Information Security, Internet and System Administration

Yandex security team caught admin selling access to users’ inboxes

Security Affairs

FEBRUARY 12, 2021

Russian internet and search company Yandex discloses a data breach, a system administrator was selling access to thousands of user mailboxes. The security incident was discovered during a routine screening by its internal security team, an internal investigation is still ongoing.

System Administration

System Administration Data breaches Accountability Passwords

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Malware

Malware VPN Internet Internet

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer. “Thanks to you, we are now developing in the field of information security and anonymity!,” “I opened an American visa for myself, it was not difficult to get.

Advertising

Advertising Cybercrime System Administration Hacking

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

JANUARY 7, 2022

. “Ransomware and brute-force attacks have been widely targeting all networking devices, and the most vulnerable victims will be those devices exposed to the Internet without any protection. QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP networking devices.”

Internet

Internet Internet Ransomware Encryption

Hacker breaches key Russian ministry in blink of an eye

Security Affairs

MARCH 16, 2022

No wonder Russia has been preparing to cut itself off from the global internet, hoping to move key government institutions to a sovereign Runet – a pan-Russian web limited to the Federation – to make them less prone to cyber attacks. Ideally, VNC should be used only with authenticated users, such as system administrators.

Authentication

Authentication Cyber Attacks System Administration Internet

Top IT Areas You Need to Check to Strengthen Your Cybersecurity

CyberSecurity Insiders

SEPTEMBER 24, 2021

Even with high-level security measures, no one is safe from such threats. That is why most companies hire professional information security services to mitigate the risks arising from data breaches. One of the most vulnerable areas that hackers use to infiltrate a company’s system is the network. Data Security.

Cybersecurity

Cybersecurity Data breaches Backups Firewall

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

Security Affairs

MARCH 11, 2020

Microsoft’s Patch Tuesday updates for March 2020 address 115 vulnerabilities, 26 issues affecting Windows, Word, Dynamics Business Central, Edge, and Internet Explorer have been rated as critical severity. Microsoft’s Patch Tuesday updates for March 2020 address 115 vulnerabilities, 26 issues have been rated as critical severity.

System Administration

System Administration Advertising Internet Internet

StealthWorker botnet targets Synology NAS devices to drop ransomware

Security Affairs

AUGUST 9, 2021

The Taiwanese company urges its customers to enable multi-factor authentication where available, enable auto block and account protection, and to use string administrative credentials, . System administrators that have noticed suspicious activity on their devices should report it to Synology technical support.

Ransomware

Ransomware System Administration Malware Authentication

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Isolate Internet-facing services in a network Demilitarized Zone (DMZ) to reduce the exposure of the internal network [ D3-NI ]. Enable robust logging of Internet-facing services and monitor the logs for signs of compromise [ D3-NTA ] [ D3-PM ]. Protect these accounts with strict network policies [ D3-UAP ].

Telecommunications

Telecommunications Authentication Passwords Accountability

Yomi Hunter Catches the CurveBall

Security Affairs

JANUARY 21, 2020

Many system administrators and companies were rushing to update internet exposed machines, like web servers or gateways, worried about possible remote code execution, reviving the EternalBlue /WannaCry crisis in their mind. . The Malware Threat behind CurveBall.

System Administration

System Administration Malware Advertising Risk

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Cashdollar explained that threat actors started scanning the Internet for Intel systems that would accept files over SSH port 22 to maximize their efforts. Summarizing, crooks extended the list of targets passing from Arm and MIPS-powered devices to Intel systems. . ” Cashdollar concludes.

IoT

IoT Cryptocurrency Malware System Administration

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

. “ our research has uncovered new vulnerabilities, which we collectively dubbed USBAnywhere , in the baseboard management controllers (BMCs) of Supermicro servers, which can allow an attacker to easily connect to a server and virtually mount any USB device of their choosing to the server, remotely over any network including the Internet.”

Hacking

Hacking Firmware Media Authentication

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

In May, the FBI and CISA also warned cyber attacks coordinated by Beijing and attempting to steal COVID-19 information from US health care, pharmaceutical, and research industry sectors. Keep operating system patches up-to-date. Scan all software downloaded from the Internet prior to executing.

