Your next move: Cloud systems administrator

Information Management Resources

Becoming a cloud systems administrator allows you to be on the leading edge of systems technology in heavily virtualized environments, in an IT niche that will grow

6 reflections on the key role that system administrators play

Information Management Resources

In recognition of July 27 as System Administrator Appreciation Day, six technology executives share their thoughts on why these professionals are so vital to the organization. Hardware and software Data management Data types

Edward Snowden in His Own Words: Why I Became a Whistle-Blower

WIRED Threat Level

Book excerpt: As a systems administrator, the young man who would expose vast, secret US surveillance saw freedom being encroached and decided he had to act.

Working BlueKeep Exploit Developed by DHS

Threatpost

The Department of Homeland Security urged system administrators to update their Windows machines after testing a working BlueKeep exploit for Windows 2000.

Boosting Security Effectiveness with 'Adjuvants'

Dark Reading

How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program

The right way to migrate to the cloud: All in, but with the right tools – New white paper

Quest Software

Learn the right way from this DCIG paper on system administration practices and performance monitoring tools.( Going all in to migrate to the cloud? read more ). Foglight Foglight for Virtualization

Google Glitch Left Passwords Unprotected for 14 Years

Adam Levin

Google has begun contacting system administrators whose organizations would have been affected by the glitch to encourage them to change their passwords.

Simplify records management while improving information governance

OpenText Information Management

Challenge: Your organization has many users involved in the lifecycle management of important information assets–from knowledge workers to legal associates to system administrators and, yes, Records Managers.

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Krebs on Security

For many years, Dye was a system administrator for Optinrealbig , a Colorado company that relentlessly pimped all manner of junk email, from mortgage leads and adult-related services to counterfeit products and Viagra.

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

Rezvesz maintains his software was designed for legitimate use only and for system administrators seeking more powerful, full-featured ways to remotely manage multiple PCs around the globe. This makes it harder for targets to remove it from their systems.

Nick Jovanovic, VP Federal of Thales eSecurity Federal, Speaks to Media about Data Security

Thales eSecurity

He suggests that protecting data that is on your system should be the focus. In other words, a system administrator should be able to maintain the system without seeing what is in the files he is backing up or transferring.

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. “This one seems to target enterprise systems.”

IoT 113

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

In fact, memory attacks have quietly emerged as a powerful and versatile new class of hacking technique that threat actors in the vanguard are utilizing to subvert conventional IT security systems. Memory hacking is being carried out across paths that have been left comparatively wide open to threat actors who are happy to take full advantage of the rather fragile framework of processes that execute deep inside the kernel of computer operating systems.

Backdoored Webmin versions were available for download for over a year

Security Affairs

Webmin is an open-source web-based interface for system administration for Linux and Unix. Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year.

Google will shut down consumer version of Google+ earlier due to a bug

Security Affairs

No third party compromised our systems, and we have no evidence that the app developers that inadvertently had this access for six days were aware of it or misused it in any way.”

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

Alexey is a Russian-speaking cyber vigilante that decided to fix the MikroTik routers and he claims to be e system administrator. A Russian-speaking hacker, who goes by the name of Alexey, claims to have hacked into over 100,000 MikroTik routers with a specific intent, disinfect them.

Mining 113

Thangrycat: A Serious Cisco Vulnerability

Schneier on Security

That said, Thrangrycat only works once you have administrative access to the device. Attack #1 gets you remote administrative access, Attack #2 is Thrangrycat. Many systems don't even have administrative access configured correctly.

ITALY: First GDPR fine issued!

DLA Piper Privacy Matters

the database of the Rousseau system to guarantee the integrity of data and at least the ex-post control of the activities carried out on the system which remained an unsolved issue. Additionally, the Garante challenged that system administrators were using shared accounts with quite large privileges in the operation of the platform.

GDPR 81

What’s New in Cognos Analytics 11.1.4?

Perficient Data & Analytics

Now it is possible to administratively create custom roles that selectively hide those options. System administrators can create customized messages in the new alerts banner. New Features.

GUEST ESSAY: How stealth, persistence allowed Wipro attacker to plunder supply chain

The Last Watchdog

Our rising dependence on business systems that leverage cloud services and the gig economy to accomplish high-velocity innovation has led to a rise in productivity. One such go-to APT technique is to remotely leverage legit administrative tools to carry out malicious activities — under cover. The recent network breach of Wipro , a prominent outsourcing company based in India, serves as a stunning reminder that digital transformation cuts two ways.

