2003, Information Security and Internet

2003 Testimony to Congress Proves That We Still Have a Long Way to Go In Building Secure Software

Veracode Security

SEPTEMBER 10, 2021

I was the director of research and development at @stake, an information security consulting company. Back in the summer of 2003, the internet was plagued with worms such as Blaster and Sobig. The problems I spoke of in 2003, sadly, are still here with us 18 years later. It will take many years of hard work.”

Software

Software Government Internet Internet

2003 Testimony to Congress Proves That We Still Have a Long Way to Go In Building Secure Software

Security Boulevard

SEPTEMBER 10, 2021

I was the director of research and development at @stake, an information security consulting company. Back in the summer of 2003, the internet was plagued with worms such as Blaster and Sobig. The problems I spoke of in 2003, sadly, are still here with us 18 years later. It will take many years of hard work.”

Software

Software Government Internet Internet

2003 Testimony to Congress Proves That We Still Have a Long Way to Go In Building Secure Software.

Veracode Security

SEPTEMBER 10, 2021

I was the director of research and development at @stake, an information security consulting company. Back in the summer of 2003, the internet was plagued with worms such as Blaster and Sobig. This time I testified as a cybersecurity professional using my real name.

Software

Software Government Internet Internet

MY TAKE: Is Satya Nadella’s ‘Secure Future Initiative’ a deja vu of ‘Trustworthy Computing?’

The Last Watchdog

MAY 3, 2024

Org overhaul As Todd reports, not only is Microsoft basing a portion of senior executive compensation on progress toward security goals, it also will install deputy chief information security officers (CISOs) in each product group,and bring together teams from its major platforms and product teams in “engineering waves” to overhaul security.

Software

Software Engineering Internet Internet

1.9 million+ records from the FBI’s terrorist watchlist available online

Security Affairs

AUGUST 17, 2021

A security researcher discovered that a secret FBI’s terrorist watchlist was accidentally exposed on the internet for three weeks between July 19 and August 9, 2021. A security researcher Bob Diachenko discovered a secret terrorist watchlist with 1.9 In July, Diachenko discovered an unsecured Elasticsearch cluster containing 1.9

Engineering

Engineering Internet Internet Government

Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Security Affairs

MARCH 14, 2022

” The news of the attack was also confirmed by the German Federal Office for Information Security (BSI), the company had reported an IT security incident on Saturday night. But last Friday, the very stable FTP connection broke down because their entire system gave up in the evening and suddenly there was no internet.

Hacking

Hacking DDOS Internet Internet

Security Affairs newsletter Round 283

Security Affairs

SEPTEMBER 27, 2020

fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Banking Advertising Ransomware

Microsoft warns for the second time of applying BlueKeep patch

Security Affairs

MAY 31, 2019

Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Recently, the popular expert Robert Graham has scanned the Internet for vulnerable systems.

Internet

Internet Internet Malware Advertising

Microsoft July 2020 Security Updates address 123 vulnerabilities

Security Affairs

JULY 15, 2020

on the CVSS scale and affects Windows Server versions 2003 to 2019. The most severe issue is the 17-year-old wormable issue SigRed , tracked as CVE-2020-1350 , that allows hijacking of Microsoft Windows Server. The issue received a severity rating of 10.0

DNS

DNS Advertising Engineering Internet

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Security Affairs

NOVEMBER 3, 2019

Over the last months, many security experts have developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. ” concludes the expert. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .”

Cyber Attacks

Cyber Attacks Penetration Testing Cryptocurrency Hacking

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. This security improvement requires attackers to have valid credentials to perform remote code authentication.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Security Affairs

AUGUST 14, 2019

The list of flaws addressed by the tech giant doesn’t include zero-days or publicly disclosed vulnerabilities, 29 issues were rated as ‘Critical’ and affect Microsoft’s Edge and Internet Explorer web browsers, Windows, Outlook and Office. Windows XP, Windows Server 2003, and Windows Server 2008 are not affected.

