Hiring Managers Looking for Systems Administrators

Cllax

When your company is on the hunt for systems administrators, you can be forgiven if you feel like the deck is stacked against you. The position is a hard one. Guest Post

Your next move: Cloud systems administrator

Information Management Resources

Becoming a cloud systems administrator allows you to be on the leading edge of systems technology in heavily virtualized environments, in an IT niche that will grow

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

6 reflections on the key role that system administrators play

Information Management Resources

In recognition of July 27 as System Administrator Appreciation Day, six technology executives share their thoughts on why these professionals are so vital to the organization. Hardware and software Data management Data types

Getting Up and Running with Windows Autopatch

Dark Reading

This Tech Tip outlines how system administrators can get started with automated continuous patching for their Windows devices and applications

The Ransomware Files, Episode 1: The School District

Data Breach Today

A systems administrator with a school district in Washington state recounts a brush with the Ryuk ransomware and how the district recovered through tenacity and a bit of luck

Payment Card Theft Ring Tech Leader Gets 10-Year Sentence

Data Breach Today

Fedir Hladyr of Ukraine Admitted to Working as System Admin for FIN7 A Ukrainian national who admitted to working as a system administrator and IT manager for the notorious FIN7 cybercriminal gang, which has been involved in the theft of millions of payment cards, has been sentenced to 10 years in federal prison.

Ransomware Gang Uses Log4Shell

Data Breach Today

AvosLocker Makes Use of Unpatched VMWare Virtual Desktop Software Ransomware group AvosLocker made use of unpatched VMWare Horizon applications to hack into an unidentified organization’s systems, says analysis from Cisco Talos.

Happy 23rd Annual SysAdmin Day from KnowBe4!

KnowBe4

It's been 23 years of celebrating all of our fellow System Administrators! Your hard work on daily maintenance of your company's day-to-day computer operations definitely deserves kudos. KnowBe4

Payment Card Theft Ring Tech Leader Sentenced to 10 Years

Data Breach Today

Fedir Hladyr of Ukraine Admitted to Working as System Admin for FIN7 A Ukrainian national who admitted to working as a system administrator and IT manager for the notorious FIN7 cybercriminal gang, which has been involved in the theft of millions of payment cards, has been sentenced to 10 years in federal prison.

Edward Snowden in His Own Words: Why I Became a Whistle-Blower

WIRED Threat Level

Book excerpt: As a systems administrator, the young man who would expose vast, secret US surveillance saw freedom being encroached and decided he had to act. Backchannel Security

Dead System Admin's Credentials Used for Ransomware Attack

Data Breach Today

Sophos: 'Ghost' Accounts Present a Potential Security Danger The operators of the Nefilim ransomware used the credentials of a deceased system administrator to plant their crypto-locking malware in about 100 vulnerable systems during one attack, according to Sophos.

Boosting Security Effectiveness with 'Adjuvants'

Dark Reading

How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program

Why you don’t want to run a roll-your-own cloud

DXC

But, but, as someone who cut his teeth on Unix system administration back in the 80s, I also run my own smaller private clouds using a homebrew of programs. Thanks to my job, I have accounts on many public clouds. I also have production private clouds — open-source OpenStack and NextCloud spring to mind. Self-hosting […]. Cloud

NSA Urges SysAdmins to Replace Obsolete TLS Protocols

Threatpost

The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols. Government Vulnerabilities and Defense Industrial Base CloudFlare Department of Defense (DoD) government Heartbleed National Security System (NSS) NSA SSL TLS 1.0

Yandex security team caught admin selling access to users’ inboxes

Security Affairs

Russian internet and search company Yandex discloses a data breach, a system administrator was selling access to thousands of user mailboxes. The employee was one of three system administrators with the necessary access rights to provide technical support for the service.

Access 113

Interview: Streamlining the student experience with Jamf and AppConfig

Jamf

This interview with Matt Green, is an Apple System Administrator at Lubbock-Cooper ISD, outlines his use of a powerful yet rarely-discussed feature of MDM: Managed App Configuration.

