2010 and Information Security - Cyber Security Informer

US pharmacy Rite Aid banned from operating facial recognition systems

Malwarebytes

DECEMBER 21, 2023

In 2010, Rite Aid agreed to FTC charges that it failed to protect the sensitive financial and medical information of its customers and employees, in violation of federal law. Delete any biometric information it collects within five years. Implement a data security program to protect and secure personal information.

Surveillance

Surveillance Technology Retail Artificial Intelligence

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 17, 2022

CVE-2010-2568 Microsoft Windows – Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. The older issue added to the catalog in this turn is the CVE-2010-2568 which is the issue used in the Stuxnet attack.

Hacking

Hacking Cybersecurity Risk Information Security

SJW Group Appoints James P. Lynch as Chief Accounting Officer, Andrew Walters as Chief Financial Officer; San Jose Water Appoints Peter Fletcher as Vice President – Information Security Officer

CyberSecurity Insiders

JANUARY 28, 2022

Peter Fletcher has been appointed vice president – information security officer of San Jose Water Co., Lynch, who had served as the CFO and treasurer since 2010, has taken on the role of CAO. a wholly owned subsidiary of SJW Group. The appointments were effective on Jan. The post SJW Group Appoints James P.

Information Security

Information Security Accountability Marketing Risk

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

The blog featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world,” and even included a group photo of RSOCKS employees. “Thanks to you, we are now developing in the field of information security and anonymity!,” Kloster’s blog enthused. “We

Cybercrime

Cybercrime Advertising IoT Malware

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Security Affairs

SEPTEMBER 26, 2023

. “The personal health information that was copied was collected from a large network of mostly Ontario health care facilities and providers regarding fertility, pregnancy, newborn and child health care offered between January 2010 and May 2023.”

Data breaches

Data breaches Healthcare Ransomware Hacking

Finalists: Best Professional Certification Program

SC Magazine

MARCH 29, 2021

CRISC Company: ISACA Noteworthy: Nearly 30,000 professionals have earned CRISC (Certified in Risk and Information Systems Control) since it was established in 2010, and the certification was fourth on Global Knowledge’s list of top-paying IT certifications for 2020. FINALIST | BEST PROFESSIONAL CERTIFICATION PROGRAM.

Penetration Testing

Penetration Testing Architecture Education Technology

MEET THE RECIPIENTS OF THE 2021 (ISC)² GOVERNMENT PROFESSIONAL AWARD

CyberSecurity Insiders

OCTOBER 25, 2021

The (ISC)² Government Professional Award recognizes government cybersecurity leaders whose commitment to excellence has helped to improve government information security and advance an in-demand workforce. in Information Systems Management (2010), C.A.S. in Information Security Management (2010), and Ph.D.

Government

Government Education Cybersecurity Technology

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime

Cybercrime Data breaches Malware Ransomware

CISA shares a catalog of 306 actively exploited vulnerabilities

Security Affairs

NOVEMBER 4, 2021

The catalog includes vulnerabilities for products from Adobe, Apple, Atlassian, Cisco, Google, IBM, Microsoft, Nagios, Netgear, Oracle, Pulse Secure, and many other companies. The oldest vulnerability included in the catalog is the CVE-2010-5326? RCE in SAP NetWeaver Application Server and dates back to 2010.

Risk

Risk Cyber Attacks Cybersecurity Hacking

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

Wikileaks founder is currently facing extradition to the United States for his role in one of the largest compromises of classified information in the history of the United States. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010.

Government

Government Risk Passwords Hacking

The cybersecurity researcher Dan Kaminsky has died

Security Affairs

APRIL 24, 2021

Dan Kaminsky was very active in the cyber security community, he was a regular speaker at major cybersecurity and hacking conferences, including Black Hat and DEFCON. On June 16, 2010, he was named by Internet Corporation for Assigned Names and Numbers (ICANN) as one of the Trusted Community Representatives for the DNSSEC root.

Cybersecurity

Cybersecurity InfoSec DNS Hacking

NATO Chief calls for a new strategic to address new challenges

Security Affairs

OCTOBER 9, 2020

. “My thought is that the existing Strategic Concept, which we agreed in 2010, has served NATO well. Having said that, I think we all have to realise that since we agreed the Strategic Concept back in 2010, the world has fundamentally changed.” And it has actually served us well for many years.

