Advertising, Hacking and System Administration

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. The RUSdot mailer, the email spamming tool made and sold by the administrator of RSOCKS.

Advertising

Advertising Cybercrime System Administration Hacking

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

An advertisement for Orcus RAT. The accused, 36-year-old John “Armada” Revesz , has maintained that Orcus is a legitimate “ R emote A dministration T ool” aimed at helping system administrators remotely manage their computers, and that he’s not responsible for how licensed customers use his product.

Malware

Malware Advertising Marketing System Administration

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking

Hacking Engineering Data breaches Advertising

Five Eyes Intelligence agencies warn of popular hacking tools

Security Affairs

OCTOBER 12, 2018

Security agencies belonging to Five Eyes (United States, United Kingdom, Canada, Australia and New Zealand) have released a joint report that details some popular hacking tools. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Five Eyes, hacking ).

Hacking

Hacking System Administration Advertising Engineering

Cisco fixed a critical issue in the Unified Contact Center Express

Security Affairs

MAY 25, 2020

The issue could be exploited by supplying a malformed Java object to a specific listener on an vulnerable system. Administrators should update their Unified CCE installs as soon as possible. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – Unified CCE, hacking).

System Administration

System Administration Advertising Software Hacking

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

A baseboard management controller (BMC) is a specialized service processor that monitors the physical state of a computer, network server or other hardware device using sensors and communicating with the system administrator through an independent connection. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Firmware Media Authentication

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

FEBRUARY 20, 2020

“The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator.” ” An attacker could exploit the flaw by using this default account to connect to a vulnerable system and obtain read and write access to system data.

Software

Software System Administration Advertising Accountability

Only now we known that International Civil Aviation Organization (ICAO) was hacked in 2016

Security Affairs

MARCH 1, 2019

“Mail server, domain administrator and system administrator accounts were all affected, giving cyberespions access to the past and current passwords of more than 2,000 ICAO system users. The agency thus becoming a one-stop shop for the hacking of all other players in the aerospace industry.”.

Hacking

Hacking System Administration Advertising Media

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. AvosLocker affiliates use legitimate software and open-source remote system administration tools to compromise the victims’ networks.

Ransomware

Ransomware System Administration Antivirus Malware

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Usually, these users have no idea their systems are compromised. md , and that they were a systems administrator for sscompany[.]net.

Malware

Malware VPN Internet Internet

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

OCTOBER 14, 2018

A Russian-speaking hacker, who goes by the name of Alexey, claims to have hacked into over 100,000 MikroTik routers with a specific intent, disinfect them. Alexey is a Russian-speaking cyber vigilante that decided to fix the MikroTik routers and he claims to be e system administrator. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency System Administration Advertising Hacking

Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure

Security Affairs

JUNE 2, 2020

Security researchers from hacking firm Citadelo disclosed details for a new critical vulnerability in VMware’s Cloud Director platform, tracked as CVE-2020-3956 , that could be abused to takeover corporate servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

System Administration

System Administration Accountability Advertising Authentication

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

Security Affairs

MAY 28, 2020

Using a previous version of Exim leaves a system vulnerable to exploitation. System administrators should continually check software versions and update as new versions become available.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – APT, hacking).

System Administration

System Administration Software Advertising Technology

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

“The hacking campaign, known as “ Cloud Hopper ,” was the subject of a U.S. ” The report attributed the cyberespionage campaign to the China-linked APT10 (aka Menupass, and Stone Panda), the same group recently accused of hacking telco operators worldwide. SecurityAffairs – Cloud Hopper, hacking).

Identity Theft

Identity Theft Hacking System Administration Advertising

Yomi Hunter Catches the CurveBall

Security Affairs

JANUARY 21, 2020

Many system administrators and companies were rushing to update internet exposed machines, like web servers or gateways, worried about possible remote code execution, reviving the EternalBlue /WannaCry crisis in their mind. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

System Administration

System Administration Malware Advertising Risk

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Security Affairs

MARCH 10, 2020

“They exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Cybercrime Social Engineering Banking

Threat actors are attempting to exploit recently fixed F5 BIG-IP flaw

Security Affairs

JULY 6, 2020

Researchers Rich Warren from NCC Group told ZDNet that hackers are attempting to exploit the flaw to steal administrator passwords from the hacked devices. System administrators need to upgrade to fixed versions ASAP. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

System Administration

System Administration Advertising Hacking Banking

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

Security Affairs

MARCH 11, 2020

Users and system administrators are recommended to apply the latest security patches as soon as possible to prevent attackers exploiting them. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

System Administration

System Administration Advertising Internet Internet

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021. Despite WeSteal is advertised as implementing a “RAT Panel,” experts did not find RAT feature in their analysis. SecurityAffairs – hacking, WeSteal).

