Krebs on Security

JULY 8, 2021

The attackers exploited a vulnerability in software from Kaseya , a Miami-based company whose products help system administrators manage large networks remotely.

Software 286

Software Ransomware System Administration Authentication 286

Security Boulevard

JULY 26, 2021

In the first half of 2021, prominent attacks against SolarWinds and Microsoft Exchange both highlighted the collateral impact and potential reach of targeting the software supply chain. This year will be remembered as annus horribilis for attacks against the software supply chain.

Ransomware 111

Ransomware System Administration Software 111

Security Affairs

OCTOBER 13, 2023

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing support for encrypting Linux systems, specifically VMware ESXi servers. This joint CSA updates the advisory published by the US Government on March 17, 2022.

Ransomware 118

Ransomware System Administration Antivirus Malware 118

SecureList

OCTOBER 20, 2021

We investigated 200 cases for clients in Russia in 2020, and already over 300 in the first nine months of 2021. In 2021, browsers are much safer, with some of them updating automatically, without any user participation, while browser developers continually invest in vulnerabilities assessment.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

Digital Shadows

JULY 5, 2021

On 02 July 2021, details started to emerge of a sophisticated supply-chain attack targeting Kaseya VSA, virtual system administrator software.

System Administration 62

System Administration Ransomware Software Cyber threats 62

Security Boulevard

MARCH 12, 2021

Following exposure and publication of a major remote execution vulnerability like Exchange’s ProxyLogon (CVE-2021-26855), we expect other threat actors to join the race against system administrators trying to patch their systems. Following the release of patches and responsible….

Ransomware 75

Ransomware System Administration 75

Trend Micro

SEPTEMBER 13, 2021

The September 2021 Patch Tuesday cycle is relatively good news for system administrators with only 66 total bulletins. Perhaps more significantly, only three of these were Critical bulletins.

System Administration 52

System Administration 52

CyberSecurity Insiders

DECEMBER 2, 2021

The tech giant also issued an alert to system administrators to patch their vulnerable Exchange Servers quickly to avoid being targeted by more ProxyShell Attack claims. By April 2021, the Satya Nadella led company found that its email servers were being exploited to be used as ransomware distribution devices.

Ransomware 126

Ransomware System Administration Threat Detection Cyber threats 126

Security Affairs

APRIL 25, 2021

Threat actors are exploiting two vulnerabilities in the popular file-sharing server FileZen , tracked as CVE-2020-5639 and CVE-2021-20655 , to steal sensitive data from businesses and government organizations. The vendor recommended changing system administrator account, reset access control, and installing the latest available version.

System Administration 117

System Administration Firmware Government Hacking 117

Malwarebytes

AUGUST 23, 2021

Last Saturday the Cybersecurity and Infrastructure Security Agency issued an urgent warning that threat actors are actively exploiting three Microsoft Exchange vulnerabilities— CVE-2021-34473 , CVE-2021-34523 , and CVE-2021-31207. Fixes were available in the May 2021 Security Updates issued by Microsoft. (To

Authentication 106

Authentication Ransomware Encryption System Administration 106

McAfee

OCTOBER 4, 2021

The 2021 Hispanic Heritage Month theme invites us to celebrate Hispanic Heritage and to reflect on how great our tomorrow can be if we hold onto our resilience and hope. The post 2021 Hispanic Heritage Month Pt. One way to do this is to make more information available in Spanish. So, if you’re reading this, you have no excuses!

InfoSec 83

InfoSec System Administration Cybersecurity Engineering 83

CyberSecurity Insiders

DECEMBER 17, 2021

PHOENIX–( BUSINESS WIRE )–University of Phoenix is a recipient of the EC-Council 2021 Academic Circle of Excellence Award. Current faculty includes 136 chief executive officers, 19 chief information officers, three chief information security officers, and 127 information technology/system administrators.

Cybersecurity 52

Cybersecurity Education Technology System Administration 52

Malwarebytes

DECEMBER 10, 2021

An exploit listed as CVE-2021-44228 was made public on December 9, 2021. The exploit is simple, easy to trigger, and can be used to perform remote code execution (RCE) in vulnerable systems, which could allow an attacker to gain full control of them. Stay safe, everyone!

