Krebs on Security

SEPTEMBER 11, 2018

The zero-day flaw, CVE-2018-8440 , affects Microsoft operating systems from Windows 7 through Windows 10 and allows a program launched by a restricted Windows user to gain more powerful administrative access on the system. The sole non-Microsoft update pushed by Redmond today fixes a single vulnerability in Adobe Flash Player, CVE-2018-15967.

Internet 126

Internet Internet Backups Malware 126

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. Pierluigi Paganini.

Government 143

Government Hacking Cyber Attacks Passwords 143

Security Affairs

OCTOBER 16, 2020

Britain’s information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. In September 2018, British Airways suffered a data breach that exposed the personal information of 400,000 customers. ” concludes the ICO. Pierluigi Paganini.

Hacking 125

Hacking Data breaches Advertising Information Security 125

Krebs on Security

JULY 10, 2018

According to SANS, at least three of the flaws — CVE-2018-8278 , CVE-2018-8313 , and CVE-2018-8314 — were previously disclosed publicly, meaning that attackers may have had a head start figuring out how to exploit these flaws for criminal gain.

Software 138

Software Internet Internet Backups 138

CyberSecurity Insiders

AUGUST 17, 2021

Pearson, a London based e-textbook publishing firm that supplies software to Schools and Universities has been slapped with a fine of $1 million for misleading investors about a 2018 data breach that witnessed siphoning of millions of student records by hackers.

Data breaches 120

Data breaches Education Cyber Risk Cyber Attacks 120

Adam Shostack

NOVEMBER 29, 2018

The 2018 Gavle Goat is up and tweeting at @gavelebocken. Previously.

113

113

Security Boulevard

FEBRUARY 21, 2022

The post The Network and Information Systems (NIS UK) Regulations and Directive 2018 appeared first on Cyphere | Securing Your Cyber Sphere. The post The Network and Information Systems (NIS UK) Regulations and Directive 2018 appeared first on Security Boulevard.

98

98

Heimadal Security

JULY 7, 2021

British Airways has settled a case brought by customers and staff affected by a massive 2018 data breach that led to personal information being leaked. The post British Airways Settles 2018 Data Breach Lawsuit appeared first on Heimdal Security Blog.

Data breaches 86

Data breaches Cybersecurity 86

SiteLock

AUGUST 27, 2021

To finish out an amazing year, we headed to the South one final time for one of our biggest events of the year— WordCamp US 2018 in Nashville, TN! link] #WCUS #WordCamp pic.twitter.com/RGGsuvl7wN — WordCamp US (@WordCampUS) December 4, 2018. 2018 – Blockbuster Security and a Legendary Cast. Best swag ever. WordPress 5.0

Media 98

Media 98

Troy Hunt

DECEMBER 31, 2017

The first step is to decide which days to build a campaign upon and add them to your 2018 editorial calendar. The real-time, in-the-moment nature of cause awareness and giving days can inspire donors to give provided that your nonprofit knows how to promote the days effectively. 15: Martin Luther King, Jr.

Internet 244

Internet Internet Media 244

Krebs on Security

AUGUST 15, 2018

According to security firm Ivanti , the first of the two zero-day flaws ( CVE-2018-8373 ) is a critical flaw in Internet Explorer that attackers could use to foist malware on IE users who browse to hacked or booby-trapped sites. One nifty little bug fixed in this patch batch is CVE-2018-8345. Microsoft’s analysis is here.

Backups 119

Backups Software Internet Internet 119

SiteLock

AUGUST 27, 2021

While we love every event we attend, we’ve rounded some of our favorites from the past year so you can start marking the calendar for opportunities that fit your business or personal needs (hence the title—SiteLock Reviews: Events We Love in 2018). Previous Date: March 2, 2018 in Tampa, FL. Check out our WordCamp US 2017 recap here.

Education 98

Education Architecture Marketing Mobile 98

CyberSecurity Insiders

JULY 6, 2021

The airliner paid the penalty for failing to protect its customer information from being accessed by hackers in 2018. The post British Airways pays a penalty for data leak of 420,000 customers in 2018 appeared first on Cybersecurity Insiders.