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

Experts discovered a severe command injection flaw in Cisco Webex Meetings Desktop

Security Affairs

OCTOBER 25, 2018

Researchers Ron Bowes and Jeff McJunkin of Counter Hack discovered a “high” severity command injection vulnerability, tracked as CVE-2018-15442 , in Cisco Webex Meetings Desktop. ” Cisco advisory reveals that the vulnerability could be exploited remotely by leveraging the operating system remote management tools.

System Administration

System Administration Advertising Hacking Software

CISA’s MAR warns of North Korean BLINDINGCAN RAT

Security Affairs

AUGUST 19, 2020

Create, start, and terminate a new process and its primary thread Search, read, write, move, and execute files Get and modify file or directory timestamps Change the current directory for a process or file Delete malware and artifacts associated with the malware from the infected system. SecurityAffairs – hacking, BLINDINGCAN).

Malware

Malware Cyber threats Government System Administration

Backdoored Webmin versions were available for download for over a year

Security Affairs

AUGUST 19, 2019

Webmin is an open-source web-based interface for system administration for Linux and Unix. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – Webmin, hacking). Pierluigi Paganini.

System Administration

System Administration Passwords DNS Advertising

Thousands of RDM refrigeration systems exposed online are at risk

Security Affairs

FEBRUARY 10, 2019

“They all come with a default username and “1234” as the default password, which is rarely changed by system administrators.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Risk

Risk Passwords System Administration Advertising

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Security Affairs

OCTOBER 28, 2018

The Center for Internet Security (CIS) has a reference that can help system administrators and security teams establish a benchmark to secure their Docker engine. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Engineering

Engineering Cryptocurrency System Administration Advertising

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

Adam Levin

APRIL 8, 2019

The company has also used security information for advertising in the past.). Denying anything happened gives system administrators more time to identify and patch newly discovered vulnerabilities. The post Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know appeared first on Adam Levin.

Hacking

Hacking Data privacy Artificial Intelligence System Administration

Initial patch for Webex Meetings flaw WebExec was incomplete. Cisco fixed it again

Security Affairs

NOVEMBER 28, 2018

One month ago, Cisco addressed the CVE-2018-15442 vulnerability, also tracked as WebExec by Counter Hack researchers Ron Bowes and Jeff McJunkin who discovered it. Cisco advisory reveals that the vulnerability could be also exploited remotely by leveraging the operating system remote management tools. and later prior to 33.0.5,

System Administration

System Administration Advertising Software Authentication

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Summarizing, crooks extended the list of targets passing from Arm and MIPS-powered devices to Intel systems. . System administrators need to employ security best practices with the systems they manage.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT

IoT Cryptocurrency Malware System Administration

Google will shut down consumer version of Google+ earlier due to a bug

Security Affairs

DECEMBER 11, 2018

. “A list of impacted users in those domains is being sent to system administrators, and we will reach out again if any additional impacted users or issues are discovered. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

System Administration

System Administration Advertising Software Accountability

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Security Affairs

OCTOBER 17, 2018

In this type of distributed denial of service (DDoS) attack, the malicious traffic generated with the technique is greater than the once associated with the use of memcached, a service that does not require authentication but has been exposed on the internet by inexperienced system administrators. About the Author: Paulo Brito.

DDOS

DDOS Internet Internet System Administration

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

The Roboto botnet spreads by compromising systems by exploiting the Webmin RCE vulnerability tracked as CVE-2019-15107 to drop its downloader module on Linux servers running vulnerable installs. Webmin is an open-source web-based interface for system administration for Linux and Unix. Pierluigi Paganini.

DDOS

DDOS System Administration Advertising DNS

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

Hladyr is suspected to be a system administrator for the group. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Penetration Testing Banking System Administration

BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer

Security Affairs

MAY 21, 2023

The experts also detailed a separate case, that was observed on May 2023, using a similar infection scheme to advertise a rogue page for Midjourney. Unfortunately, as system administrators seek ways to control access to these platforms, users may seek out alternative ways to gain access.” ” concludes the report.

System Administration

System Administration Advertising Hacking Malware

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Security Affairs

APRIL 30, 2020

Furthermore, when planning cloud-based service architectures, corporate system administrators need to evaluate various logging options offered by could service providers and integrate activity log data into existing risk detection flows. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Accountability Financial Services Cloud Migration

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

US DoJ charged two Russian citizens for deploying the Dridex malware and for their involvement in international bank fraud and computer hacking schemes. 32) and Igor Turashev (38) for distributing the infamous Dridex banking Trojan , and for their involvement in international bank fraud and computer hacking schemes. Pierluigi Paganini.

Banking

Banking Malware Cybercrime Accountability

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Security Affairs

SEPTEMBER 9, 2019

The Windows Background Intelligent Transfer Service (BITS) service is a built-in component of the Microsoft Windows operating system. The BITS service is used by programmers and system administrators to download files from or upload files to HTTP web servers and SMB file shares. ” concludes the report. Pierluigi Paganini.

