The Hacker News

SEPTEMBER 21, 2023

of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. China's Ministry of State Security (MSS) has accused the U.S. In a message posted on WeChat, the government authority said U.S.

Surveillance 118

Surveillance Government 118

Schneier on Security

FEBRUARY 2, 2024

In 2009, I wrote : There are several ways two people can divide a piece of cake in half. One way is to find someone impartial to do it for them. This works, but it requires another person. This also works, but still requires another person—­at least to resolve disputes.

331

331

ZoneAlarm

JULY 9, 2024

Named after the infamous RockYou breach of 2009, this latest incident significantly surpasses its predecessor. The RockYou2024 password leak has emerged as the largest known data breach in history, exposing approximately 10 billion passwords. In July 2024, a hacker using the alias “ObamaCare” uploaded the RockYou2024.txt

Passwords 81

Passwords Cybersecurity Data breaches Data privacy 81

Schneier on Security

JULY 22, 2019

More nation-state activity in cyberspace, this time from Russia : Per the different reports in Russian media, the files indicate that SyTech had worked since 2009 on a multitude of projects since 2009 for FSB unit 71330 and for fellow contractor Quantum.

Media 230

Media Internet Internet Accountability 230

Security Boulevard

AUGUST 10, 2024

It's 2009 and I just stumbled upon the extremely sophisticated Xedant Human Emulator (XHE) (hxxp://humanemulator.info) which basically automates human interactions with Web and online properties to the point of sophisticated and was in a way heavily advertised on various cybercrime-friendly forum communities back in the day.

Cybercrime 64

Cybercrime Advertising Engineering Internet 64

Security Boulevard

JULY 29, 2024

In November 2009, as coach of a youth baseball team, I received a Google Sheet with the names, birthdays, contact information, and team names for about 30 kids born between 1997 and 2000. More than 14 years later, I still have access to that document. Today, those players are in their early to mid-twenties.

64

64

The Hacker News

DECEMBER 1, 2021

organizations and financial institutions between 2009 to 2015, has received a 60-month prison sentence. A Russian national charged with providing bulletproof hosting services for cybercriminals, who used the platform to spread malware and attack U.S.

Malware 132

Malware 132

Security Boulevard

NOVEMBER 4, 2022

When it was launched in 2009, the Operation Aurora cyberattack was one of the first major nation-state cyberattacks aimed at private industry. Its impact forced organizations to take a hard look at their cybersecurity systems.

Hacking 115

Hacking Cybersecurity 115

Zero Day

MAY 4, 2021

Five critical security issues have been discovered.

Software 98

Software 98

Threatpost

MAY 4, 2021

The privilege-escalation bug remained hidden for 12 years and has been present in all Dell PCs, tablets and notebooks shipped since 2009.

Risk 116

Risk 116

CSO Magazine

FEBRUARY 16, 2023

During the 2008–2009 Global Financial Crisis (GFC) and subsequent recession, researchers noted that cybercrime rates increased dramatically. However, there is some evidence that macroeconomic conditions can impact cybercrime. Their report focused exclusively on financial cybercrime, including identity theft.

Identity Theft 115

Identity Theft Cybercrime Technology 115

The State of Security

MAY 17, 2022

#1 The history of the National Cyber Security Centre The UK’s first cybersecurity strategy was launched in 2009 and outlined that whatever the shape of the cybersecurity mission, it made no sense to silo it away from other aspects of national security.

Cybersecurity 109

Cybersecurity Government 109

CSO Magazine

SEPTEMBER 23, 2021

The Federal Trade Commission (FTC) commissioners, in a split-vote (3-2), issued a policy statement on September 15, requiring both health applications and connected devices to comply with the “ Health Breach Notification Rule (August 2009).”

Insurance 120

Insurance Accountability 120

Heimadal Security

NOVEMBER 16, 2022

It is believed that the hacking group, which has been operating since 2009, is a state-sponsored group working for China. Thrip, Lotus Blossom, Spring Dragon) is responsible for a campaign that targeted a certificate authority, government agencies, and defense organizations in multiple countries in Asia. Details about the Campaign […].

Government 85

Government Hacking Cybersecurity 85

Security Affairs

APRIL 6, 2024

Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032). Shadowserver researchers have scanned the Internet for instances vulnerable to CVE-2024-21894 and reported that about 16,500 are still vulnerable.

VPN 131

VPN Internet Internet Hacking 131

The Hacker News

OCTOBER 21, 2021

for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Two Eastern European nationals have been sentenced in the U.S.

Malware 100

Malware 100

Dark Reading

MAY 4, 2021

Hardware maker has issued an update to fix multiple critical privilege escalation vulnerabilities that have gone undetected since 2009.

100

100

Schneier on Security

DECEMBER 14, 2018

I wrote about this exact attack in 2005 and 2009. In the event targets' accounts were protected by 2fa, the attackers redirected targets to a new page that requested a one-time password. This isn't new.

Authentication 207

Authentication Passwords Phishing Government 207

The Hacker News

MAY 5, 2021

PC maker Dell has issued an update to fix multiple critical privilege escalation vulnerabilities that went undetected since 2009, potentially allowing attackers to gain kernel-mode privileges and cause a denial-of-service condition. The issues, reported to Dell by researchers from SentinelOne on Dec. sys" that comes pre-installed on

Firmware 107

Firmware 107

Naked Security

MAY 5, 2021

These bugs date back to 2009, and they could give crooks who are already in your network access to sysadmin superpowers.

