Presentation, Ransomware and Systems administration

Dead System Admin's Credentials Used for Ransomware Attack

Data Breach Today

JANUARY 28, 2021

Sophos: 'Ghost' Accounts Present a Potential Security Danger The operators of the Nefilim ransomware used the credentials of a deceased system administrator to plant their crypto-locking malware in about 100 vulnerable systems during one attack, according to Sophos.

Ransomware

Ransomware Systems administration Security

StealthWorker botnet targets Synology NAS devices to drop ransomware

Security Affairs

AUGUST 9, 2021

Taiwanese vendor Synology has warned customers that the StealthWorker botnet is targeting their NAS devices to deliver ransomware. Taiwan-based vendor Synology has warned customers that the StealthWorker botnet is conducting brute-force attacks in an attempt to implant ransomware. ” . . Pierluigi Paganini.

Ransomware

Ransomware Systems administration Authentication Security

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

JULY 8, 2021

Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya , a Miami-based company whose products help system administrators manage large networks remotely.

IT

IT Ransomware Systems administration Authentication

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware

Ransomware Data breaches Encryption Systems administration

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

Ransomware attacks on critical infrastructure and a surge in exploited vulnerabilities are getting the attention of U.S. BlackByte Ransomware Attack Methods, IoCs. The FBI-Secret Service warning came just ahead of news that the NFL’s San Francisco 49ers had also been hit by BlackByte ransomware. The FBI and U.S.

Ransomware

Ransomware Encryption Agriculture Cybersecurity

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

Today, malicious actors from cybercriminal ransomware gangs to nation-state affiliated hacking groups are teeing up vulnerable operational technology (OT) environments. Video Podcast ] | [ MP3 ] | [ Transcript ] Cyber attacks on critical infrastructure have gone, in the past two decades from the hypothetical, to the actual, to the epidemic.

Risk

Risk Energy and Utilities Cybersecurity Systems administration

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

The Last Watchdog

MARCH 29, 2022

Its rather mundane function is to record events in a log for a system administrator to review and act upon, later. Left unpatched Log4Shell vulnerabilities present easy paths for a threat actor to take full control of the underlying system.

Security

Security Cloud Digital transformation Cybersecurity

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

The 10-count indictment unsealed today, concerning the distribution of the malware they used to automate the theft of sensitive financial and personal information like banking credentials, as well as for infecting their victims with ransomware in more recent attacks.

Systems administration

Systems administration Ransomware IT Security

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Security Affairs

OCTOBER 3, 2023

Our investigation revealed that this remote endpoint is associated with criminal activities dating back to 2019, indicating that these hosts were likely under the control of the same technical administration. Introduction Digging into ransomware infections always provides valuable insights.

Ransomware

Ransomware Systems administration IT Access

Addressing Remote Desktop Attacks and Security

eSecurity Planet

MARCH 25, 2022

Recent years presented a torrent of research showing how vulnerable RDP systems are for organizations not taking additional cybersecurity precautions. SamSam Ransomware: Malware Specializing in RDP. A few days later, IT systems started malfunctioning with ransom messages following.

Security

Security Access Authentication Encryption

CyberheistNews Vol 13 #19 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users

KnowBe4

MAY 9, 2023

And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. With 30+ years of experience as a computer security consultant, instructor, and award-winning author, Roger has dedicated his life to making sure you're prepared to defend against ever-present IT security threats like phishing.

Phishing

Phishing Passwords Insurance Systems administration

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines.

Encryption

Encryption Communications IoT Marketing

What Is VLAN Tagging? Definition & Best Practices

eSecurity Planet

OCTOBER 17, 2023

Otherwise — unless an error like dual tagging occurs — that packet is labeled and set up to stay among the hosts, ports, and switches that are present on its particular VLAN. For an example of VLANs used for network security segmentation purposes, see Building a Ransomware Resilient Architecture. Is VLAN Tagging Necessary?

Authentication

Authentication Cybersecurity Access Security

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

KnowBe4

MARCH 14, 2023

[link] Three-Quarters of Vulnerabilities Used in Ransomware Attacks Were Discovered Before 2020 Despite a lot of focus on phishing and remote access as initial access vectors, new data shows the use of vulnerabilities is not only on the rise, but simply isn't being properly addressed. Many of them were discovered between 2010 and 2019!

Phishing

Phishing Security Artificial Intelligence Security awareness

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

There's always one if you're presented with two options, there's always a third one right. I've often advised people to pursue that path that really get a solid foundation on the legacy technology or legacy concepts of coding, networking and system administration type stuff.

IT

IT Security Marketing Privacy

Information Management Today

Dead System Admin's Credentials Used for Ransomware Attack

StealthWorker botnet targets Synology NAS devices to drop ransomware

Trending Sources

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

A Closer Look at the Snatch Data Ransom Group

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

US authorities charged Dridex gang members for stealing over $100 Million

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Addressing Remote Desktop Attacks and Security

CyberheistNews Vol 13 #19 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users

Updates from the MaaS: new threats delivered through NullMixer

What Is VLAN Tagging? Definition & Best Practices

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

The Hacker Mind Podcast: Ethical Hacking

Stay Connected