Artificial Intelligence

Artificial Intelligence Technology Advertising Marketing

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The company added that the incident may have impacted those that attended a public institution of higher education in Colorado between 2007-2020, attended a Colorado public high school between 2004-2020, individuals with a Colorado K-12 public school educator license between 2010-2014, participated in the Dependent Tuition Assistance Program from 2009-2013, (..)

Education

Education Data breaches Ransomware Hacking

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

BlackTech is a Chinese APT group that has been active since at least 2010 and that known for conducting cyber espionage campaigns in Asia aimed at entities in Hong Kong, Japan, and Taiwan.

Telecommunications

Telecommunications Technology Government Firmware

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

JULY 26, 2020

The toolkit was first released in 2010 by SANS fellow researcher Lenny Zeltser , who is still maintaining the software. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware.

Malware

Malware Advertising Software Engineering

Volvo Cars suffers a data breach. Is it a ransomware attack?

Security Affairs

DECEMBER 10, 2021

In 2010, Volvo Cars became a subsidiary of the Chinese manufacturer Geely Holding Group, which confirmed that it “has become aware that one of its file repositories has been illegally accessed by a third party.” Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems.

Data breaches

Data breaches Ransomware Manufacturing Hacking

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

RUSdot is the successor forum to Spamdot , a far more secretive and restricted forum where most of the world’s top spammers, virus writers and cybercriminals collaborated for years before the community’s implosion in 2010. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Advertising

Advertising Cybercrime System Administration Hacking

Hospitality Chain McMenamins discloses data breach after ransomware attack

Security Affairs

JANUARY 4, 2022

According to the company, threat actors have stolen data of individuals employed between July 1, 2010, and December 12, 2021. McMenamins is a family-owned chain of brewpubs, breweries, music venues, historic hotels, and theater pubs in Oregon and Washington. .

Data breaches

Data breaches Ransomware Insurance Banking

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. “The Microsoft Digital Crimes Unit (DCU) has disrupted the activities of a China-based hacking group that we call Nickel.

VPN

VPN Manufacturing Government Hacking

The author of FastPOS PoS malware pleads guilty

Security Affairs

AUGUST 1, 2020

The group is active since 2010, when it created in Ukraine by Svyatoslav Bondarenko. The main website was a crime forum that was founded in 2010, it first operated at infraud.cc Chiochiu was a member of the Infraud global cybercrime organization involved in stealing and selling credit card and personal identity data. and infraud.ws.

Malware

Malware Advertising Cybercrime Hacking

330K stolen payment cards and 895K stolen gift cards sold on dark web

Security Affairs

APRIL 8, 2021

.” The investigation of the cybercriminal actor selling the gift cards and payment cards revealed that he is a prolific Russian-speaking hacker who was engaged in similar activities since 2010.

Cybercrime

Cybercrime Hacking Banking Information Security

Colombian authorities arrested hacker behind the Gozi Virus

Security Affairs

JUNE 30, 2021

Kuzmin was arrested by Us law enforcement in November 2010 and pleaded guilty to various computer crimes. In May 2016, Nikita Kuzmin, the Russian national who created the Gozi virus, has been sentenced to time served and ordered to pay nearly $7 million.

Banking

Banking Malware Hacking Information Security

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Security Affairs

JANUARY 26, 2022

. “The Federal Office for the Protection of the Constitution ( BfV ) has information about an ongoing cyber espionage campaign by the cyber attack group APT27 using the malware variant HYPERBRO against German commercial companies.” ” reads the advisory published by the German intelligence.

Financial Services

Financial Services Surveillance Malware Cyber Attacks

Payment solutions giant Edenred announces malware infection

Security Affairs

NOVEMBER 22, 2019

The Group is independent since June 2010 following the split with Accor. The Payment solutions giant Edenred announced that some of its computing systems have been infected with malware, the company is currently investigating the incident. Edenred is a French company specialized in prepaid corporate services.

