2014, Information Security and Systems administration

Cisco fixed a critical issue in the Unified Contact Center Express

Security Affairs

MAY 25, 2020

The issue could be exploited by supplying a malformed Java object to a specific listener on an vulnerable system. Administrators should update their Unified CCE installs as soon as possible. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Systems administration

Systems administration Security IT Information Security

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer.

Sales

Sales Access Systems administration Marketing

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7 , aka Carbanak. Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak.

Systems administration

Systems administration Encryption Communications Security

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

FEBRUARY 20, 2020

“The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator.” ” An attacker could exploit the flaw by using this default account to connect to a vulnerable system and obtain read and write access to system data.

Systems administration

Systems administration Passwords Communications Access

Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure

Security Affairs

JUNE 2, 2020

Escalate privileges from “Organization Administrator” (normally a customer account) to “System Administrator” with access to all cloud accounts (organization) as an attacker can change the hash for this account. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cloud

Cloud Systems administration Passwords Authentication

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

Security Affairs

MARCH 11, 2020

Users and system administrators are recommended to apply the latest security patches as soon as possible to prevent attackers exploiting them. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Systems administration

Systems administration Security IT Information Security

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

Security Affairs

MAY 28, 2020

Using a previous version of Exim leaves a system vulnerable to exploitation. System administrators should continually check software versions and update as new versions become available.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes NSA. Pierluigi Paganini.

Systems administration

Systems administration Military Access Security

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

In May, the FBI and CISA also warned cyber attacks coordinated by Beijing and attempting to steal COVID-19 information from US health care, pharmaceutical, and research industry sectors. Keep operating system patches up-to-date. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Healthcare

Healthcare Passwords Government Systems administration

Threat actors are attempting to exploit recently fixed F5 BIG-IP flaw

Security Affairs

JULY 6, 2020

System administrators need to upgrade to fixed versions ASAP. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Our preliminary CVE-2020-5902 scans have located 1,832 vulnerable F5 hosts.

Honeypots

Honeypots Systems administration Passwords Cybersecurity

Yomi Hunter Catches the CurveBall

Security Affairs

JANUARY 21, 2020

Many system administrators and companies were rushing to update internet exposed machines, like web servers or gateways, worried about possible remote code execution, reviving the EternalBlue /WannaCry crisis in their mind. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Systems administration

Systems administration Risk Communications Security

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Summarizing, crooks extended the list of targets passing from Arm and MIPS-powered devices to Intel systems. . System administrators need to employ security best practices with the systems they manage.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Honeypots Libraries Archiving

CISA’s MAR warns of North Korean BLINDINGCAN RAT

Security Affairs

AUGUST 19, 2020

Create, start, and terminate a new process and its primary thread Search, read, write, move, and execute files Get and modify file or directory timestamps Change the current directory for a process or file Delete malware and artifacts associated with the malware from the infected system. In April, the U.S. Pierluigi Paganini.

Military

Military Systems administration Government Access

Backdoored Webmin versions were available for download for over a year

Security Affairs

AUGUST 19, 2019

Webmin is an open-source web-based interface for system administration for Linux and Unix. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Webmin, hacking).

Passwords

Passwords Systems administration Authentication Security

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

IT

IT Systems administration Military Cybersecurity

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

The Roboto botnet spreads by compromising systems by exploiting the Webmin RCE vulnerability tracked as CVE-2019-15107 to drop its downloader module on Linux servers running vulnerable installs. Webmin is an open-source web-based interface for system administration for Linux and Unix. ” reads the analysis.

Honeypots

Honeypots Systems administration Passwords IoT

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

.” continues the report “While CIA was an early leader in securing our enterprise information technology (IT) system, we failed to correct acute vulnerabilities to our mission IT systems.”. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IT

IT Data breaches Systems administration Passwords

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

Some intruders resembled “drunken burglars,” said one source, getting lost in the labyrinth of corporate systems and appearing to grab files at random.” ” According to the Reuters, the hackers had a total control over the HPE corporate network, they also left messages taunting system administrators.

Cloud

Cloud IT Systems administration Phishing

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

Security Affairs

APRIL 26, 2021

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Cleanup

Cleanup Systems administration Ransomware Security

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Security Affairs

SEPTEMBER 9, 2019

The Windows Background Intelligent Transfer Service (BITS) service is a built-in component of the Microsoft Windows operating system. The BITS service is used by programmers and system administrators to download files from or upload files to HTTP web servers and SMB file shares. ” concludes the report. Pierluigi Paganini.

Systems administration

Systems administration Encryption Communications Security

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

A baseboard management controller (BMC) is a specialized service processor that monitors the physical state of a computer, network server or other hardware device using sensors and communicating with the system administrator through an independent connection. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Passwords Encryption Systems administration

Cyber Blackmail: More Than Just Ransomware

The Texas Record

MAY 7, 2018

We are happy to welcome guest writers from the Texas Department of Information Resources, Daniel Hankins, Shared Services Security Manager and Andy Bennett, Director Information Security Governance. For additional resources from the Texas Department of Information and Resources visit their Information Security page. [1]

Ransomware

Ransomware Encryption Government Systems administration

From iPhone to NT AUTHORITYSYSTEM – exploit ‘Printconfig’ dll with a real-world example

Security Affairs

DECEMBER 15, 2019

Andrea Pierini (@ decoder_it ) “Andrea is an IT Architect & Security Manager with long-term experience and in-depth knowledge covering all aspects of IT: from SW development to systems administration; networking administration and IT security. OS Windows Lover especially for the bug hunting part!

Systems administration

Systems administration Access Security Communications

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

Yakubets is considered the leader of the gang behind the Bugat malware and botnet , the cybercrime group known as Evil Corp, while Turashev allegedly was tasked with other functions, including system administration, management of the internal control panel, and oversight of botnet operations. Pierluigi Paganini.

Systems administration

Systems administration Ransomware IT Security

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Security Affairs

APRIL 30, 2020

Furthermore, when planning cloud-based service architectures, corporate system administrators need to evaluate various logging options offered by could service providers and integrate activity log data into existing risk detection flows. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Financial Services Cloud Authentication

Information Management Today

Cisco fixed a critical issue in the Unified Contact Center Express

Meet the Administrators of the RSOCKS Proxy Botnet

Trending Sources

A member of the FIN7 group was sentenced to 10 years in prison

Cisco fixes a static default credential issue in Smart Software Manager tool

Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

US govt agencies share details of the China-linked espionage malware Taidoor

Threat actors are attempting to exploit recently fixed F5 BIG-IP flaw

Yomi Hunter Catches the CurveBall

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

CISA’s MAR warns of North Korean BLINDINGCAN RAT

Backdoored Webmin versions were available for download for over a year

North Korea-linked Lazarus APT targets the IT supply chain

Roboto, a new P2P botnet targets Linux Webmin servers

CIA elite hacking unit was not able to protect its tools and cyber weapons

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

USBAnywhere BMC flaws expose Supermicro servers to hack

Cyber Blackmail: More Than Just Ransomware

From iPhone to NT AUTHORITYSYSTEM – exploit ‘Printconfig’ dll with a real-world example

US authorities charged Dridex gang members for stealing over $100 Million

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Stay Connected