SiteLock

AUGUST 27, 2021

We’re excited to announce that SiteLock earned Gold, Silver, and Bronze recognition across multiple categories in the 2018 Cybersecurity Excellence Awards ! The Cybersecurity Excellence Awards recognize companies, products and individuals that demonstrate excellence, innovation and leadership in information security.

Cybersecurity 52

Cybersecurity Marketing Malware Threat Detection 52

Security Affairs

DECEMBER 21, 2019

Cisco has warned customers that hackers continue to target Cisco ASA and Firepower Appliance products by exploiting the CVE-2018-0296 flaw. Experts warn that threat actors continue to exploit the CVE-2018-0296 flaw to target Cisco ASA and Firepower Appliance. ” read the security advisory published by Cisco.

Firewall 64

Firewall Advertising Software Risk 64

PerezBox Security

OCTOBER 20, 2018

On September 28th, 2018, Facebook announced it’s biggest data breach to date. Subsequent to the disclosure, security. The post The 2018 Facebook Data Breach appeared first on PerezBox. They estimated 50 million accounts were affected at the time of the disclosure.

Data breaches 80

Data breaches Accountability Information Security Cybersecurity 80

Security Affairs

SEPTEMBER 23, 2021

BulletProofLink has been active since 2018, it was used by multiple threat actors in either one-off or monthly subscription-based business models. The post BulletProofLink, a large-scale phishing-as-a-service active since 2018 appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.

Phishing 88

Phishing Cybercrime Advertising Hacking 88

Security Affairs

SEPTEMBER 18, 2021

” Our research shows that this actor has been targeting the aviation industry since at least 2018, with files mentioning both “Trip Itinerary Details” and “Bombardier” at the time using the URL akconsult[.]linkpc[.]net.” ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware 98

Malware Phishing DNS Cybercrime 98

PerezBox Security

APRIL 15, 2019

The Sucuri team recently released their second annual security report for 2018 – Hacked Website Report 2018. The post ANALYZING SUCURI’S 2018 HACKED WEBSITE TREND REPORT appeared first on PerezBox. It looks at a representative sample of infected websites from the Sucuri customer base.

Hacking 61

Hacking Information Security 61

Thales Cloud Protection & Licensing

NOVEMBER 15, 2018

Thales eSecurity Global CISO Bridget Kenyon was recently named one of the ‘Top 25 Women in Tech 2018’ by UK publication PCR. The post UK Publication Names Thales eSecurity Global CISO to 2018 Top 25 Women in Tech List appeared first on Data Security Blog | Thales eSecurity.

CISO 75

CISO Government Information Security Cybersecurity 75

Security Affairs

JULY 4, 2019

Kaspersky experts discovered that Sodinokibi, aka Sodin, Ransomware currently also exploits the CVE-2018-8453 vulnerability to elevate privileges in Windows. The post Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – Sodin, ransomware).

Ransomware 78

Ransomware Encryption Advertising Architecture 78

Thales Cloud Protection & Licensing

JANUARY 25, 2018

This morning we announced, in tandem with our partner 451 Research, the Global Edition of the 2018 Thales Data Threat Report. I invite you to read the report for all the detail on the results and Garrett Bekker’s best practice recommendations (Garrett is Principal Analyst for Information Security at 451 Research, and author of the report).

Digital transformation 96

Digital transformation Threat Reports Big data Data breaches 96

Security Affairs

AUGUST 19, 2020

According to the security expert Tal Be’ery , the vulnerability, dubbed GlueBall, has been known since August 2018, because a malware sample exploiting it was uploaded to VirusTotal. The post Actively exploited CVE-2020-1464 Windows Spoofing flaw was known since 2018 appeared first on Security Affairs.

Advertising 72

Advertising Malware Internet Internet 72

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 64

Artificial Intelligence Government Banking Advertising 64

Security Affairs

JULY 8, 2019

The UK Information Commissioner’s Office (ICO) fined British Airways with £183 million for failing to protect the personal information of roughly 500,000 customers during 2018 security breach. “The proposed fine relates to a cyber incident notified to the ICO by British Airways in September 2018. .

