Threatpost

MARCH 30, 2018

Microsoft released an out-of-band security update that corrected a faulty patch that left Windows 7 and Windows Server 2008 open to attack.

Hacking 43

Hacking 43

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2.

Authentication 116

Authentication Hacking Information Security 116

WIRED Threat Level

AUGUST 10, 2023

In 2008, Boston’s transit authority sued to stop MIT hackers from presenting at the Defcon hacker conference on how to get free subway rides. Today, four teens picked up where they left off.

Hacking 89

Hacking 89

Dark Reading

JANUARY 3, 2023

Dark Reading's Kelly Jackson Higgins explains the enormous legacy left behind by Dan Kaminsky and his seminal "Great DNS Vulnerability" talk at Black Hat 2008.

Internet 112

Internet Internet DNS 112

Krebs on Security

FEBRUARY 7, 2024

From the forum’s inception until around 2008, Djamix was one of its most active and eloquent contributors. ru at DomainTools.com reveals this address has been used to register at least 10 domain names since 2008. Some of those photos date back to 2008. “In order to ESCAPE the law, you need to KNOW the law.

Cybercrime 237

Cybercrime Accountability Identity Theft Hacking 237

Bleeping Computer

MARCH 22, 2021

Windows Server 2008, and Windows Server 2012 to fix printer issues arising from the March 2021 Patch Tuesday updates. [.]. Microsoft has released out-of-band emergency updates for Windows 7, 8.1,

130

130

InfoWorld on Security

SEPTEMBER 20, 2022

I often go through my old presentations from 2008 and before to review talks about the promise of cloud computing. That was the real headline of cloud computing that led to its inflection point around 2008. Keep in mind, I’ve worked in the cloud computing field in one way or another since 1999, and I’ve seen a lot of changes.

Accountability 101

Accountability Software 101

Dark Reading

MAY 14, 2019

Microsoft releases security updates for some out-of-support systems to fix a bug that could be weaponized as a worm if exploited.

79

79

CSO Magazine

FEBRUARY 16, 2023

During the 2008–2009 Global Financial Crisis (GFC) and subsequent recession, researchers noted that cybercrime rates increased dramatically. However, there is some evidence that macroeconomic conditions can impact cybercrime. Their report focused exclusively on financial cybercrime, including identity theft.

Identity Theft 115

Identity Theft Cybercrime Technology 115

Bleeping Computer

DECEMBER 1, 2021

34-year-old Russian Aleksandr Grichishkin, the founder of a bulletproof hosting service, was sentenced to 60 months in prison for allowing cybercrime gangs to use the platform in attacks targeting US financial institutions between 2008 to 2015. [.].

Cybercrime 104

Cybercrime 104

CyberSecurity Insiders

APRIL 22, 2021

During an interview on CBS News’ 60 Minutes, Powell said cyber risks surpass even the types of lending and liquidity risks that led to the Great Recession in 2008. The chances of a financial collapse akin to 2008 are “very low,” he said. But the world changes, the world evolves, and the risks change as well.

Cyber threats 141

Cyber threats Risk Cyber Risk Banking 141

Bleeping Computer

JUNE 17, 2021

Microsoft says it no longer offers drivers for Windows 7 and Windows Server 2008 systems through Windows Update starting today. [.].

111

111

CSO Magazine

MARCH 1, 2023

The first iPhone, for example, was launched in January 2007 with its successor coming out in June 2008, creating what would become an almost yearly update that made thousands of people line up in front of Apple stores across the world on release day. This means they grew up experiencing a much faster rate in which technology evolves.

Education 126

Education Internet Internet Technology 126

NSTIC

SEPTEMBER 28, 2023

It was created in 2008, but we’ve known for quite some time that we needed to rename our program to better represent the broader scope of work we provide for the cybersecurity practitioner and IT professional communities.

Cybersecurity 68

Cybersecurity 68

Security Boulevard

APRIL 26, 2023

September 15, 2008: The bankruptcy of Lehman Brothers triggers a 4.5% one-day drop in the Dow Jones Industrial Average, then the largest decline since the attacks of September 11, 2001. The post SMB cyber safety: De-risking catastrophic events appeared first on Security Boulevard.

Risk 57

Risk 57

Krebs on Security

MAY 14, 2019

The vulnerability ( CVE-2019-0708 ) resides in the “remote desktop services” component built into supported versions of Windows, including Windows 7 , Windows Server 2008 R2 , and Windows Server 2008. “This vulnerability is pre-authentication and requires no user interaction,” Pope said.

Malware 239

Malware Ransomware Authentication 239

Security Boulevard

MAY 6, 2021

In 2008, the day before the presidential elections, I wrote an open letter to President Obama. I should have cc’ed the vice president. It’s been more than 12 years since I provided my suggestions for securing the federal government against cyberattacks.

Cybersecurity 111

Cybersecurity Government CISO 111

Schneier on Security

DECEMBER 6, 2019

One quote: "The problem is our brains are intuitively suited to the sorts of risk management decisions endemic to living in small family groups in the East African highlands in 100,000 BC, and not to living in the New York City of 2008.".

Risk 147

Risk CSO Software 147

The Hacker News

MAY 10, 2021

Four Eastern European nationals face 20 years in prison for Racketeer Influenced Corrupt Organization (RICO) charges after pleading guilty to providing bulletproof hosting services between 2008 and 2015, which were used by cybercriminals to distribute malware to financial entities across the U.S.

Malware 96

Malware 96

Heimadal Security

JUNE 14, 2022

This month’s Patch Tuesday has brought us some improvements and fixes for issues associated with Microsoft Edge Stable Channel (Version 102.0.1245.39), which incorporates the latest Security Updates of the Chromium project for CVE-2022-2011, CVE-2022-2010, CVE-2022-2008, and CVE-2022-2007.

