Antivirus, Hacking and System Administration

China-linked APT group MirrorFace targets Japan

Security Affairs

JANUARY 10, 2025

Since June 2023, MirrorFace has used the Windows Sandbox feature to execute LOADEINFO malware within an isolated environment, evading antivirus detection. The alert issued by Japan NPA recommends System Administrators to: Implement centralized log management to track breaches, as logs are critical for identifying causes and scope.

Antivirus

Antivirus Malware System Administration Technology

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

AvosLocker affiliates use legitimate software and open-source remote system administration tools to compromise the victims’ networks. bat) scripts [T1059.003] for lateral movement, privilege escalation, and disabling antivirus software. This joint CSA updates the advisory published by the US Government on March 17, 2022.

Ransomware

Ransomware System Administration Antivirus Malware

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

“The hacking campaign, known as “ Cloud Hopper ,” was the subject of a U.S. ” The report attributed the cyberespionage campaign to the China-linked APT10 (aka Menupass, and Stone Panda), the same group recently accused of hacking telco operators worldwide. SecurityAffairs – Cloud Hopper, hacking).

Identity Theft

Identity Theft Hacking System Administration Advertising

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Security Affairs

MARCH 10, 2020

“They exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.” In many cases, some machines run without standard safeguards, like security updates and cloud-delivered antivirus protection.”

Ransomware

Ransomware Cybercrime Social Engineering Banking

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

The government says Snatch used a customized ransomware variant notable for rebooting Microsoft Windows devices into Safe Mode — enabling the ransomware to circumvent detection by antivirus or endpoint protection — and then encrypting files when few services are running. Details after contacting on jabber: truniger@xmpp[.]jp.”

Ransomware

Ransomware Accountability Cybercrime Backups

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

The researchers believe that the coder is an Italian vixer that previously created the “Zodiac Crypto Stealer” and “Spartan Crypter” for obfuscating malware to avoid antivirus detection. Organizations with effective spam filtering, proper system administration and up-to-date Windows hosts have a much lower risk of infection.”

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

Experts spotted Syslogk, a Linux rootkit under development

Security Affairs

JUNE 14, 2022

Researchers from antivirus firm Avast spotted a new Linux rootkit, dubbed ‘Syslogk,’ that uses specially crafted “magic packets” to activate a dormant backdoor on the device. SecurityAffairs – hacking, Syslogk). Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Malware

Malware System Administration Antivirus Architecture

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

US DoJ charged two Russian citizens for deploying the Dridex malware and for their involvement in international bank fraud and computer hacking schemes. 32) and Igor Turashev (38) for distributing the infamous Dridex banking Trojan , and for their involvement in international bank fraud and computer hacking schemes.

Banking

Banking Malware Accountability Cybercrime

Wireshark fixed three flaws that can crash it via malicious packet trace files

Security Affairs

SEPTEMBER 2, 2018

Administrators are advised to allow only trusted users to have network access. Administrators are advised to run both firewall and antivirus applications to minimize the potential of inbound and outbound threats. Administrators can help protect affected systems from external attacks by using a solid firewall strategy.

Firewall

Firewall System Administration Advertising Antivirus

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

Looking back at past leaks of private companies providing such services, such as in the case of Hacking Team, we learned that many states all over the world were buying these capabilities, whether to complement their in-house technologies or as a stand-alone solution they couldn’t develop. Hack-and-leak is the new black (and bleak).

Firmware

Firmware Surveillance Mobile Telecommunications

Privileged account management challenges: comparing PIM, PUM and PAM

CyberSecurity Insiders

NOVEMBER 18, 2021

This can be carried out directly or using a shadow payload or using a phishing attack aimed at compromising the user's system. At this stage, the attacker's task is to create a stable channel for delivering various hacking tools and auxiliary data onto the target system. Establishing a connection.

Accountability

Accountability Passwords Authentication Social Engineering

Earning Trust In Public Cloud Services

SiteLock

OCTOBER 12, 2021

The audit process helps the customer ascertain that the provider has implemented and follows all the necessary security procedures, including those that specify rules for interacting with contractors and controlling the work of system administrators. David runs MacSecurity.net.

System Administration

System Administration Insurance Penetration Testing Social Engineering

Cyber Security Training for Employees

Spinone

NOVEMBER 19, 2018

It covers such topics as suspicious files and links, password creation, 2-step verification , software, antivirus, OS, backup , mobile security , physical security and so on. There are computer hack techniques even before you open a file on USB and long before your antivirus scans it.

Passwords

Passwords Password Management Antivirus Mobile

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Shah provides her expertise in hacking, software development, and kernel development and advocates for open source initiatives. Kennedy founded cybersecurity-focused TrustedSec and Binary Defense Systems and co-authored Metasploit: The Penetration Tester’s Guide. — Dave Kennedy (@HackingDave) July 15, 2020. .

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

The Hacker Mind Podcast: Beyond MITRE ATT&CK

ForAllSecure

AUGUST 16, 2022

It’s about challenging our expectations about the people who hack for a living. But once they get in, how do they operate, and a lot of them just use the same tools that your system administrators would use to move around the environment. I hope you’ll stick around. And it's challenging, right?

InfoSec

InfoSec Firewall Engineering System Administration

FireEye/SolarWinds/SUNBURST Hack – What You Need to Know

Vipre

DECEMBER 22, 2020

To their credit, FireEye promptly revealed the hack on their network soon after it was discovered, and has released some details of their investigation. Immediately make sure your antivirus solution has the absolute latest definitions in place (if you use VIPRE, we recommend you set these to auto-update). How Did The Industry React?

Hacking

Hacking Software Malware Penetration Testing

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

The CISA agency provides recommendations for system administrators and owners to enhance the level of security of their organizations: Maintain up-to-date antivirus signatures and engines. Keep operating system patches up-to-date. SecurityAffairs – hacking, Taidoor). Disable File and Printer sharing services.

Malware

Malware Government Passwords System Administration

Cyber Security Informer

China-linked APT group MirrorFace targets Japan

FBI and CISA published a new advisory on AvosLocker ransomware

Trending Sources

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

A Closer Look at the Snatch Data Ransom Group

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Experts spotted Syslogk, a Linux rootkit under development

US authorities charged Dridex gang members for stealing over $100 Million

Wireshark fixed three flaws that can crash it via malicious packet trace files

Advanced threat predictions for 2023

Privileged account management challenges: comparing PIM, PUM and PAM

Earning Trust In Public Cloud Services

Cyber Security Training for Employees

Top Cybersecurity Accounts to Follow on Twitter

The Hacker Mind Podcast: Beyond MITRE ATT&CK

FireEye/SolarWinds/SUNBURST Hack – What You Need to Know

US govt agencies share details of the China-linked espionage malware Taidoor

Stay Connected