System Administration 136

System Administration Software 136

Malwarebytes

JULY 14, 2021

The list of July 2021 Patch Tuesday updates looks endless. Looking at the urgency levels Microsoft has assigned to them, system administrators have their work cut out for them once again: 13 criticial patches 103 important patches. CVE-2021-31979 Windows Kernel Elevation of Privilege Vulnerability for Windows 7, Windows 8.1,

DNS 101

DNS Media System Administration Engineering 101

Malwarebytes

OCTOBER 22, 2021

Unfortunately, in an echo of the Y2K bug, a flaw in some versions of GPSD could cause time to roll back after October 23, 2021. The buggy versions of the code reportedly subtract 1024 from the week number on October 24, 2021. It is also good for system administrators to make a mental note of the date October 24, 2021.

Authentication 144

Authentication System Administration Firmware Passwords 144

Security Affairs

APRIL 30, 2023

CERT-UA observed the campaign in April 2023, the malicious e-mails with the subject “Windows Update” were crafted to appear as sent by system administrators of departments of multiple government bodies. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

System Administration 91

System Administration Government Phishing Malware 91

Krebs on Security

NOVEMBER 8, 2021

Prosecutors say Vasinskyi was involved in a number of REvil ransomware attacks, including the July 2021 attack against Kaseya , Miami-based company whose products help system administrators manage large networks remotely. Vasinskyi was arrested Oct. 8 in Poland, which maintains an extradition treaty with the United States.

Ransomware 298

Ransomware Cybercrime System Administration Passwords 298

Krebs on Security

FEBRUARY 8, 2022

In July 2021, Microsoft issued an emergency fix for a Print Spooler flaw dubbed “ PrintNightmare ” that was actively being exploited to remotely compromise Windows PCs. The change will also be enabled for all currently supported standalone versions of Office, including versions 2021, 2019, 2016, and 2013.

Authentication 187

Authentication Internet Internet System Administration 187

CyberSecurity Insiders

MARCH 10, 2021

Cases of cyber-attacks are rapidly increasing, and businesses have every reason to worry following the recent prediction that damage costs might shoot beyond $6 trillion by the end of 2021. Cybersecurity services will still be in high demand 2021 and beyond. million jobs available by 2021. Identify a gap and bridge it.

Cybersecurity 143

Cybersecurity Marketing System Administration Backups 143

Krebs on Security

JUNE 10, 2022

For many years, Dye was a system administrator for Optinrealbig , a Colorado company that relentlessly pimped all manner of junk email, from mortgage leads and adult-related services to counterfeit products and Viagra. Adconion was acquired in June 2014 by Amobee , a Redwood City, Calif.

Government 260

Government Marketing Internet Internet 260

eSecurity Planet

SEPTEMBER 15, 2022

The malware seems to leverage the infamous Pwnkit vulnerability (CVE-2021-4034), one of the easiest exploits imaginable, and OverlayFS ( CVE-2021-3493 ), a kernel exploit that pentesters , capture-the-flag (CTF) players, and hackers know all too well. How to Protect Against Shikitega.

Malware 115

Malware Social Engineering System Administration Antivirus 115

Security Affairs

FEBRUARY 5, 2021

4 XSS in FortiWeb (CVE-2021-22122), found by Andrey Medov, have been patched. cmdb_edit_path=");alert('xss');// Advisory: [link] pic.twitter.com/jCOILHKWc4 — PT SWARM (@ptswarm) February 4, 2021. Two example PoCs: 1⃣ /error3?msg=30&data=';alert('xss');//

Firewall 116

Firewall System Administration Technology Hacking 116

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency 107

Cryptocurrency Malware Advertising System Administration 107

Security Affairs

APRIL 26, 2021

The authorities started pushing out a 32-bit payload named “ EmotetLoader.dll ” to clean up the infected systems, the process was set to trigger itself automatically on April 25, 2021 as confirmed by researchers at Malwarebytes. ” reads the post published by MalwareBytes. ” stated the DoJ.

Malware 100

Malware Banking System Administration Hacking 100

Malwarebytes

JULY 1, 2021

In June, Microsoft patched a vulnerability in the Windows Print Spooler that was listed as CVE-2021-1675. Which means that someone with limited access to a system could raise their privilege level, giving them more power over the affected system. They called theirs PrintNightmare and believed it was the same as CVE-2021-1675.