Hacking 126

Hacking Cybersecurity 126

Heimadal Security

OCTOBER 28, 2021

As of 2018, a group of supposedly harmless Android applications has been infecting Israeli users with spyware, and the operation is still ongoing. The post Israeli Users Targeted by Android Spyware Apps Since 2018 appeared first on Heimdal Security Blog. Apparently, the most exploited […].

Spyware 84

Spyware Cybersecurity 84

SiteLock

AUGUST 27, 2021

Michele Butcher-Jones warning against leaving outdated content on your website at WordCamp Denver 2018. Sunday Workshops at WCDenver 2018. Angela Bowman, WordCamp Denver 2018 keynote. Slides are on SlideShare if you want to learn the secrets! Closing Keynote. The day ended with an inspiring keynote by @askwpgirl, Angela Bowman.

98

98

Adam Shostack

JULY 12, 2018

What would you like me to cover in my Blackhat talk, “ Threat Modeling in 2018 ?” So this week’s threat model Thursday is simply two requests: What would you like to see in the series? ” “Attacks always get better, and that means your threat modeling needs to evolve.

Media 100

Media Engineering 100

Security Affairs

SEPTEMBER 14, 2021

The network equipment maker MikroTik revealed that the routers were previously compromised in 2018. “As far as we have seen, these attacks use the same routers that were compromised in 2018, when MikroTik RouterOS had a vulnerability, that was quickly patched.” ” reads a post published by MikroTik in a forum post.

DDOS 116

DDOS Firewall Passwords Internet 116

Bleeping Computer

DECEMBER 7, 2022

A previously unknown investment scam group named 'CryptosLabs' has stolen up to €480 million ($505 million) from victims in France, Belgium, and Luxembourg, since the launch of its operation in 2018. [.].

Scams 75

Scams 75

Adam Shostack

JULY 26, 2018

And of course, because it’s 2018, there’s cat videos and emoji to augment logic. The current core outline is: What are we working on. The fast moving world of cyber The agile world Models are scary. What can go wrong? Threats evolve! STRIDE Machine Learning Conflict. Yeah, that’s the word. Wednesday, August 8 at 2:40 PM. *

100

100

Security Affairs

AUGUST 18, 2024

Boffins demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks using ‘MasterPrints, ‘which are fingerprints that can match multiple other prints.

Architecture 141

Architecture Hacking Risk Information Security 141

Adam Shostack

AUGUST 13, 2018

The slides from my Blackhat talk, “ Threat Modeling in 2018: Attacks, Impacts and Other Updates ” are now available either as a PDF or online viewer.

113

113

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. 2018 was characterized by significant changes in the cyber threat landscape especially for TTPs associated with threat agent groups. .

Cyber threats 108

Cyber threats IoT Social Engineering Advertising 108

Schneier on Security

OCTOBER 31, 2024

Way back in 2018, people noticed that you could find secret military bases using data published by the Strava fitness app. Soldiers and other military personal were using them to track their runs, and you could look at the public data and find places where there should be no people running. Six years later, the problem remains.

Data privacy 275

Data privacy 275

SiteLock

AUGUST 27, 2021

Voice is Becoming the New Keyboard: Voice Interfaces in 2018 and Beyond. Marc Gratch (@mgratch) April 28, 2018. If you’re not aware, the May 25, 2018 GDPR compliance deadline is looming, and if you own a WordPress website you’ll need to be prepared. Here are a few of my favorites. Content for the Modern World.

Technology 98

Technology Education Media Marketing 98

Security Affairs

DECEMBER 21, 2019

Cisco has warned customers that hackers continue to target Cisco ASA and Firepower Appliance products by exploiting the CVE-2018-0296 flaw. Experts warn that threat actors continue to exploit the CVE-2018-0296 flaw to target Cisco ASA and Firepower Appliance. SecurityAffairs – Cisco ASA, CVE-2018-0296). Pierluigi Paganini.

Firewall 96

Firewall Advertising Software Risk 96

Security Affairs

DECEMBER 5, 2018

Adobe released security updates for Flash Player that address two vulnerabilities, including a critical flaw, tracked as CVE-2018-15982, exploited in targeted attacks. Adobe is aware of reports that an exploit for CVE-2018-15982 exists in the wild.” Securi ty Affairs – Flash zero-day, CVE-2018-15982). Pierluigi Paganini.

