Schneier on Security

JULY 23, 2019

Last month, at the 2009 Homeland Security Science & Technology Stakeholders Conference in Washington D.C., Science fiction writers are creative, and creativity helps in any future scenario brainstorming. But please, keep the people who actually know science and technology in charge.

Technology 238

Technology Risk 238

Security Affairs

FEBRUARY 22, 2025

This threat actor was involved in cyber espionage campaigns and sabotage activities to destroy data and disrupt systems.

Cryptocurrency 137

Cryptocurrency Hacking Banking Cybersecurity 137

The Hacker News

DECEMBER 1, 2021

organizations and financial institutions between 2009 to 2015, has received a 60-month prison sentence. A Russian national charged with providing bulletproof hosting services for cybercriminals, who used the platform to spread malware and attack U.S.

Malware 144

Malware 144

Zero Day

MAY 4, 2021

Five critical security issues have been discovered.

Software 98

Software 98

Krebs on Security

DECEMBER 8, 2021

Darkode was taken down in 2015 as part of an FBI investigation sting operation , but screenshots of the community saved by this author show that DCReavers2 was already well known to the Darkode founders when his membership to the forum was accepted in May 2009. DCReavers2 was just the 22nd account to register on the Darkode cybercrime forum.

Cybercrime 339

Cybercrime Ransomware Accountability Advertising 339

The Hacker News

SEPTEMBER 21, 2023

of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. China's Ministry of State Security (MSS) has accused the U.S. In a message posted on WeChat, the government authority said U.S.

Surveillance 136

Surveillance Government 136

The Hacker News

MAY 15, 2024

A malware botnet called Ebury is estimated to have compromised 400,000 Linux servers since 2009, out of which more than 100,000 were still compromised as of late 2023. The findings come from Slovak cybersecurity firm ESET, which characterized it as one of the most advanced server-side malware campaigns for financial gain.

Malware 135

Malware Cybersecurity 135

Krebs on Security

FEBRUARY 22, 2022

She stated in 2009, policy was changed to move all information technology services to the Office of Administration.” . “I asked her if the ITSD was within the Office of Administration, or if DESE had their on-information technology section, and she indicated it was within the Office of Administration.

Education 356

Education Technology Hacking Media 356

Schneier on Security

APRIL 9, 2020

We released a security advisory in June of 2009 and a security update that helps keep customers safe. "To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names," the statement reads. "We

DNS 279

DNS Wireless Internet Internet 279

Krebs on Security

JUNE 1, 2023

According to cyber intelligence firm Intel 471 , Megatraffer has been active on more than a half-dozen crime forums from September 2009 to the present day. In November 2009, Fitis wrote, “I am the perfect criminal. WHO IS MEGATRAFFER? And on most of these identities, Megatraffer has used the email address 774748@gmail.com.

Malware 315

Malware Cybercrime Software Accountability 315

Security Affairs

JULY 8, 2024

The compilation has been named ‘RockYou2021’ by the forum user, presumably in reference to the RockYou data breach that occurred in 2009, when threat actors hacked their way into the social app website’s servers and got their hands on more than 32 million user passwords stored in plain text. RockYou2021 had 8.4

Passwords 139

Passwords Data breaches Hacking Accountability 139

Threatpost

MAY 4, 2021

The privilege-escalation bug remained hidden for 12 years and has been present in all Dell PCs, tablets and notebooks shipped since 2009.

Risk 116

Risk 116

The Hacker News

FEBRUARY 17, 2024

to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. A Ukrainian national has pleaded guilty in the U.S. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S.

Malware 127

Malware 127

The Last Watchdog

AUGUST 29, 2022

Poor password practices are responsible for most incidents involving web applications and data breaches since 2009. 2009 DBIR page 17) . •Brute forcing passwords (10 percent) came in third. Backdoors or C2 (10 percent) were the fourth runner-ups. It’s not just a web thing. It’s an e-mail thing too.

Hacking 201

Hacking Passwords Password Management Data breaches 201

SecureWorld News

FEBRUARY 20, 2025

Key findings from the advisory The advisory highlights the rapid and efficient attack lifecycle of Ghost ransomware, with some incidents seeing full encryption within a single day.

Ransomware 113

Ransomware IoT Encryption Social Engineering 113

Adam Shostack

JANUARY 2, 2025

Now, this was a 2009 device, so maybe, just maybe, there was a COGS issue in how much storage was needed. By telling me to read the manual. Why it doesn't say "device has reached end of life?" That would be direct and to the point. When you press the button, it says "please see manual." But sheesh. At least it was loud and annoying.

130

130

WIRED Threat Level

JANUARY 15, 2019

Opinion: The 2009 vs. 2019 profile picture trend may or may not have been a data collection ruse to train its facial recognition algorithm. But we can't afford to blithely play along.

Data collection 112

Data collection 112

Krebs on Security

FEBRUARY 14, 2024

For example, the timestamp for Mr. Carter’s inbox reads August 2009, but clicking that inbox revealed messages as recent as Feb. Wireless employees were published in clear text on the Internet. The timestamps listed do not appear to be accurate somehow. Within minutes of that notification, U.S.

Internet 363

Internet Internet Wireless Government 363

Security Boulevard

MAY 15, 2024

The operators behind the Ebury server-side malware botnet have been doing business since at least 2009 and, according to the threat researchers who have been tracking it for the last decade, are stronger and more active than ever. The malware has compromised at least 400,000 Linux servers over the past 15 years, with about 100,000.

