Threatpost

NOVEMBER 30, 2018

The hackers had access to the impacted database since 2014.

Data breaches 72

Data breaches 72

SiteLock

AUGUST 27, 2021

Every year about this time, Verizon comes out with an annual review of the results of its investigations into thousands of data breaches and security incidents from around the world. The report can be very data heavy and even a little depressing, but we can learn great things from it. Here are just ten: 1.

Retail 52

Retail Data breaches DDOS Passwords 52

WIRED Threat Level

DECEMBER 12, 2018

It increasingly appears that China was behind the Marriott hack, making 2014 a landmark year in cyberattacks against the US.

Hacking 54

Hacking 54

Threatpost

NOVEMBER 27, 2017

Researcher Troy Hunt is credited for tipping image sharing site Imgur off to a 2014 breach of 1.7 million user accounts.

Accountability 45

Accountability Data breaches Passwords Hacking 45

Spinone

JANUARY 21, 2015

million leaked passwords during the year of 2014. Since we are left only a month and a half till the Valentine’s Day it’s rather obvious to claim that password “iloveyou” is one of the nine passwords from 2013-2014. The post The Worst Passwords of 2014 first appeared on SpinOne.

Passwords 40

Passwords Password Management Backups Hacking 40

Tech Republic Security

JULY 3, 2024

The vulnerabilities have since been patched, but had quietly persisted since the CocoaPods migration in 2014.

Software 180

Software Information Security 180

Dark Reading

SEPTEMBER 10, 2018

Andrei Tyurin was arrested for his involvement in a hacking campaign targeting US financial institutions, financial news publishers, brokerage firm, and other companies.

Hacking 51

Hacking 51

Schneier on Security

MAY 24, 2024

This Article accounts for and critiques these failures, providing a socio-technical history since 2014, particularly focusing on the conversation about trade in zero-day vulnerabilities and exploits. The last ten years have also been marked by stark failures to control spyware and its precursors and components.

Marketing 280

Marketing Spyware Surveillance Government 280

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

Identity Theft 341

Identity Theft Healthcare Hacking Technology 341

Schneier on Security

NOVEMBER 24, 2023

The group­—known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm—has been active since at least 2014 and has been attributed to Russia’s Federal Security Service by the Security Service of Ukraine. A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond.

Malware 263

Malware Government 263

Krebs on Security

FEBRUARY 24, 2023

The account didn’t resume posting on the forum until April 2014. Shotliff said he sold his BHProxies account to another Black Hat World forum user from Egypt back in 2014. He also shared a PayPal receipt and snippets of Facebook Messenger logs showing conversations in March 2014 with legendboy2050@yahoo.com. com on Mar.

Accountability 253

Accountability Advertising Marketing Malware 253

Schneier on Security

JUNE 7, 2024

The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide.

Government 231

Government Malware Cybercrime 231

Krebs on Security

JULY 9, 2024

Tyler Reguly at Forta noted that today marks the End of Support date for SQL Server 2014 , a platform that according to Shodan still has ~110,000 instances publicly available. All three bugs have been assigned a CVSS score of 9.8 (out out of 10) and indicate that a malicious packet could trigger the vulnerability.

Internet 251

Internet Internet Engineering Software 251

The Hacker News

MAY 16, 2024

The list of vulnerabilities is as follows - CVE-2014-100005 - A cross-site request forgery (CSRF) vulnerability impacting D-Link DIR-600 routers that allows an

Cybersecurity 122

Cybersecurity 122

Security Affairs

NOVEMBER 9, 2024

The vulnerabilities impact the Mazda Connect Connectivity Master Unit (CMU) system installed in multiple car models, including the Mazda 3 model year 2014-2021. Like in so many cases, these vulnerabilities are caused by insufficient sanitization when handling attacker-supplied input.” ” reads the advisory.

Hacking 129

Hacking Firmware Software Manufacturing 129

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Golubov was arrested in Ukraine in 2005 as part of a joint investigation with multiple U.S. Vrublevsky Sr.

Retail 208

Retail Advertising Cryptocurrency Cybercrime 208

The Hacker News

MARCH 29, 2024

TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and February of 2024," the Black Lotus Labs team at Lumen

IoT 123

IoT 123

Dark Reading

FEBRUARY 14, 2018

increase just in the past year, and denial-of-service attacks are partly to blame.

Cybercrime 51

Cybercrime 51

Krebs on Security

SEPTEMBER 29, 2020

On April 6, 2014, some 11 million people across the United States were disconnected from 911 services for eight hours thanks to an “entirely preventable” software error tied to Intrado’s systems. million for the multi-state 2014 outage. 2018 outage that lasted 65 minutes.

Telecommunications 362

Telecommunications Software 362

Schneier on Security

APRIL 27, 2022

Google: 2021 included the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero began tracking in mid-2014. We’ve tracked publicly known in-the-wild 0-day exploits in this spreadsheet since mid-2014.