NEW TECH: LogicHub introduces ‘virtualized’ security analysts to help elevate SOAR

The Last Watchdog

Today there exists a widening shortage of security analysts talented and battle tested enough to make sense of the rising tide of data logs inundating their SIEM systems. Rising implementations of cloud services and IoT systems, not to mention the arrival of 5G, has quickened the pace of software development and multiplied data handling complexities. It’s all about making a software system that’s able to access those human capabilities,” Saurabh says.

Can smart cities be secured and trusted?

Thales eSecurity

There’s just one problem…these massive, radical, interconnected technology systems also raise serious privacy and security concerns. In June 2019, Riviera Beach in FL paid $600,000 to hackers to restore its email system and public records.

Rocket.Build 2019: Creating next-generation AI experiences

Rocket Software

Customers and legacy-businesses are having problems understanding all of the dark, unmapped mysteries of their IBM Z, Power Systems, and embedded database platforms. We can further use AIs to analyze system performance, and user behaviors to find patterns and predict outcomes.

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

Hladyr is suspected to be a system administrator for the group. Cybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before.

Thousands of RDM refrigeration systems exposed online are at risk

Security Affairs

Experts from Safety Detective discovered thousands of refrigeration systems made by Resource Data Management (RDM) exposed to remote attacks. Systems exposed online could be accessed via HTTP on ports 9000, 8080, 8100, or 80. SecurityAffairs – refrigeration systems, hacking).

Risk 111

Q&A: Here’s why robust ‘privileged access management’ has never been more vital

The Last Watchdog

However, lacking robust protection, privileged accounts, which are intended to give administrators the access they need to manage critical systems, can instead be manipulated to enable attackers to move laterally across an organization’s network. The concept was based on the root access that the accounts provided to IT and systems administrators, who used these power accounts to maintain the network and systems.

Access 129

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

Hladyr is suspected to be a system administrator for the group. Cybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before.

Protecting America’s Critical Infrastructure

Thales eSecurity

But the energy sector also underpins our emergency and response systems, our hospitals and healthcare, our schools, our businesses, and virtually everything we do as a society.

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

A baseboard management controller (BMC) is a specialized service processor that monitors the physical state of a computer, network server or other hardware device using sensors and communicating with the system administrator through an independent connection.

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Security Affairs

In this type of distributed denial of service (DDoS) attack, the malicious traffic generated with the technique is greater than the once associated with the use of memcached, a service that does not require authentication but has been exposed on the internet by inexperienced system administrators.

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Security Affairs

“We recently observed cases of abuse of the systems running misconfigured Docker Engine-Community with Docker application program interface (API) ports exposed. Cybercriminals continue to abuse unprotected Docker APIs to create new containers used for cryptojacking, Trend Micro warns.

Mining 112

Experts discovered a severe command injection flaw in Cisco Webex Meetings Desktop

Security Affairs

An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges.” ” Cisco advisory reveals that the vulnerability could be exploited remotely by leveraging the operating system remote management tools.

Wireshark fixed three flaws that can crash it via malicious packet trace files

Security Affairs

“To inject malformed packets that the Wireshark application may attempt to parse, the attacker may need access to the trusted, internal network where the targeted system resides. Administrators are advised to allow only trusted users to have network access.

Initial patch for Webex Meetings flaw WebExec was incomplete. Cisco fixed it again

Security Affairs

An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges.” Cisco advisory reveals that the vulnerability could be also exploited remotely by leveraging the operating system remote management tools. when running on a Microsoft Windows end-user system.

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

Then the attackers used the stolen information to target into customer systems. “APT10 often attacked a service provider’s system by “spear-phishing” – sending company employees emails designed to trick them into revealing their passwords or installing malware.

Cloud 113

How to start your career in cyber security

IT Governance

Technically, you don’t need any cyber security experience to get started, though many people entering the field will come from jobs that have similar skillsets, such as systems administration or information analysis. A version of this blog was originally published on 8 December 2017.

User Conference Attendees Learn How to Maximize their DocuWare Experience

Document Imaging Report

The educational format provided system administrators and end users with training and best practices for applying DocuWare applications that empower their business to not just keep pace but to stay ahead. Integrating DocuWare with another system such as Outlook.