Firmware 102

Firmware 102

Threatpost

APRIL 11, 2022

The APT28 (Advanced persistence threat) is operating since 2009, this group has worked under different names such as Sofacy, Sednit, Strontium Storm, Fancy Bear, Iron Twilight, and Pawn.

Malware 68

Malware 68

The Last Watchdog

AUGUST 29, 2022

Poor password practices are responsible for most incidents involving web applications and data breaches since 2009. 2009 DBIR page 17) . •Brute forcing passwords (10 percent) came in third. Backdoors or C2 (10 percent) were the fourth runner-ups. It’s not just a web thing. It’s an e-mail thing too.

Hacking 201

Hacking Passwords Password Management Data breaches 201

TrustArc

APRIL 27, 2023

When I joined in 2009, we were the certification company TRUSTe and “privacy management” meant having a well-written and accurate privacy policy on your website. For 13 years, I (Chris) have had the pleasure of leading TrustArc as CEO. Wow, how the world has changed.

64

64

Security Boulevard

MAY 17, 2022

#1 The history of the National Cyber Security Centre The UK’s first cybersecurity strategy was launched in 2009 and outlined that whatever the shape of the cybersecurity mission, it made no sense to silo it away from other aspects of national security. To be effective, it had to be able to take advantage of high-grade […]… Read More.

Cybersecurity 98

Cybersecurity Government 98

Krebs on Security

JUNE 21, 2023

Those records indicate the user Kerens registered on Verified in March 2009 from an Internet address in Novosibirsk, a city in the southern Siberian region of Russia. Intel 471 reports that gumboldt@gmail.com was used in 2009 to register a user by the nickname “ Kolumb ” on the Russian hacking forum Antichat.

Malware 237

Malware Antivirus Cybercrime Hacking 237

Security Boulevard

AUGUST 30, 2021

According to the Health Insurance Portability and Accountability Act (HIPAA) Journal, over the past eleven years (2009-2020) there have been more than 3,705 healthcare data breaches impacting more than 268 million medical records. The healthcare industry sector is increasingly the target of cybercriminals.

Healthcare 104

Healthcare Passwords Insurance Data breaches 104

Tech Republic Security

JUNE 13, 2017

Hidden Cobra, a North Korean-backed hacking group, may also be responsible for WannaCry and the Sony Pictures hack.

Hacking 65

Hacking 65

SecureBlitz

OCTOBER 1, 2022

In this interview, we spoke with Dan Olson, CEO of UpCity a small business intelligence firm that has matched over 2 million businesses to providers they can trust since its inception in 2009. According to the FBI, cyberattacks spiked 400% during the year 2020. This should be no surprise given that 47% of individuals fall […].

Small Business 68

Small Business Cybersecurity 68

CSO Magazine

FEBRUARY 15, 2021

Todd McKinnon founded Okta in 2009 on the outrageous notion that business user identity could be managed in the cloud. In an in-depth 2013 interview on InfoWorld , McKinnon, the former VP of engineering for Salesforce, argued that mass migration to the public cloud was unstoppable.

Engineering 98

Engineering 98

WIRED Threat Level

JANUARY 15, 2019

Opinion: The 2009 vs. 2019 profile picture trend may or may not have been a data collection ruse to train its facial recognition algorithm. But we can't afford to blithely play along.

Data collection 112

Data collection 112

CSO Magazine

JUNE 11, 2021

Analysis of over 200 cybersecurity incidents associated with nation state activity since 2009 also shows the enterprise is now the most common target (35%), followed by cyberdefence (25%), media and communications (14%), government bodies and regulators (12%), and critical infrastructure (10%).

Media 120

Media Internet Internet Government 120

Security Boulevard

SEPTEMBER 26, 2023

Dear blog readers, There was a speculation approximately a decade ago that I went missing. Can you recognize this guy in the picture?

Accountability 59

Accountability 59

Dark Reading

AUGUST 1, 2019

A security consultant reported vulnerabilities in Cisco's Video Surveillance Manager in 2009 - but the company ignored the issues and fired the consultant.

Surveillance 89

Surveillance 89

Security Boulevard

NOVEMBER 8, 2022

When the European Union introduced e-passports in 2009, government agencies needed a way for officers in the field to verify the authenticity of these documents and the data contained within them. The post Inside the Netherlands Ministry of Justice’s Journey to Scalable PKI appeared first on Keyfactor.

Authentication 52

Authentication Government 52

Javvad Malik

SEPTEMBER 21, 2022

Back in 2009 a Chinese woman was found to have entered Japan with altered fingerprints. In a few weeks, once the wound was healed, it would slightly alter the fingerprint pattern for up to a year. This isn’t the first time something like this has hit the headlines.

113

113

Krebs on Security

NOVEMBER 15, 2022

Gary Warner , director of research in computer forensics at the University of Alabama at Birmingham, noted in his blog from 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava , had been born and gave her birth weight. tank: Levak was written there. lucky12345: It’s f *d.

Banking 293

Banking Small Business Accountability Cybercrime 293

Security Boulevard

SEPTEMBER 16, 2024

Folks, Do you remember the international embassies web malware exploitation spree using client-side exploits that took place back in 2009 with the Russian Business Network the hosting provider of choice for these campaigns?

Malware 59

Malware Accountability 59