Malware

Malware Mobile Advertising Government

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

The APT group has been active since 2010, targeted organizations worldwide, including U.S. Analyzing the attacks revealed malware samples linked to DRBControl , a campaign described earlier this year in a report from Trend Micro and attributed to APT27 and Winnti, both groups active since at least 2010 and associate with Chinese hackers.

Ransomware

Ransomware Malware Encryption Financial Services

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2010 Workspace ONE UEM patch 20.10.0.23 .” Below is the list of impacted versions: I mpacted Versions Fixed Version 2109 Workspace ONE UEM patch 21.9.0.13 and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27 and above 2101 Workspace ONE UEM patch 21.1.0.27

Authentication

Authentication Hacking Software Information Security

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Security Affairs

APRIL 15, 2020

The Energetic Bear APT group has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors. The Energetic Bear APT group has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors.

Data breaches

Data breaches Passwords Telecommunications Advertising

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Security Affairs

FEBRUARY 2, 2024

According to his LinkedIn profile , Schulte worked for the NSA for five months in 2010 as a systems engineer, after this experience, he joined the CIA as a software engineer and he left the CIA in November 2016. Schulte was identified a few days after WikiLeaks started leaking the precious dumps.

Computers and Electronics

Computers and Electronics Engineering Hacking Data breaches

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S. This is the first time that Symantec researchers have observed the Budworm group targeting a U.S-based based organization. The group also targeted a hospital in South East Asia.

Penetration Testing

Penetration Testing Financial Services Surveillance Manufacturing

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

He retired as a colonel in 2010. Prior to Mastercard, Abdullah was the chief information security officer at Xerox, where she established and led a corporate-wide information risk management program. She also served as the deputy chief information officer of the White House.

Computers and Electronics

Computers and Electronics Technology Education Energy and Utilities

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs

AUGUST 23, 2019

. “However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively.” ” reads the report published by Trend Micro.

Malware

Malware Spyware Advertising Phishing

ChromeLoader campaign uses VHD files disguised as cracked games and pirated software

Security Affairs

FEBRUARY 27, 2023

These VHD files are disguised as applications and hacks or cracks for popular Nintendo and Steam games, including ELDEN RING, Dark Souls 3, Red Dead Redemption 2, Call of Duty Deluxe Edition, Minecraft, The Legend of Zelda, Pokemon Ultra Moon, Animal Crossing New Horizons, Mario Kart 8 Deluxe, Microsoft Office 2010 and more.

Software

Software Malware Advertising Hacking

Magecart hackers hide stolen credit card data into images and bogus CSS files

Security Affairs

JULY 12, 2021

Security firms have monitored the activities of a dozen groups at least since 2010. Hacker groups under the Magecart umbrella continue to target e-stores to steal payment card data with software skimmers.

Malware

Malware Software Marketing Hacking

SAP Security Patch Day for May 2019 fixes many missing authorization checks

Security Affairs

MAY 15, 2019

they are an information disclosure in BusinessObjects business intelligence platform (CVE-2019-0287), and a missing authorization check in Treasury and Risk Management (CVE-2019-0280). SAP published updates for Security Notes released in October 2009, September 2010, December 2010, and March 2013. ” adds Onapsis.

Financial Services

Financial Services Advertising Software Risk

Nine-year Malaysia Airlines breach gave attackers lots of time to misuse data

SC Magazine

MARCH 3, 2021

Malaysia Airlines faces the daunting task of investigating over nine years’ worth of compromised data after learning of a “data security incident” at a third-party IT service provider that exposed Enrich frequent flyer program member data from March 2010 through June 2019.

Scams

Scams Media Risk Phishing

Dragon Breath APT uses double-dip DLL sideloading strategy

Security Affairs

MAY 7, 2023

“DLL sideloading, first identified in Windows products in 2010 but prevalent across multiple platforms, continues to be an effective and appealing tactic for threat actors.” The malware is also able to steal cryptocurrency from the MetaMask crypto (Ethereum) wallet extension for Google Chrome. ” concludes the post.