Authentication

Authentication Advertising Internet Internet

Microsoft Patch Tuesday addresses dangerous RDS flaw that opens to WannaCry-like attacks

Security Affairs

MAY 15, 2019

Microsoft Patch Tuesday updates for May 2019 also address vulnerabilities in Windows OS, Internet Explorer, Edge, Microsoft Office, and Microsoft Office Services and Web Apps, ChakraCore,NET Framework, and ASP.NET, Skype for Android, Azure DevOps Server, and the NuGet Package Manager.

Malware

Malware Authentication Advertising Accountability

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines. An important point to note in “Root Entry” is the version of the document “ Microsoft Excel 97-2003 “. Figure 5: Microsoft Excel 97-2003 version identified. macro technology.

Malware

Malware Antivirus Technology Phishing

Internet scans found nearly one million systems vulnerable to BlueKeep

Security Affairs

MAY 28, 2019

GreyNoise is observing sweeping tests for systems vulnerable to the RDP "BlueKeep" (CVE-2019-0708) vulnerability from several dozen hosts around the Internet. Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Graham added. .

Internet

Internet Internet Advertising Malware

UNRAVELING EternalBlue: inside the WannaCry’s enabler

Security Affairs

SEPTEMBER 1, 2023

By scanning a range of IP addresses, they can identify potential targets that have SMB services exposed to the internet. The image below shows prebuilt EternalBlue exploits Cybernews screenshot Shodan and Similar Tools: Shodan is a search engine that scans and indexes internet-connected devices, including vulnerable systems.

Social Engineering

Social Engineering Penetration Testing Engineering Malware

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

ForAllSecure

SEPTEMBER 10, 2021

Vamosi: So in this episode, we're going to be talking a lot about Capture the Flag, not the children's game of course, but the information security game, we're going to talk about the Jeopardy style CTF, which like the TV game show has six categories of questions, with varying degrees of difficulty. Technical logically accessible.

Hacking

Hacking Education InfoSec Engineering

Who Wants to Support My Work Commercially?

Security Boulevard

JANUARY 25, 2022

Astalavista Security Newsletter - 2003-2006 - Full Offline Reading Copy. Compilations of Personally Identifiable Information Including XMPP/Jabber and Personal Emails Belonging to Cybercriminals and Malicious Threat Actors Internationally – An OSINT Analysis. Profiling Russia’s U.S Election Interference – WhoisXML API Analysis.

Cybercrime

Cybercrime Hacking Scams Ransomware

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

That, of course, was not all, but it is an example of how someone -- anyone on the internet -- can take a photo or blog post or Yelp review from social media, or some other seemingly random open source item and tie it back to a crime. Which then I could configure to get on the internet, you know. That’s not always the case.

Hacking

Hacking Media InfoSec Internet

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

I’m talking about cybercrime unicorns, talking the fog of cyberwar among nation states, and about a new book that I think will be on the shelves of every information security professional later this summer. Vamosi: The slogan of the RSA Conference is “Where the World Talks Security,” and, in general.

Cybercrime

Cybercrime Government Ransomware Hacking

Cyber Security Informer

2003 Testimony to Congress Proves That We Still Have a Long Way to Go In Building Secure Software

2003 Testimony to Congress Proves That We Still Have a Long Way to Go In Building Secure Software

Trending Sources

2003 Testimony to Congress Proves That We Still Have a Long Way to Go In Building Secure Software.

MY TAKE: Is Satya Nadella’s ‘Secure Future Initiative’ a deja vu of ‘Trustworthy Computing?’

1.9 million+ records from the FBI’s terrorist watchlist available online

Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Security Affairs newsletter Round 283

Microsoft warns for the second time of applying BlueKeep patch

Microsoft July 2020 Security Updates address 123 vulnerabilities

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

NSA urges Windows Users and admins to Patch BlueKeep flaw

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Microsoft Patch Tuesday addresses dangerous RDS flaw that opens to WannaCry-like attacks

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Internet scans found nearly one million systems vulnerable to BlueKeep

UNRAVELING EternalBlue: inside the WannaCry’s enabler

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

Who Wants to Support My Work Commercially?

The Hacker Mind Podcast: Hacking Real World Criminals Online

The Hacker Mind Podcast: The Fog of Cyber War

Stay Connected