article thumbnail

Hackers Were Inside Citrix for Five Months

Krebs on Security

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. But in a letter sent to affected individuals dated Feb. 13, 2018 and Mar.

VPN 360
article thumbnail

Microsoft pushes emergency fix for Windows Server 2019 update errors

Bleeping Computer

Microsoft has released an emergency out-of-band (OOB) update for Windows Server 2019 that fixes a bug causing 0x800f0982 errors when attempting to install the May 2024 Patch Tuesday security updates. [.]

126
126
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How the FBI Gets Location Information

Schneier on Security

Vice has a detailed article about how the FBI gets data from cell phone providers like AT&T, T-Mobile, and Verizon, based on a leaked (I think) 2019 139-page presentation.

Mobile 301
article thumbnail

Microsoft Patch Tuesday, January 2021 Edition

Krebs on Security

Allan Liska , senior security architect at Recorded Future , said while it is concerning that so many vulnerabilities around the same component were released simultaneously, two previous vulnerabilities in RPC — CVE-2019-1409 and CVE-2018-8514 — were not widely exploited.

Backups 285
article thumbnail

Ransomware Profitability

Schneier on Security

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.

article thumbnail

Latest on the SVR’s SolarWinds Hack

Schneier on Security

Separately, it seems that the SVR conducted a dry run of the attack five months before the actual attack: The hackers distributed malicious files from the SolarWinds network in October 2019, five months before previously reported files were sent to victims through the company’s software update servers. We know at minimum they had access Oct.

Hacking 325
article thumbnail

Open Source Does Not Equal Secure

Schneier on Security

From a ZDNet article : GitHub launched a deep-dive into the state of open source security, comparing information gathered from the organization’s dependency security features and the six package ecosystems supported on the platform across October 1, 2019, to September 30, 2020, and October 1, 2018, to September 30, 2019.