Malware

Malware Cryptocurrency Encryption Phishing

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs

SEPTEMBER 27, 2023

BlackTech is a Chinese APT group that has been active since at least 2010 and that known for conducting cyber espionage campaigns in Asia aimed at entities in Hong Kong, Japan, and Taiwan.

Firmware

Firmware Telecommunications System Administration Malware

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

that dates back 2010, while the three vendors (Lenovo, Dell, HP) were observed using version 0.9.8w . “Historically the problem within third-party code dependencies is not an easy issue to solve at the compiled code level.” ” The experts noticed that devices from Dell and Lenovo relied on version 0.9.8l that dates back 2012.

Firmware

Firmware Manufacturing Hacking Software

CISA adds Ruckus bug and another six flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 16, 2023

CVE-2010-3904 – Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.

Wireless

Wireless DDOS Cybersecurity Hacking

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0 and Visual Studio 2019 versions 16.0,

Hacking

Hacking Advertising Software Information Security

The OpenSSL Project addressed three vulnerabilities

Security Affairs

FEBRUARY 18, 2021

In 2010, the Open SSL project addressed three vulnerabilities, including two DDoS issues rated high severity. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The flaw was reported to OpenSSL Project on 21st January 2021 by D. Katz and Joel Luellwitz from Trustwave.

DDOS

DDOS Encryption Hacking Information Security

Meditology Announces Strategic Growth Investment from Primus Capital

CyberSecurity Insiders

JANUARY 5, 2022

Since its founding in 2010, Meditology has served as the healthcare industry’s leading firm for information risk management, cybersecurity, privacy, regulatory compliance, and advisory solutions.

Healthcare

Healthcare Penetration Testing Risk Cybersecurity

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Security Affairs

APRIL 28, 2021

The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar since 2015 while targeting entities in Asia-Pacific (APAC) region. .

Backups

Backups Malware Mobile Passwords

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

When Keys left Tribune Company-owned Sacramento KTXL Fox 40 in 2010, he shared login credentials of the CMS used by the website with members of Anonymous. Keys was accused of providing Anonymous login credentials that allowed the group to deface access and deface the website of the Los Angeles Times in 2013.

Hacking

Hacking Advertising Accountability Media

US pharmacy Rite Aid banned from operating facial recognition systems

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Trending Sources

SJW Group Appoints James P. Lynch as Chief Accounting Officer, Andrew Walters as Chief Financial Officer; San Jose Water Appoints Peter Fletcher as Vice President – Information Security Officer

Administrator of RSOCKS Proxy Botnet Pleads Guilty

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Finalists: Best Professional Certification Program

MEET THE RECIPIENTS OF THE 2021 (ISC)² GOVERNMENT PROFESSIONAL AWARD

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

CISA shares a catalog of 306 actively exploited vulnerabilities

British Court rejects the US’s request to extradite Julian Assange

The cybersecurity researcher Dan Kaminsky has died

NATO Chief calls for a new strategic to address new challenges

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

REMnux 7, a Linux toolkit for malware analysts released

Volvo Cars suffers a data breach. Is it a ransomware attack?

Meet the Administrators of the RSOCKS Proxy Botnet

Hospitality Chain McMenamins discloses data breach after ransomware attack

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

The author of FastPOS PoS malware pleads guilty

330K stolen payment cards and 895K stolen gift cards sold on dark web

Colombian authorities arrested hacker behind the Gozi Virus

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Payment solutions giant Edenred announces malware infection

Experts linked ransomware attacks to China-linked APT27

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

China-linked Budworm APT returns to target a US entity

Meet the 2021 SC Awards judges

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

ChromeLoader campaign uses VHD files disguised as cracked games and pirated software

Magecart hackers hide stolen credit card data into images and bogus CSS files

SAP Security Patch Day for May 2019 fixes many missing authorization checks

Nine-year Malaysia Airlines breach gave attackers lots of time to misuse data

Dragon Breath APT uses double-dip DLL sideloading strategy

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

CISA adds Ruckus bug and another six flaws to its Known Exploited Vulnerabilities catalog

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

The OpenSSL Project addressed three vulnerabilities

Meditology Announces Strategic Growth Investment from Primus Capital

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Journalist Matthew Keys is now charged with an attack on a magazine

Stay Connected