Malware

Malware System Administration Advertising Spyware

Three members of FIN7 (Carbanak) gang charged with stealing 15 million credit cards

Security Affairs

AUGUST 2, 2018

Three members of the notorious cybercrime gang known as FIN7 and Carbanak have been indicted and charged with 26 felony counts of conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft. Hladyr is suspected to be a system administrator for the group. Pierluigi Paganini.

Banking

Banking Cybercrime Identity Theft Penetration Testing

Wireshark fixed three flaws that can crash it via malicious packet trace files

Security Affairs

SEPTEMBER 2, 2018

Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems. Administrators can help protect affected systems from external attacks by using a solid firewall strategy. Administrators are advised to monitor affected systems.

Firewall

Firewall System Administration Advertising Antivirus

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

Hladyr is suspected to be a system administrator for the group. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Penetration Testing Banking System Administration

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

Is hacking a crime? Bryan McAninch (Aph3x) talks about his organization, Hacking Is Not A Crime , and the ethical line it draws on various hacking activities. I used to hack the phone company quite a bit. I was like living in our systems for years and I want to get in some trouble for that.

Hacking

Hacking Technology InfoSec Media

New Linux/DDosMan threat emerged from an evolution of the older Elknot

Security Affairs

APRIL 1, 2019

But let’s see what are the execution binaries and what an administrator will see because this analysis IS for rise the system administration awareness: Code execution: execve("/tmp/upgrade""); // to execute upgrade. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. O"]); // for persistence.

DDOS

DDOS Malware Encryption Penetration Testing

From iPhone to NT AUTHORITYSYSTEM – exploit ‘Printconfig’ dll with a real-world example

Security Affairs

DECEMBER 15, 2019

Andrea Pierini (@ decoder_it ) “Andrea is an IT Architect & Security Manager with long-term experience and in-depth knowledge covering all aspects of IT: from SW development to systems administration; networking administration and IT security. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising System Administration Mobile Engineering

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

Looking back at past leaks of private companies providing such services, such as in the case of Hacking Team, we learned that many states all over the world were buying these capabilities, whether to complement their in-house technologies or as a stand-alone solution they couldn’t develop. Hack-and-leak is the new black (and bleak).

Firmware

Firmware Surveillance Mobile Telecommunications

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines. He is a former member of the ANeSeC CTF team, one of the firsts Italian cyber wargame teams born back in 2011.

Malware

Malware Social Engineering Encryption Marketing

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

An advertisement for Orcus RAT. Rezvesz maintains his software was designed for legitimate use only and for system administrators seeking more powerful, full-featured ways to remotely manage multiple PCs around the globe. Meanwhile on Hackforums[.]net

Advertising

Advertising Malware Marketing Software

Meet the Administrators of the RSOCKS Proxy Botnet

Orcus RAT Author Charged in Malware Scheme

Trending Sources

CIA elite hacking unit was not able to protect its tools and cyber weapons

Five Eyes Intelligence agencies warn of popular hacking tools

Cisco fixed a critical issue in the Unified Contact Center Express

USBAnywhere BMC flaws expose Supermicro servers to hack

Cisco fixes a static default credential issue in Smart Software Manager tool

Only now we known that International Civil Aviation Organization (ICAO) was hacked in 2016

FBI and CISA published a new advisory on AvosLocker ransomware

Who and What is Behind the Malware Proxy Service SocksEscort?

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Yomi Hunter Catches the CurveBall

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Threat actors are attempting to exploit recently fixed F5 BIG-IP flaw

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Experts discovered a severe command injection flaw in Cisco Webex Meetings Desktop

CISA’s MAR warns of North Korean BLINDINGCAN RAT

Backdoored Webmin versions were available for download for over a year

Thousands of RDM refrigeration systems exposed online are at risk

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

Initial patch for Webex Meetings flaw WebExec was incomplete. Cisco fixed it again

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Google will shut down consumer version of Google+ earlier due to a bug

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Roboto, a new P2P botnet targets Linux Webmin servers

FireEye experts found source code for CARBANAK malware on VirusTotal?

BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

US authorities charged Dridex gang members for stealing over $100 Million

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Three members of FIN7 (Carbanak) gang charged with stealing 15 million credit cards

Wireshark fixed three flaws that can crash it via malicious packet trace files

FireEye experts found source code for CARBANAK malware on VirusTotal?

The Hacker Mind Podcast: Ethical Hacking

New Linux/DDosMan threat emerged from an evolution of the older Elknot

From iPhone to NT AUTHORITYSYSTEM – exploit ‘Printconfig’ dll with a real-world example

Advanced threat predictions for 2023

Updates from the MaaS: new threats delivered through NullMixer

Canadian Police Raid ‘Orcus RAT’ Author

Stay Connected