2019, Accountability, Information Security and System Administration

2019

Accountability

Information Security

System Administration

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications

Telecommunications Authentication Passwords Accountability

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

FEBRUARY 20, 2020

The CVE-2020-3158 flaw is related to the presence of a system account that has a default and static password in the Smart Software Manager tool. “The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator.”

Software

Software System Administration Advertising Accountability

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by the group since 2019. In order to identify CAKETAP running on a Solaris system, administrators can check for the presence of a hook installed in the ipcl_get_next_conn hook function. ” concludes the report.

Banking

Banking Telecommunications System Administration Hacking

Backdoored Webmin versions were available for download for over a year

Security Affairs

AUGUST 19, 2019

Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day is that Webmin contained a remote code execution vulnerability, tracked as CVE-2019-15107, for more than a year.

Passwords

Passwords System Administration Advertising DNS

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

“Fast forwarded to October 11, 2019, our Anglerfish honeypot captured another suspicious ELF sample, and it turned out to be the Downloader of the previous suspicious ELF sample.” Webmin is an open-source web-based interface for system administration for Linux and Unix.

DDOS

DDOS System Administration Advertising DNS

SPOTLIGHT: Women in Cybersecurity

McAfee

NOVEMBER 3, 2020

The RSA Conference USA 2019 held in San Francisco — which is the world’s largest cybersecurity event with more than 40,000 people and 740 speakers — is a decent measuring stick for representation of women in this field. Please join McAfee, AWS, and our customers to discuss the impact women are having on information security in the cloud.

Cybersecurity

Cybersecurity Architecture Cloud Migration Retail

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. lazydocker : A simple terminal UI for both docker and docker-compose : [link] pic.twitter.com/HsK17rzg8m — Binni Shah (@binitamshah) July 1, 2019.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Security Affairs

APRIL 30, 2020

The campaign, dubbed PerSwaysion due to the extensive abuse of Microsoft Sway, has been active since at least mid-2019 and was attributed to Vietnamese speaking developers and Nigerian operators. ?ybercriminals Group-IB continues to work with the relevant parties in local countries to inform the affected companies of the breach.

Phishing

Phishing Accountability Financial Services Cloud Migration

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines.

Malware

Malware Social Engineering Encryption Marketing

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

SecureWorld News

OCTOBER 15, 2020

A group of teenagers used social engineering to breach Twitter's network and take over the accounts of a whole bunch of A-listers. The teens also took over Twitter accounts of several cryptocurrency companies regulated by the New York State Department of Financial Services (NYDFS). How did the Twitter account takeover attack work?

Social Engineering

Social Engineering Media Scams Financial Services

Cyber Security Informer

China-linked threat actors have breached telcos and network service providers

Cisco fixes a static default credential issue in Smart Software Manager tool

Trending Sources

Caketap, a new Unix rootkit used to siphon ATM banking data

Backdoored Webmin versions were available for download for over a year

Roboto, a new P2P botnet targets Linux Webmin servers

SPOTLIGHT: Women in Cybersecurity

Top Cybersecurity Accounts to Follow on Twitter

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Updates from the MaaS: new threats delivered through NullMixer

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

Stay Connected