Malware

Malware Government Passwords System Administration

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

Security Affairs

APRIL 26, 2021

. “According to the affidavit, foreign law enforcement agents, working in coordination with the FBI, gained lawful access to Emotet servers located overseas and identified the Internet Protocol addresses of approximately 1.6 ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Malware

Malware Banking System Administration Hacking

Backdoored Webmin versions were available for download for over a year

Security Affairs

AUGUST 19, 2019

Webmin is an open-source web-based interface for system administration for Linux and Unix. Searching with Shodan for internet-exposed Webmin installs, it is possible to find over 217,000 instances, most of them located in the United States, France and Germany.

Passwords

Passwords System Administration Advertising DNS

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

The gang leverages exposed remote administration services and internet-facing vulnerabilities to gain and maintain access to victim networks. Makop gang did not conduct any significative retooling since 2020, which is a clear indicator of their effectiveness even after three years and hundreds of successful compromises.

Ransomware

Ransomware Software System Administration Encryption

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

The Roboto botnet spreads by compromising systems by exploiting the Webmin RCE vulnerability tracked as CVE-2019-15107 to drop its downloader module on Linux servers running vulnerable installs. Webmin is an open-source web-based interface for system administration for Linux and Unix.

DDOS

DDOS System Administration Advertising DNS

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST. The rankings are expert opinions based on the number of applications containing a specific vulnerability and the severity of the impact.

Passwords

Passwords Authentication Architecture Risk

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

The contemporary world has witnessed the rise of the Internet and global communication, and collaboration technologies, including mobile data use and the culture of bring your own device [BYOD]. Cloud security success and choosing the right investments is all about having a clear understanding of threat types and their resulting damages.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Last Watchdog

NOVEMBER 28, 2018

Both were well-equipped to teach, test and train individuals ranging from teen-agers and non-technical adults, to working system administrators and even seasoned tech security pros. Healtcare company Spectrum Health is a consortium member, and its director of information security, Jim Kuiphof, serves as an advisor to Tuttle.

Cybersecurity

Cybersecurity System Administration Manufacturing Education

Happy 10th anniversary & Kali's story.so far

Kali Linux

MARCH 28, 2023

Domain The team knew how much BackTrack was growing in popularity, and as they did not switch the project name when using Ubuntu, it was time to create its own place on the Internet. System Upgrades When the team started work switching from Slax to Ubuntu, they grabbed the latest release at the time (8.10 - Intrepid Ibex).

InfoSec

InfoSec Penetration Testing Architecture Software

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

SecureWorld News

OCTOBER 15, 2020

And they traced the cybersecurity failures to a lack of leadership and a vacant Chief Information Security Officer role: "The problems started at the top: Twitter had not had a chief information security officer (“CISO”) since December 2019, seven months before the Twitter Hack. That regulatory vacuum must be filled.".

Social Engineering

Social Engineering Media Scams Financial Services

Cyber Security Informer

Yandex security team caught admin selling access to users’ inboxes

Who and What is Behind the Malware Proxy Service SocksEscort?

Trending Sources

Meet the Administrators of the RSOCKS Proxy Botnet

How to secure QNAP NAS devices? The vendor’s instructions

Hacker breaches key Russian ministry in blink of an eye

Top IT Areas You Need to Check to Strengthen Your Cybersecurity

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

StealthWorker botnet targets Synology NAS devices to drop ransomware

China-linked threat actors have breached telcos and network service providers

Yomi Hunter Catches the CurveBall

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

USBAnywhere BMC flaws expose Supermicro servers to hack

US govt agencies share details of the China-linked espionage malware Taidoor

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

Backdoored Webmin versions were available for download for over a year

Dissecting the malicious arsenal of the Makop ransomware gang

Roboto, a new P2P botnet targets Linux Webmin servers

Top 10 web application vulnerabilities in 2021–2023

Cyber Security Awareness and Risk Management

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

Happy 10th anniversary & Kali's story.so far

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

Stay Connected