Data breaches 70

Data breaches Advertising Hacking Mobile 70

Troy Hunt

JANUARY 3, 2019

Here's my 2018 highlights, starting with travel: Travel "Oh yeah, I'm totally gonna travel less this year" - me every single year In reality, my travel ended up looking like this: That's the same number as last year, 4 more days and another 8,000km. Probably with my 2018 events page which lists everything I did of a public nature.

Passwords 204

Passwords Technology Government InfoSec 204

Security Affairs

MAY 2, 2023

Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices. The CVE-2018-9995 flaw is due to an error when handling a maliciously crafted HTTP cookie. At this time, the vendor has yet to release security patches to address the flaw.

Authentication 98

Authentication Retail Surveillance Education 98

Security Affairs

MARCH 2, 2024

from April 29, 2018, to May 10, 2020). In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide.

Spyware 123

Spyware Surveillance Architecture Software 123

Security Affairs

MAY 6, 2024

” In July 2018, a Greek lower court agreed to extradite Vinnik to France to face charges of hacking, money laundering , extortion, and involvement in organized crime. French authorities accused Vinnik of defrauding more than 100 people in six French cities between 2016 and 2018.

Cryptocurrency 96

Cryptocurrency Computers and Electronics Identity Theft Hacking 96

Krebs on Security

JULY 21, 2023

Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks.

CSO 209

CSO CISO Insurance Risk 209

Security Affairs

SEPTEMBER 28, 2023

US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) X through 3.3.4.

Hacking 110

Hacking Risk Cybersecurity Information Security 110

Security Affairs

DECEMBER 19, 2022

CVE-2018-0125 (CVSS score of 9.8) – A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. .

Wireless 138

Wireless VPN Software Hacking 138

Joseph Steinberg

OCTOBER 21, 2022

From the United Kingdom Home Office’s misleadingly named No Place to Hide anti-encryption campaign, to India’s Intermediary Guidelines and Digital Media Ethics Code , to Australia’s Assistance and Access Act of 2018 and its 2021.

Encryption 130

Encryption Government Artificial Intelligence Surveillance 130

Security Affairs

DECEMBER 30, 2022

US CISA added TIBCO Software’s JasperReports vulnerabilities, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9), to its Known Exploited Vulnerabilities ( KEV ) catalog, TIBCO JasperReports is an open-source Java reporting tool for creating and managing reports and dashboards.

Software 86

Software Authentication Hacking Risk 86

Troy Hunt

JUNE 8, 2018

But somehow, I wiggled my way into The European Security Blogger Awards and before even having a chance to come down off the high that was last week's Award for Information Security Excellence at the AusCERT conference in Australia , this happened: @troyhunt hey mate, you just won the EU security blogger of the year.

Technology 135

Technology Information Security 135

Krebs on Security

DECEMBER 6, 2023

The new Network and Information Security Directive (NIS2), which EU member states have until October 2024 to implement, requires registrars to keep much more accurate WHOIS records, and to respond within as little as 24 hours to WHOIS data requests tied everything from phishing, malware and spam to copyright and brand enforcement.

Phishing 229

Phishing Internet Internet Scams 229

Krebs on Security

OCTOBER 9, 2020

The Post report suggested the action was a bid to prevent Trickbot from being used to somehow interfere with the upcoming presidential election, noting that Cyber Command was instrumental in disrupting the Internet access of Russian online troll farms during the 2018 midterm elections. The Post said U.S.

Ransomware 334

Ransomware Internet Internet Passwords 334

Security Affairs

DECEMBER 4, 2023

. — Microsoft Threat Intelligence (@MsftSecIntel) December 1, 2023 DanaBot is a multi-stage modular banking Trojan written in Delphi that first appeared on the threat landscape in 2018. The malware implements a modular structure that allows operators to support new functionalities by adding new plug-ins.

