Accountability, Backups, Software and System Administration

‘Wormable’ Flaw Leads July Microsoft Patches

Krebs on Security

JULY 14, 2020

Microsoft today released updates to plug a whopping 123 security holes in Windows and related software, including fixes for a critical, “wormable” flaw in Windows Server versions that Microsoft says is likely to be exploited soon. Thankfully, I was able to restore from a recent backup.

DNS

DNS Backups System Administration Software

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

“The command requires Windows system administrators,” Truniger’s ads explained. “Experience in backup, increase privileges, mikicatz, network. was also used to register an account at the online game stalker[.]so ru account and posted as him. ru account was used without his permission.

Ransomware

Ransomware Accountability Cybercrime Backups

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

eSecurity Planet

MARCH 21, 2022

Inactive Accounts and Default Configurations. Hackers gained initial access by brute-forcing an existing account via “a simple, predictable password” to enroll a new device in the MFA procedures, the agencies said. MFA was automatically disabled because the account was inactive for a long period.

VPN

VPN Accountability Authentication Passwords

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Chinese hackers employed open-source tools for reconnaissance and vulnerability scanning, according to the government experts, they have utilized open-source router specific software frameworks, RouterSploit and RouterScan [ T1595.002 ], to identify vulnerable devices to target. Protect these accounts with strict network policies [ D3-UAP ].

Telecommunications

Telecommunications Authentication Passwords Accountability

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

The agencies offered some sound cybersecurity advice for BlackByte that applies pretty generally: Conduct regular backups and store them as air-gapped, password-protected copies offline. Update and patch operating systems, software, and firmware as soon as updates and patches are released.

Ransomware

Ransomware Encryption Backups Accountability

FIN7 cybercrime gang creates fake cybersecurity firm to recruit pentesters for ransomware attacks

Security Affairs

OCTOBER 22, 2021

FIN7, operating under the guise of Bastion Secure, published job offers for programmers (PHP, C++, Python), system administrators, and reverse engineers. The gang was looking for administrators to map out compromised companies’ networks and locate sensitive data, including backup. ” continues the expert.

Cybercrime

Cybercrime Ransomware Cybersecurity Backups

Fake Company Sheds Light on Ransomware Group Tactics

eSecurity Planet

NOVEMBER 4, 2021

According to Gemini Advisory, they could have a billion dollars on hand after several years of service, making $50 million every month and employing managers, money launderers, and software developers. Real companies could not provide illegal assets such as anonymous bank accounts or bitcoin wallets to their employees as an escape strategy.

Ransomware

Ransomware Backups Penetration Testing System Administration

Linux Patch Management: Tools, Issues & Best Practices

eSecurity Planet

JUNE 21, 2023

Compared to other operating systems, Linux patch management is unique because of its open-source nature, which enables a sizable community of developers and security professionals to find vulnerabilities, examine the code, and submit patches. Microsoft performs extensive testing on patches before releasing them to the public.

Software

Software Backups Risk System Administration

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

Mitigation: do not store files containing sensitive data, such as passwords or backups, in web application publish directories. During one of the projects, an SQL injection into an application that was open to signup by any internet user let us obtain the credentials of an internal system administrator.

Passwords

Passwords Authentication Architecture Risk

Best Privileged Access Management (PAM) Software for 2022

eSecurity Planet

NOVEMBER 30, 2021

Privileged accounts are among an organization’s biggest cybersecurity concerns. These accounts give admins control over data, applications, infrastructure and other critical assets that average system users don’t have permission to access or change. What to Look for in Privileged Access Management Software.

Software

Software Accountability Government Passwords

PrintNightmare 0-day can be used to take over Windows domain controllers

Malwarebytes

JULY 1, 2021

As a Domain Admin they could then act almost with impunity, spreading ransomware, deleting backups and even disabling security software. If they can secure any kind of access, they can potentially use PrintNightmare to turn a normal user into an all-powerful Domain Admin. Mitigation.