91

91

Security Boulevard

SEPTEMBER 28, 2021

I’ve warned about this here since at least 2008. And if you look back at my tweets a decade after that in 2016 I’m not mincing any words.

110

110

Krebs on Security

NOVEMBER 9, 2021

Both involve weaknesses in Microsoft’s Remote Desktop Protocol (RDP, Windows’ built-in remote administration tool) running on Windows 7 through Windows 11 systems, and on Windows Server 2008-2019 systems. The flaws let an attacker view the RDP password for the vulnerable system.

Backups 233

Backups Authentication Passwords Internet 233

Krebs on Security

DECEMBER 12, 2023

Among the critical bugs quashed this month is CVE-2023-35628 , a weakness present in Windows 10 and later versions, as well as Microsoft Server 2008 and later. Kevin Breen , senior director of threat research at Immersive Labs , said the flaw affects MSHTML , a core component of Windows that is used to render browser-based content.

Internet 204

Internet Internet Engineering Malware 204

Heimadal Security

MAY 10, 2021

The small organization has been led by four East European nationals that pleaded guilty to conspiring to cyber-crime activities and “engage in a Racketeer Influenced Corrupt Organization (RICO) arising from their providing ‘bulletproof hosting’ services between 2008 and 2015”.

Malware 94

Malware Cybercrime Cybersecurity 94

The State of Security

NOVEMBER 7, 2021

This organization was established back in 2008 to help public service organizations to work together to share resources and reduce duplication. Anyone who works in technology in the United Kingdom (UK) is familiar with the Public Services Network (PSN).

Internet 88

Internet Internet Technology Cybersecurity 88

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net. Movie2k was a platform involved in the unauthorized distribution of copyrighted movies, TV shows, and other media content.

Media 104

Media Cybercrime Advertising Information Security 104

Krebs on Security

NOVEMBER 14, 2023

.” The final zero day in this month’s Patch Tuesday is a problem in the “Windows Cloud Files Mini Filter Driver” tracked as CVE-2023-36036 that affects Windows 10 and later, as well as Windows Server 2008 at later.

Social Engineering 236

Social Engineering Phishing Internet Internet 236

Krebs on Security

FEBRUARY 14, 2024

Some of the exposed emails dated back to 2008; others were as recent as the present day. Internet with their email. Drilling down into those individual domain links revealed inboxes for each employee or user of these exposed websites. and cityoffrederickmd.gov , the website for the government of Frederick, Md.

Internet 330

Internet Internet Wireless Government 330

Heimadal Security

SEPTEMBER 27, 2021

Bitcoin.org is an information portal for the top cryptocurrency, founded in August 2008 by Bitcoin’s pseudonymous founder Satoshi Nakamoto, containing information on Bitcoin, including the original whitepaper and developer documentation. Bitcoin.org was hijacked by hackers and got altered in order to push a scam.

Cryptocurrency 80

Cryptocurrency Scams Malware Cybersecurity 80

Dark Reading

AUGUST 3, 2020

"Taidoor" is a remote access tool that has been used in numerous cyber espionage campaigns since at least 2008.

Malware 91

Malware 91

Security Boulevard

APRIL 26, 2021

He also did something in 2008 that truly helped save the Internet. Last week, we unexpectedly lost Dan Kaminsky , one of the security research world’s best known researchers. Dan was very highly regarded and very well-liked. The post Remembering Dan Kaminsky | Avast appeared first on Security Boulevard.

Internet 69

Internet Internet Network Security 69

Heimadal Security

SEPTEMBER 8, 2021

The vulnerability was identified as CVE-2021-40444, and is affecting all Windows Servers from 2008 through 2019 and Windows 8.1 The fix that mitigates the remote code execution vulnerability can be found in MSHTML, the browser rendering engine that is also used by Microsoft Office documents. through 10 having a severity level of 8.8.

Engineering 79

Engineering Malware Cybersecurity 79

Security Affairs

FEBRUARY 13, 2020

Windows Server 2008 R2: By default, SMBv1 is enabled in Windows Server 2008 R2. Windows Server 2008 R2: Set-ItemProperty -Path "HKLM:SYSTEMCurrentControlSetServicesLanmanServerParameters" -Name SMB1 -Type DWORD -Value 0 –Force. If it returns an SMB1 value of 0, it is disabled. (Get-WindowsFeature Get-WindowsFeature FS-SMB1).Installed

Authentication 134

Authentication Malware Advertising Hacking 134

Security Boulevard

FEBRUARY 13, 2021

It’s been going on since at least 2008. Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S.

Government 106

Government Hacking Internet Internet 106

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. According to Z??osum0x0,

Penetration Testing 94

Penetration Testing Advertising Malware Authentication 94

Krebs on Security

JUNE 13, 2023

Security firm Action1 says all three bugs ( CVE-2023-32015 , CVE-2023-32014 , and CVE-2023-29363 ) can be exploited over the network without requiring any privileges or user interaction, and affected systems include all versions of Windows Server 2008 and later, as well as Windows 10 and later.

Social Engineering 206

Social Engineering System Administration Authentication Internet 206

Krebs on Security

DECEMBER 19, 2018

Satnam Narang , senior research engineer at Tenable , said the vulnerability affects the following installations of IE: Internet Explorer 11 from Windows 7 to Windows 10 as well as Windows Server 2012, 2016 and 2019; IE 9 on Windows Server 2008; and IE 10 on Windows Server 2012.

Internet 201

Internet Internet Engineering Software 201