System Administration 82

System Administration Backups Marketing Engineering 82

Security Affairs

MAY 5, 2021

Researchers from Tenable have disclosed a critical authentication bypass vulnerability in HPE Edgeline Infrastructure Manager (EIM), tracked as CVE-2021-29203 , that could be exploited by attackers to compromise a customer’s cloud infrastructure. EIM is the company’s two-year-old edge computing-management suite. or later to fix the bug.

Authentication 93

Authentication Passwords Accountability System Administration 93

Malwarebytes

JULY 12, 2023

On the July 4 weekend in 2021, the REvil ransomware gang was likely hosting its own celebrations after pulling off an enormous supply-chain attack on Kaseya , one of the biggest IT solutions providers in the US for managed service providers (MSPs).

Ransomware 64

Ransomware System Administration Encryption Media 64

SecureList

AUGUST 12, 2021

While analyzing the CVE-2021-1732 exploit, first discovered by DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we found another zero-day exploit that we believe is linked to the same threat actor. The exploit-chain attempts to install malware in the system through a dropper.

Ransomware 133

Ransomware Malware Banking Encryption 133

Malwarebytes

JULY 23, 2021

CNA’s network was compromised in March 2021. “With elevated privileges, the Threat Actor moved laterally within the environment to conduct reconnaissance and establish persistence onto certain systems within the environment. You can listen to it below, or on Apple Podcasts , Spotify , and Google Podcasts.

Ransomware 94

Ransomware Unstructured Data Accountability Consumer Protection 94

Krebs on Security

SEPTEMBER 30, 2023

“The command requires Windows system administrators,” Truniger’s ads explained. Flashpoint said Truniger recruited “pen testers” for a new, then-unnamed cybercrime group, by posting their private Jabber instant messenger contact details on multiple Russian language coding forums, as well as on Facebook.

Ransomware 218

Ransomware Accountability Cybercrime Backups 218

eSecurity Planet

MARCH 21, 2022

By using a misconfigured Cisco Duo MFA implementation to force enrollment of a new device, the hackers were then able to use the “PrintNightmare” Windows Print Spooler vulnerability ( CVE-2021-34527 and CVE-2021-36958 ) to obtain administrator privileges. Inactive Accounts and Default Configurations.

VPN 108

VPN Accountability Authentication Passwords 108

Security Affairs

JUNE 8, 2022

Ensure that you have dedicated management systems [ D3-PH ] and accounts for system administrators. Enable robust logging of Internet-facing services and monitor the logs for signs of compromise [ D3-NTA ] [ D3-PM ]. Protect these accounts with strict network policies [ D3-UAP ].

Telecommunications 96

Telecommunications Authentication Passwords Accountability 96

Malwarebytes

JUNE 24, 2021

The researchers have written a paper (pdf) about Active Directory Certificate Services (AD CS) to raise awareness for both attackers and defenders alike of the security issues surrounding this complex, widely deployed, and often misunderstood system. They will also present this material at BlackHat USA 2021.

Authentication 113

Authentication System Administration Passwords 113

Krebs on Security

JULY 25, 2023

In a report released July 12, researchers at Lumen’s Black Lotus Labs called the AVrecon botnet “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history,” and a crime machine that has largely evaded public attention since first being spotted in mid-2021.

Malware 203

Malware VPN Internet Internet 203

Malwarebytes

MARCH 31, 2023

In September 2021, Malwarebytes spoke with Matt Crape from VMWare to find out why backups are so hard, why they fail, and what to do about it. And it's all-too-common for those that do take regular backups to discover too late that they aren't fit for purpose. Because backups are hard to get right.

Backups 67

Backups Ransomware System Administration Media 67

IT Security Guru

SEPTEMBER 7, 2022

Per a recent report from Q4 2020 to Q4 2021 , the average number of APIs per company increased by 221% in 12 months and that API attack traffic grew by 681% while overall API traffic grew by 321%. Microservices Architecture has Created a Security Blind Spot. API Security Tools.

DDOS 114

DDOS Authentication Architecture Social Engineering 114

Joseph Steinberg

SEPTEMBER 14, 2021

CyberSecurity Expert Joseph Steinberg will speak about endpoint security at the Endpoint Management and Security Conference , to be held virtually on Tuesday, September 14, 2021.

Cybersecurity 26

Cybersecurity Artificial Intelligence System Administration Internet 26