Ransomware 105

Ransomware Malware Banking Hacking 105

The Last Watchdog

JANUARY 9, 2024

The market has also grown by 1,600% since 2018 , displaying an interest that shows no signs of slowing. Everyone in the company is responsible for maintaining information security and applying protective measures in line with established policies. These industries are growing in popularity and demand.

Technology 203

Technology Cybersecurity Risk Mobile 203

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. was used at the time of the attack), which enabled the attackers to exploit the CVE-2018-13379 vulnerability and gain access to the enterprise network.” ” continues Kaspersky.

VPN 97

VPN Ransomware Antivirus Firmware 97

Security Affairs

MAY 15, 2020

million phone numbers that are part of Dubsmash data breach that occurred in 2018. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1 million December 2018 Shein.com 42 million June 2018 Fotolog.com 33.5 million December 2018 CafePress.com 23.6

Data breaches 103

Data breaches Advertising Passwords Hacking 103

The Last Watchdog

JUNE 21, 2020

RaaS rollout 2015 – 2018. The GandCrab RaaS that appeared in early 2018 was one of the last high-profile threats targeting individuals on a large scale. It vanished from the radar in June 2018, when the ransomware plague took another sharp turn. Targeting enterprises Late 2018 – present day.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

SC Magazine

APRIL 14, 2021

There’s no way to eliminate security vulnerabilities completely, so it’s our shared responsibility as a global information security industry to implement approaches to hunt and fix them swiftly. For American organizations, only the GDPR wake-up call in 2018 compares. Its members are nation-states.

Government 107

Government Risk Information Security InfoSec 107

Security Affairs

FEBRUARY 22, 2023

The MyloBot botnet has been active since 2017 and was first detailed by cybersecurity firm Deep Instinct in 2018. Since November 2018, BitSight researchers started sinkholing the botnet. In 2018, the botnet’s proxy sample contained a lot of hardcoded DGA domains, allowing the researchers to track almost any bot.

Advertising 87

Advertising Hacking Cybersecurity Information Security 87

Security Affairs

AUGUST 20, 2022

The group is a small crime threat actor, that has been active since at least April 2018, that employed multiple malware in its attacks, including Loda RAT, Vjw0rm, and Revenge RAT. The attacks carried out between 2018 and 2021 leveraged emails with weaponized Word documents containing exploits or malicious macros.

Cybercrime 90

Cybercrime Malware Phishing Internet 90

Security Affairs

APRIL 21, 2023

The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018. The security breach was detected on March 17, 2003 and according to the company the intrusion begun on or about March 6, 2023. The ABA has 166,000 members as of 2022.

Data breaches 89

Data breaches Passwords Education Accountability 89

Security Affairs

MARCH 22, 2021

Adobe has released security updates to address a critical vulnerability in the ColdFusion product (versions?2021, 2018) that could lead to arbitrary code execution.?. Adobe has released security updates for ColdFusion versions?2021, recommends customers apply the security configuration settings as outlined on the?ColdFusion

Software 104

Software Hacking Information Security Malware 104

Security Affairs

JANUARY 2, 2022

In this post, I present an abstract from the original analysis that I suggest reading, below the annual increase in the number of breaches: Year Number of Scams Year Increase In Number of Breaches (%) 2021 76 2020 – 2021 145% 2020 31 2019 – 2020 19% 2019 26 2018 – 2019 73%. Increase in money lost to crypto breaches.

Cryptocurrency 105

Cryptocurrency Scams Marketing Hacking 105

Security Affairs

JUNE 26, 2020

On August 2018, Schuchman has been indicted on federal computer hacking charges after rival hackers fingered him as the creator of a Mirai variant dubbed Satori that infected at least 500,000 internet routers around the word. In April 2018, Schuchman develops a new DDoS botnet alone, it was based on the Qbot malware family.

DDOS 144

DDOS IoT Advertising Internet 144

Malwarebytes

NOVEMBER 1, 2023

The Securities and Exchange Commission (SEC) has announced charges against software company SolarWinds Corporation and its chief information security officer (CISO), Timothy G. Brown, for “fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.”

CISO 100

CISO Risk Software Cybersecurity 100