) creation without knowing the event IDs and other details from each log source [because single event matching was not considered cool in 2003, and so why is it acceptable in 2022?]

Technology 211

Technology Engineering Data collection Firewall 211

Heimadal Security

DECEMBER 2, 2021

is a technology company based in San Jose, California created in 2003. Ubiquiti Inc. Having its headquarters in New York City, Ubiquiti produces and distributes wireless data transmission and wired equipment for businesses and residences under a variety of brand names. What Happened?

Wireless 113

Wireless Technology Ransomware Malware 113

Schneier on Security

MAY 11, 2022

Since its founding in 2003, ICE has not only been building its own capacity to use surveillance to carry out deportations but has also played a key role in the federal government’s larger push to amass as much information as possible about all of our lives.

Surveillance 326

Surveillance Government 326

Veracode Security

MAY 18, 2023

Even my 2003 testimony to Congress still proved that we have a long way to go in building secure software. The Slow Burn: From L0pht’s Testimony to Government Action L0pht’s 1998 testimony set the stage for the next 25 years of internet security awareness. However, it took years for change to start happening.

Cybersecurity 122

Cybersecurity Security Awareness Internet Internet 122

Dark Reading

MAY 14, 2019

Microsoft releases security updates for some out-of-support systems to fix a bug that could be weaponized as a worm if exploited.

79

79

WIRED Threat Level

FEBRUARY 21, 2021

In 2003, Barrett Lyon created a map of the internet. In 2021, he did it again—and showed just how quickly it's expanded.

Internet 111

Internet Internet 111

Security Boulevard

SEPTEMBER 13, 2021

The list has been maintained by OWASP since its release in 2003 with updates every few years. The Open Web Application Security Project (OWASP) has released its draft Top 10 Web Application Security Risks 2021 list with a number of changes from the 2017 list (the last time the list was updated).

Risk 116

Risk 116

Schneier on Security

FEBRUARY 8, 2024

In 2003, I wrote : Clearly this isn’t all or nothing. I have long been a fan of software liability as a policy mechanism for improving cybersecurity. And, yes, software is complicated, but we shouldn’t let the perfect be the enemy of the good. There are many parties involved in a typical software attack.

Software 275

Software Government Cybersecurity 275

Security Boulevard

SEPTEMBER 27, 2021

It has been in draft form for months and has been updated several times since 2003, and before its latest iteration, in 2017. Last week was the 20 th anniversary of the Open Web Application Security Project ( OWASP ), and in honor of that date, the organization issued its long-awaited update to its top 10 exploits.

Network Security 97

Network Security 97

Schneier on Security

APRIL 2, 2024

Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA’s KRYPTOS Society Newsletter, “ Tales of the Krypt ,” from 1994 to 2003. There are many interesting things in the 800 pages of newsletter. There are many redactions.

Internet 295

Internet Internet 295

CSO Magazine

JULY 6, 2021

Rainbow tables were invented by IT expert Philippe Oechslin, who published a paper on his work in 2003. A rainbow table is a large, precomputed table designed to cache the output of cryptographic hash functions to decrypt hashed passwords into plaintext.

Passwords 129

Passwords 129

Security Boulevard

AUGUST 23, 2021

It's been 18 years since OWASP first published their list of Top 10 Web Application Security Risks in 2003. It wouldn't be unreasonable to think it would have been possible to solve web application security problems in that time frame. Yet, attacks continue to happen, and successfully target vulnerabilities in web applications.

Risk 96

Risk 96

SecureBlitz

FEBRUARY 8, 2021

Wondershare Recoverit is a file recovery toolkit that has been around since 2003. In this post, I will review the Wondershare Recoverit file recovery tool for Windows and Mac PC. It can retrieve over a thousand different file formats and file systems from PC. It offers you the best file recovery technology that can recover.

Technology 97

Technology Cybersecurity 97

Security Boulevard

APRIL 27, 2023

The Safeguards Rule took effect in 2003 as part of the Gramm-Leach-Bliley Act (GLBA) and aims to protect U.S.-based What Are the FTC MFA Requirements? In October 2021, the FTC announced that it was updating the Safeguards Rule. based consumers from data breaches, cyberattacks and their resultant effects, such as fraud and identity theft.

Identity Theft 52

Identity Theft Data breaches Authentication Risk 52

Schneier on Security

OCTOBER 3, 2019

Data Collected: 22 Vendors 1,294 Products 4,956 Firmware versions 3,333,411 Binaries analyzed Date range of data: 2003-03-24 to 2019-01-24 (varies by vendor, most up to 2018 releases). [.]. In August, CyberITL completed a large-scale survey of software security practices in the IoT environment, by looking at the compiled software.

IoT 209

IoT Firmware Data collection Architecture 209

Dark Reading

AUGUST 1, 2018

An over-reliance on artificial intelligence and machine learning for the wrong uses will create unnecessary risks.