Healthcare 111

Healthcare Advertising Hacking Malware 111

Security Affairs

APRIL 28, 2021

” The RotaJakiro backdoor was first spotted in 2018 when a sample was uploaded on VirusTotal’s anti-malware service. Since 2018, the researchers spotted four distinct samples of the malware that were uploaded between May 2018 and January 2021. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Encryption 104

Encryption Malware IoT Accountability 104

SiteLock

AUGUST 27, 2021

Each event is unique, and WordCamp Europe 2018 was no different. Jenny Beaumont (@jennybeaumont) June 15, 2018. John Maeda (@johnmaeda) June 16, 2018. Alycia (@artdecotech) June 15, 2018. WordCamp Europe (@WCEurope) June 16, 2018. WordCamp Europe (@WCEurope) June 16, 2018. The Sponsor Experience. In Summary.

Software 98

Software Internet Internet Marketing 98

Security Affairs

OCTOBER 26, 2018

Security researcher discovered a highly critical vulnerability (CVE-2018-14665) in X.Org Server package that affects major Linux distributions. Xorg published a security advisory on the CVE-2018-14665 flaw. OpenBSD #0day Xorg LPE via CVE-2018-14665 can be triggered from a remote SSH session, does not need to be on a local console.

Advertising 111

Advertising Hacking 111

SiteLock

AUGUST 27, 2021

Warner (@wpmodder) October 7, 2018. Dwayne McDaniel (@McDwayne) October 6, 2018. Hey #wcbalt attendees. If you missed ?? NewYorkerLaura ? speak about images, I highly recommend viewing her slides. 🙂 pic.twitter.com/horWcYyj2V. Making Your Website Accessible with Amazon Polly.

Marketing 98

Marketing Accountability Technology 98

Security Affairs

MAY 13, 2019

Yoroi Cyber Security Annual Report 2018 – In 2018 cyber-security experts observed an increased number of cyber attacks, malware endure to be the most aggressive and pervasive threat. Yoroi Cyber Security Annual Report 2018 analyzes the evolution of the threat landscape observed between January 2018 and December 2018.

Malware 108

Malware Advertising DNS Surveillance 108

SiteLock

AUGUST 27, 2021

SiteLock (@SiteLock) August 12, 2018. Guillaume Hamel (@guihamel) August 12, 2018. Don’t forget to visit us at the SiteLock booth to enter our raffle for an Amazon Gift Card and to chat #website #Security pic.twitter.com/uXnseB5kBb. Don’t Break Live: How Using a Staging Site Can Make Your Life a Lot Easier.

Firewall 98

Firewall Malware Marketing Internet 98

PerezBox Security

OCTOBER 20, 2018

On September 28th, 2018, Facebook announced it’s biggest data breach to date. The post The 2018 Facebook Data Breach appeared first on PerezBox. They estimated 50 million accounts were affected at the time of the disclosure. Subsequent to the disclosure, security.

Data breaches 80

Data breaches Accountability Information Security Cybersecurity 80

Schneier on Security

DECEMBER 10, 2018

The research group AI Now just published its annual report. It's an excellent summary of today's AI security challenges, as well as a policy agenda to address them. This is related, and also worth reading.

212

212

Pentester Academy

MARCH 16, 2023

Lab Walkthrough — Drupalgeddon 2 [CVE-2018–7600] In our lab walkthrough series, we go through selected lab exercises on our INE Platform. Technical difficulty: Beginner Introduction In late March 2018, a critical vulnerability was uncovered in Drupal CMS. The target is running Drupal 7.57, 2018–02–21 version. x before 8.3.9,

Passwords 52

Passwords Risk Technology InfoSec 52

Security Affairs

SEPTEMBER 28, 2018

Google Project Zero disclosed details for a high severity Linux kernel a use-after-free vulnerability tracked as CVE-2018-1718. The vulnerability is a use-after-free tracked as CVE-2018-17182, it was discovered by Google Project Zero’s Jann Horn. ships a kernel that was last updated 2018-08-27.” of the Linux kernel.

Advertising 111

Advertising Hacking 111

Security Affairs

SEPTEMBER 23, 2021

BulletProofLink has been active since 2018, it was used by multiple threat actors in either one-off or monthly subscription-based business models. The post BulletProofLink, a large-scale phishing-as-a-service active since 2018 appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.

Phishing 115

Phishing Cybercrime Advertising Hacking 115