Ransomware 218

Ransomware Risk Malware Hacking 218

Krebs on Security

JUNE 10, 2022

The government alleged that between December 2010 and September 2014, the defendants engaged in a conspiracy to identify or pay to identify blocks of Internet Protocol (IP) addresses that were registered to others but which were otherwise inactive. Adconion was acquired in June 2014 by Amobee , a Redwood City, Calif.

Government 285

Government Marketing Internet Internet 285

NopSec

JANUARY 2, 2014

According to a reports released by the Information Security Forum and ISACA , cyber-security will continue to be a critical issue for businesses in 2014. So what is the single most important thing you can do to improve cyber-security in 2014?

Big data 40

Big data Risk Mobile Government 40

Bleeping Computer

OCTOBER 25, 2021

?Today is the 20th anniversary of Windows XP, and although the operating system reached the end of support in 2014, way too many people continue to use the insecure version of Windows. [.].

Software 135

Software 135

Security Affairs

JULY 13, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Cybercrime 128

Cybercrime Banking Malware Hacking 128

Heimadal Security

MARCH 12, 2024

On Heimdal’s 10th Birthday, we want to thank everyone who shaped our journey from 2014 to today, and the future. Ours is a story of perseverance, innovation, and the relentless pursuit of excellence through community empowerment. What better way to celebrate than by sharing that story with you? 2011 – Heimdal® wins CTF Championship.

83

83

Security Affairs

OCTOBER 26, 2022

This is the second critical vulnerability ever addressed by the OpenSSL Project after the critical Heartbleed vulnerability (CVE-2014-0160) in 2014. The highest severity issue fixed in this release is CRITICAL:” The critical vulnerability only impacts versions 3.0 OpenSSL Project also announced the upcoming bug-fix release 1.1.1s

Encryption 130

Encryption Hacking Information Security 130

Security Boulevard

OCTOBER 11, 2024

After retiring in 2014 from an uncharacteristically long tenure running the NSA (and US CyberCommand), Keith Alexander founded a cybersecurity company called IronNet. At the time, he claimed that it was based on IP he developed on his own time while still in the military. That always troubled me.

Technology 64

Technology Cybersecurity 64

Security Affairs

APRIL 1, 2024

The incident impacted OWASP members from 2006 to around 2014 who provided their resumes as part of joining OWASP. “OWASP collected resumes as part of the early membership process, whereby members were required in the 2006 to 2014 era to show a connection to the OWASP community.

Data breaches 142

Data breaches Mobile Software Media 142

Penetration Testing

MARCH 26, 2024

Researchers at Lumen Technologies’ Black Lotus Labs have uncovered a newly updated version of the “TheMoon” malware, dating back to 2014.

Malware 88

Malware Penetration Testing Technology 88

Privacy and Cybersecurity Law

JANUARY 10, 2014

So as the latest Snowdon revelations (oh … and the New Year Holiday fun has subsided) how about we look […].

Data privacy 40

Data privacy Data breaches 40

Bleeping Computer

NOVEMBER 14, 2022

states alleging that the search giant tracked Android users' locations since at least 2014 even when they thought location tracking was disabled. [.]. Google has agreed to pay $391.5 million to settle a lawsuit filed by a coalition of attorneys general from 40 U.S.

104

104

Digital Shadows

FEBRUARY 9, 2022

Russia and Ukraine have had a particularly tense relationship since Russia’s annexation of Crimea in 2014. In the past weeks, The post Growing Tension Between Russia and Ukraine: Should you be concerned? first appeared on Digital Shadows.

Cybercrime 119

Cybercrime Ransomware 119

Heimadal Security

JULY 7, 2022

An incident that occurred in 2014 but was not discovered until September 2018 led to a fine of £14.4 The recent incident at Marriott is not the first time the company has been the victim of a massive data breach. million ($24 million) from the Information Commissioner’s Office in the United Kingdom. Names, mailing addresses, […].

Data breaches 130

Data breaches Cybersecurity 130

Tech Republic Security

FEBRUARY 4, 2022

Flashpoint and Risk Based Security’s report found that, despite early reports, the total number of breaches is likely much higher than reported, with the time it takes to report a breach the longest since 2014.

Data breaches 119

Data breaches Risk 119

Bleeping Computer

AUGUST 8, 2023

The UK Electoral Commission disclosed a massive data breach exposing the personal information of anyone who registered to vote in the United Kingdom between 2014 and 2022. [.]

Data breaches 73

Data breaches Government 73

Bleeping Computer

AUGUST 18, 2021

Larry Dean Harmon, the owner of a dark web cryptocurrency laundering service known as Helix, pleaded guilty today of laundering over $300 million worth of bitcoins between 2014 and 2017. [.].

Cryptocurrency 122

Cryptocurrency 122

Penetration Testing

DECEMBER 27, 2023

According to the monthly threat analysis by NCC Group, the banking malware Carbanak, known since 2014, has updated its methods and is now actively used in ransomware attacks.

Penetration Testing 86

Penetration Testing Malware Banking Ransomware 86