Malware 121

Malware Cybersecurity Network Security 121

Krebs on Security

OCTOBER 22, 2020

” It appears that Centauri hasn’t filed any business records with the state since 2009, and the state subsequently suspended the company’s license to do business in Aug. According to the California Secretary of State, Centauri’s status as a business in the state is “suspended.”

Internet 300

Internet Internet Technology DDOS 300

Krebs on Security

DECEMBER 29, 2023

As of this birthday, I’ve officially been an independent investigative journalist for longer than I was a reporter for The Washington Post (1995-2009). But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.

Phishing 298

Phishing Scams Advertising Mobile 298

The Hacker News

MAY 5, 2021

PC maker Dell has issued an update to fix multiple critical privilege escalation vulnerabilities that went undetected since 2009, potentially allowing attackers to gain kernel-mode privileges and cause a denial-of-service condition. The issues, reported to Dell by researchers from SentinelOne on Dec. sys" that comes pre-installed on

Firmware 117

Firmware 117

CSO Magazine

SEPTEMBER 23, 2021

The Federal Trade Commission (FTC) commissioners, in a split-vote (3-2), issued a policy statement on September 15, requiring both health applications and connected devices to comply with the “ Health Breach Notification Rule (August 2009).”

Insurance 120

Insurance Accountability 120

Schneier on Security

DECEMBER 3, 2019

The previous records were RSA-768 (768 bits) in December 2009 [2], and a 768-bit prime discrete logarithm in June 2016 [3]. It is the first time that two records for integer factorization and discrete logarithm are broken together, moreover with the same hardware and software.

Software 168

Software Encryption 168

Krebs on Security

JULY 25, 2023

SocksEscort began in 2009 as “ super-socks[.]com According to cyber intelligence firm Intel 471 , the very first “SSC” identity registered on the cybercrime forums happened in 2009 at the Russian language hacker community Antichat , where SSC registered using the email address adriman@gmail.com.

Malware 245

Malware VPN Internet Internet 245

Naked Security

MAY 5, 2021

These bugs date back to 2009, and they could give crooks who are already in your network access to sysadmin superpowers.

Firmware 102

Firmware 102

Dark Reading

MAY 4, 2021

Hardware maker has issued an update to fix multiple critical privilege escalation vulnerabilities that have gone undetected since 2009.

100

100

Security Boulevard

NOVEMBER 4, 2022

When it was launched in 2009, the Operation Aurora cyberattack was one of the first major nation-state cyberattacks aimed at private industry. Its impact forced organizations to take a hard look at their cybersecurity systems.

Hacking 115

Hacking Cybersecurity 115

Krebs on Security

APRIL 7, 2020

“We released a security advisory in June of 2009 and a security update that helps keep customers safe. . “To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names,” the statement reads.

DNS 363

DNS Wireless Risk Passwords 363

The Hacker News

OCTOBER 21, 2021

for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Two Eastern European nationals have been sentenced in the U.S.

Malware 105

Malware 105

The State of Security

MAY 17, 2022

#1 The history of the National Cyber Security Centre The UK’s first cybersecurity strategy was launched in 2009 and outlined that whatever the shape of the cybersecurity mission, it made no sense to silo it away from other aspects of national security.

Cybersecurity 109

Cybersecurity Government 109

CSO Magazine

JUNE 11, 2021

Analysis of over 200 cybersecurity incidents associated with nation state activity since 2009 also shows the enterprise is now the most common target (35%), followed by cyberdefence (25%), media and communications (14%), government bodies and regulators (12%), and critical infrastructure (10%).

Media 120

Media Internet Internet Government 120

CSO Magazine

FEBRUARY 16, 2023

During the 2008–2009 Global Financial Crisis (GFC) and subsequent recession, researchers noted that cybercrime rates increased dramatically. However, there is some evidence that macroeconomic conditions can impact cybercrime. Their report focused exclusively on financial cybercrime, including identity theft.

Identity Theft 115

Identity Theft Cybercrime Technology 115

Dark Reading

AUGUST 1, 2019

A security consultant reported vulnerabilities in Cisco's Video Surveillance Manager in 2009 - but the company ignored the issues and fired the consultant.

Surveillance 89

Surveillance 89

Krebs on Security

MARCH 28, 2024

He was paroled in 2009, and in 2014 moved his family to a home in Lancaster County, Pa. In 2006, Kidan was sentenced to 70 months in federal prison after pleading guilty to defrauding lenders along with Jack Abramoff , the disgraced lobbyist whose corruption became a symbol of the excesses of Washington influence peddling.

Phishing 316

Phishing Scams Accountability Passwords 316

Security Boulevard

AUGUST 30, 2021

According to the Health Insurance Portability and Accountability Act (HIPAA) Journal, over the past eleven years (2009-2020) there have been more than 3,705 healthcare data breaches impacting more than 268 million medical records. The healthcare industry sector is increasingly the target of cybercriminals.

Healthcare 104

Healthcare Passwords Insurance Data breaches 104

Heimadal Security

NOVEMBER 16, 2022

It is believed that the hacking group, which has been operating since 2009, is a state-sponsored group working for China. Thrip, Lotus Blossom, Spring Dragon) is responsible for a campaign that targeted a certificate authority, government agencies, and defense organizations in multiple countries in Asia. Details about the Campaign […].

Government 98

Government Hacking Cybersecurity 98