2019, Accountability, Hacking and System Administration

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. Here’s what I took away from our discussion: Transient hacks. This quickly gets intricately technical.

Hacking

Hacking Energy and Utilities System Administration Accountability

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications

Telecommunications Authentication Passwords Accountability

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

FEBRUARY 20, 2020

The CVE-2020-3158 flaw is related to the presence of a system account that has a default and static password in the Smart Software Manager tool. “The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator.”

Software

Software System Administration Advertising Accountability

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all time. “The command requires Windows system administrators,” Truniger’s ads explained. was also used to register an account at the online game stalker[.]so

Ransomware

Ransomware Accountability Cybercrime Backups

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

The China-linked hacking group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by the group since 2019. SecurityAffairs – hacking, Caketap). Pierluigi Paganini.

Banking

Banking Telecommunications System Administration Hacking

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

FEBRUARY 26, 2024

The fix: System administrators are encouraged to install the Exchange Server 2019 Cumulative Update 14 (CU14), which was issued in February 2024 and enabled NTLM credentials Relay Protection. Despite VMware’s three-year-old deprecation statement, unprotected systems remain at risk.

Risk

Risk Authentication System Administration Ransomware

Backdoored Webmin versions were available for download for over a year

Security Affairs

AUGUST 19, 2019

Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day is that Webmin contained a remote code execution vulnerability, tracked as CVE-2019-15107, for more than a year.

Passwords

Passwords System Administration Advertising DNS

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

“Fast forwarded to October 11, 2019, our Anglerfish honeypot captured another suspicious ELF sample, and it turned out to be the Downloader of the previous suspicious ELF sample.” Webmin is an open-source web-based interface for system administration for Linux and Unix.

DDOS

DDOS System Administration Advertising DNS

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

It could be compromised directly or by hacking the account of someone with access to the website management. Cybercriminals also used to hack into servers of organizations to use them as relay servers to throw investigators off the scent and make it harder to trace the main C&C center.

Cybercrime

Cybercrime Banking Malware Ransomware

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Shah provides her expertise in hacking, software development, and kernel development and advocates for open source initiatives. — Jason Haddix (@Jhaddix) July 27, 2019.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

Is hacking a crime? Bryan McAninch (Aph3x) talks about his organization, Hacking Is Not A Crime , and the ethical line it draws on various hacking activities. I used to hack the phone company quite a bit. I was like living in our systems for years and I want to get in some trouble for that.

Hacking

Hacking Technology InfoSec Media

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Security Affairs

APRIL 30, 2020

The campaign, dubbed PerSwaysion due to the extensive abuse of Microsoft Sway, has been active since at least mid-2019 and was attributed to Vietnamese speaking developers and Nigerian operators. ?ybercriminals New round of phishing attempts leveraging current victim’s account usually takes less than 24 hours. Gone in 24 Hours.

Phishing

Phishing Accountability Financial Services Cloud Migration

IT threat evolution Q2 2021

SecureList

AUGUST 12, 2021

This tool was used as part of an ongoing campaign that we named “ TunnelSnake “ The rootkit was detected on the targeted machines as early as November 2019; and another tool we found, showing significant code overlaps with the rootkit, suggests that the developers had been active since at least 2018. Black Kingdom ransomware.

Ransomware

Ransomware Malware Banking Encryption

A guide to OWASP’s secure coding

CyberSecurity Insiders

SEPTEMBER 21, 2021

If any potentially hazardous characters must be allowed as input, be sure that you implement additional controls like output encoding, secure task specific APIs, and accounting to use that data throughout the application. Implement password hashing on a trusted system. Hackers can use these credentials to get access to all accounts.

Authentication

Authentication Passwords Software Accountability

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines. He is a former member of the ANeSeC CTF team, one of the firsts Italian cyber wargame teams born back in 2011.

Malware

Malware Social Engineering Encryption Marketing

Black Kingdom ransomware

SecureList

JUNE 17, 2021

Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. Black Kingdom is not a new player: it was observed in action following other vulnerability exploitations in 2020, such as CVE-2019-11510. CVE-2019-11510. Transactions made to a Bitcoin account. Product affected.

Ransomware

Ransomware Encryption VPN System Administration

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

SecureWorld News

OCTOBER 15, 2020

A group of teenagers used social engineering to breach Twitter's network and take over the accounts of a whole bunch of A-listers. The teens also took over Twitter accounts of several cryptocurrency companies regulated by the New York State Department of Financial Services (NYDFS). How did the Twitter account takeover attack work?

Social Engineering

Social Engineering Media Scams Financial Services

On the Twitter Hack

Schneier on Security

JULY 20, 2020

Twitter was hacked this week. Not a few people's Twitter accounts, but all of Twitter. Someone compromised the entire Twitter network, probably by stealing the log-in credentials of one of Twitter's system administrators. It didn't matter whether the accounts were normally accessed via a Mac or a PC.

Hacking

Hacking Banking Accountability Government

Cyber Security Informer

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

China-linked threat actors have breached telcos and network service providers

Trending Sources

Cisco fixes a static default credential issue in Smart Software Manager tool

A Closer Look at the Snatch Data Ransom Group

Caketap, a new Unix rootkit used to siphon ATM banking data

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

Backdoored Webmin versions were available for download for over a year

Roboto, a new P2P botnet targets Linux Webmin servers

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Top Cybersecurity Accounts to Follow on Twitter

The Hacker Mind Podcast: Ethical Hacking

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

IT threat evolution Q2 2021

A guide to OWASP’s secure coding

Updates from the MaaS: new threats delivered through NullMixer

Black Kingdom ransomware

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

On the Twitter Hack

Stay Connected