Artificial Intelligence 45

Artificial Intelligence Firewall Risk 45

Security Affairs

JULY 15, 2022

Dragos researchers were also able to recover the password using the exploit over Ethernet, significantly increasing the severity of the flaw, tracked as CVE-2022-2003. The CVE-2022-2003 was responsibly disclosed to Automation Direct and the vendor addressed it with the release of a firmware update.

Passwords 129

Passwords Software Firmware Malware 129

Heimadal Security

SEPTEMBER 21, 2021

The Internet Information Services (IIS) is Microsoft Windows web server software included with all Windows versions since Windows 2000, XP, and Server 2003. Windows IIS servers were compromised by threat actors to add expired certificate notification pages asking visitors to download a malicious fake installer.

Internet 74

Internet Internet Software Cybersecurity 74

Krebs on Security

JUNE 29, 2023

In March 2020, the DOJ unsealed two criminal hacking indictments against Kislitsin, who was then head of security at Group-IB , a cybersecurity company that was founded in Russia in 2003 and operated there for more than a decade before relocating to Singapore.

Cybersecurity 271

Cybersecurity Cybercrime Hacking Technology 271

Security Boulevard

SEPTEMBER 8, 2021

In 2003, two years after the organization was founded, the Open Web Application Security Project (OWASP) published the first OWASP Top Ten—an attempt to raise awareness about the biggest application security risks that organizations face.

Risk 64

Risk 64

Security Boulevard

JUNE 24, 2022

Since 2003, LogRhythm has been an ally in cybersecurity, helping reduce customers’ cyber risk, eliminate blind spots, and quickly shut down attacks.…. As part of our commitment to customers, we’re continuing to innovate and invest in the LogRhythm SIEM Platform. The post Introducing LogRhythm Version 7.9:

Cyber Risk 59

Cyber Risk Risk Cybersecurity 59

Schneier on Security

MAY 28, 2019

The earliest document number available on the site -- 000000075 -- referenced a real estate transaction from 2003. Modifying the document number in his link by numbers in either direction yielded other peoples' records before or after the same date and time, indicating the document numbers may have been issued sequentially.

Insurance 221

Insurance Small Business Accountability 221

Security Boulevard

JANUARY 20, 2022

data: 2003, source ). BTW, this last historical artifact makes me a bit angry, because at least one of the “cool” “search-based ‘SIEM’” vendors cannot do this today, in 2022, while the cheapest and simplest of the 1st generation SIM/SEMs could do it in 2003. (date: 2002, source ). date: 2002, source ).

Technology 138

Technology Engineering Data collection Firewall 138

Krebs on Security

JANUARY 8, 2024

Icamis promoted his services in 2003 — such as bulk-domains[.]info A search on “icamis.ru” in Google brings up a 2003 post by him on a discussion forum designed by and for students of Amtek , a secondary school in Cherepovets (Icamis was commenting from an Internet address in Cherepovets). w s, icamis[.]ru

Cybercrime 231

Cybercrime Banking Computers and Electronics DDOS 231

CyberSecurity Insiders

JUNE 16, 2022

NOTE 2 – In the year 2003, MS announced it is going to give its Windows source codes to nations, fearing any security concerns. NOTE 1- GSP is being offered by the American tech giant for people to trust in its products and services.

Government 124

Government Cyber Attacks Software Cybersecurity 124

Security Affairs

JULY 17, 2020

on the CVSS scale and affects Windows Server versions 2003 to 2019. in the Windows DNS server that affects Windows Server versions 2003 to 2019, and can be triggered by a malicious DNS response. The bug affects the DNS server component that ships with all Windows Server versions from 2003 to 2019. ” states Krebs.

DNS 132

DNS Government Advertising Engineering 132

Anton on Security

DECEMBER 8, 2023

As I said in my now-dead Gartner blog, a lot of security operation centers looked like they were built on a blueprint of a classic paper written by somebody from ArcSight around 2003 (don’t get me wrong, that was an epic SOC paper … for 2003!).

Engineering 130

Engineering Phishing 130

Dark Reading

MAY 17, 2019

Microsoft's decision to patch unsupported machines for the critical CVE-2019-0708 flaw is a reminder that XP, 2003, and other older versions of Windows still run in some enterprises.

67

67

Kali Linux

OCTOBER 21, 2024

Note that the first amd64 processor was released in 2003, and the first Debian release to support it was “4.0 Kali can also run on i386 CPUs. i386 is the ancestor of amd64 , and it was used in personal computers, back in the days before the 64-bit x86 architecture took over and replaced it. Etch”, back in 2007.

Architecture 145

Architecture Software 145

WIRED Threat Level

FEBRUARY 28, 2020

Letting a company know about flaws in their products has gotten easier sine 2003—but not by much.

60

60

Schneier on Security

FEBRUARY 2, 2018

What's more, it predated Stuxnet, with the first known instance occurring in 2003. Now, researchers have presented proof that digitally signed malware is much more common than previously believed.

Malware 157

Malware Antivirus Software Accountability 157

Krebs on Security

MAY 24, 2019

NYSE:FAF ] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The earliest document number available on the site – 000000075 — referenced a real estate transaction from 2003.

Insurance 279

Insurance Banking Identity Theft Scams 279