System Administration

System Administration Backups Marketing Engineering

Privileged account management challenges: comparing PIM, PUM and PAM

CyberSecurity Insiders

NOVEMBER 18, 2021

He is also looking for opportunities to collect additional access parameters (usernames and passwords), elevate privileges, or use already existing compromised accounts for unauthorized access to systems, applications, and data. Cybercriminals may also perform some destructive actions aimed at data or systems.

Accountability

Accountability Passwords Authentication Social Engineering

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

According to Constella, this email address was used in 2010 to register an account for a Dmitry Yurievich Khoroshev from Voronezh, Russia at the hosting provider firstvds.ru. 2011 said he was a system administrator and C++ coder. NeroWolfe seems to have abandoned all of his forum accounts sometime in 2016.

Ransomware

Ransomware Cybercrime Accountability Malware

Addressing Remote Desktop Attacks and Security

eSecurity Planet

MARCH 25, 2022

Still, in the wrong hands, RDP attacks and vulnerabilities related to remote desktop software are a severe threat. Recent years presented a torrent of research showing how vulnerable RDP systems are for organizations not taking additional cybersecurity precautions. Also read : Best Internet Security Suites & Software.

VPN

VPN Software Authentication Encryption

3 security lessons from an MSP that survived the Kaseya VSA attack

Malwarebytes

SEPTEMBER 16, 2021

His Microsoft Outlook instance closed down unexpectedly, his phone rang and he learned about a customer having trouble connecting to some software tools, and then, just minutes later, his phone rang again. Their backups worked, Tipton said, but the process itself happened slower than expected. Say goodbye to public whitelists.

Ransomware

Ransomware Backups Passwords Software

How to Improve SD-WAN Security

eSecurity Planet

MAY 19, 2022

As the modern workforce becomes increasingly mobile and enterprises branch out and grow, software-defined wide area networks ( SD-WAN ) have become a popular choice in the evolution of networking. Traditional Networks vs Software-Define Networks (SDN). Also read : Best Business Continuity Software. Jump to: What is SD-WAN?

Firewall

Firewall Architecture Software Backups

Kaseya Breach Underscores Vulnerability of IT Management Tools

eSecurity Planet

JULY 6, 2021

Managed service providers (MSPs) have long relied on third-party software to manage clients’ IT infrastructure, but a massive ransomware attack launched over the weekend at customers of Kaseya will likely cause MSPs to take a harder look at the security of their IT suppliers. Backup data regularly. Managing supply chain risk.

Ransomware

Ransomware B2B Software System Administration

Is Cloud Storage Safe From Ransomware?

Spinone

FEBRUARY 18, 2020

These are words that no system administrator or business leader wants to hear from anyone using a computer on their network. SpinOne still allows the user account access to the environment. In other words, an employee whose user account has been victimized will still have access to his or her G Suite or Office 365 account.

Ransomware

Ransomware Encryption Malware Backups

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

Is it the hospital, which should have had a power backup? And, you know, I had the Twitter account ID set up in 2018. I had tweeted this video, it's pinned on our Twitter account hack, not crime. Let's say someone hacks into the local power grid and, as a result, a hospital loses power to its critical patient care units.

Hacking

Hacking Technology InfoSec Media

Cyber Security Informer

‘Wormable’ Flaw Leads July Microsoft Patches

A Closer Look at the Snatch Data Ransom Group

Trending Sources

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

China-linked threat actors have breached telcos and network service providers

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

FIN7 cybercrime gang creates fake cybersecurity firm to recruit pentesters for ransomware attacks

Fake Company Sheds Light on Ransomware Group Tactics

Linux Patch Management: Tools, Issues & Best Practices

Top 10 web application vulnerabilities in 2021–2023

Best Privileged Access Management (PAM) Software for 2022

PrintNightmare 0-day can be used to take over Windows domain controllers

Privileged account management challenges: comparing PIM, PUM and PAM

How Did Authorities Identify the Alleged Lockbit Boss?

Addressing Remote Desktop Attacks and Security

3 security lessons from an MSP that survived the Kaseya VSA attack

How to Improve SD-WAN Security

Kaseya Breach Underscores Vulnerability of IT Management Tools

Is Cloud Storage Safe From Ransomware?

The Hacker Mind Podcast: Ethical Hacking

Stay Connected