MDM 87

Working BlueKeep Exploit Developed by DHS

Threatpost

The Department of Homeland Security urged system administrators to update their Windows machines after testing a working BlueKeep exploit for Windows 2000. Hacks Vulnerabilities bluekeep Bluekeep exploit critical vulnerability DHS Exploit Microsoft WannaCry Windows 2000

Black Hat insights: Getting bombarded by multiple ransomware attacks has become commonplace

The Last Watchdog

Major vulnerabilities left unpatched, as well as weakly configured system administration tools are sure to get discovered and manipulated, not just once, but many times over. It’s not like if you’re trying to extract oil, and once the oil is out of the ground, it’s gone; a vulnerable system will continue to be vulnerable — until it’s patched.”. Configure system administrative tools more wisely.

How NC State University transitioned to and from crisis mode

Jamf

In this JNUC 2021 session, Joey Jenkins, Lead Systems Administrator, NC State University Libraries, and Everette Allen, Office of Information Technology, NC State University, discuss the challenges of the transition, their Jamf-assisted solutions and the lessons they’re taking into the future

The right way to migrate to the cloud: All in, but with the right tools – New white paper

Quest Software

Learn the right way from this DCIG paper on system administration practices and performance monitoring tools.( Going all in to migrate to the cloud? read more ). Foglight Foglight for Virtualization

5 ways containerization can help Documentum administrators

OpenText Information Management

IT and system administrators struggle to maintain and upgrade complex, highly customized content management platforms. And that’s just to manage the basics.

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

The attackers exploited a vulnerability in software from Kaseya , a Miami-based company whose products help system administrators manage large networks remotely. “We are continuing to do forensic analysis on the system and investigating what data is actually there.”

IT 244

PyRoMine Uses NSA Exploit for Monero Mining and Backdoors

Threatpost

Not just a miner, the malware also sets up a hidden default account with system administrator privileges, to be used for re-infection and further attacks. Malware backdoor EternalRomance follow on attacks Monero pyromine remote desktop ShadowBrokers smb1

Russia-linked hackers actively exploit CVE-2020-4006 VMware flaw, NSA warns

Security Affairs

The flaw is a command injection bug that could be exploited by attackers to execute commands on the host Linux and Windows operating systems using escalated privileges. An attacker could exploit this vulnerability to take control of an affected system.”

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

The RUSdot mailer, the email spamming tool made and sold by the administrator of RSOCKS. Those messages show that after being warned of his forum infraction, Stanx sent a private message to the Verified administrator detailing his cybercriminal bona fides.

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

Prosecutors say Vasinskyi was involved in a number of REvil ransomware attacks, including the July 2021 attack against Kaseya , Miami-based company whose products help system administrators manage large networks remotely. The U.S.

Career Choice Tip: Cybercrime is Mostly Boring

Krebs on Security

The researchers concluded that for many people involved, cybercrime amounts to little more than a boring office job sustaining the infrastructure on which these global markets rely, work that is little different in character from the activity of legitimate system administrators.

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

For many years, Dye was a system administrator for Optinrealbig , a Colorado company that relentlessly pimped all manner of junk email, from mortgage leads and adult-related services to counterfeit products and Viagra.

DDoS Mitigation Firm Founder Admits to DDoS

Krebs on Security

KrebsOnSecurity exposed the co-administrators of vDOS and obtained a copy of the entire vDOS database, including its registered users and a record of the attacks those users had paid vDOS to launch on their behalf.

Chinese Hackers Stole an NSA Windows Exploit in 2014

Schneier on Security

Here’s the timeline : The timeline basically seems to be, according to Check Point: 2013: NSA’s Equation Group developed a set of exploits including one called EpMe that elevates one’s privileges on a vulnerable Windows system to system-administrator level, granting full control.

Hackers are targeting Soliton FileZen file-sharing servers

Security Affairs

The CVE-2021-20655 vulnerability could be exploited by a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. The vendor recommended changing system administrator account, reset access control, and installing the latest available version.

RSAC insights: Software tampering escalates as bad actors take advantage of ‘dependency confusion’

The Last Watchdog

The perpetrators of the Solar Winds breach , for instance, tampered with a build system of the widely-used Orion network management tool. Its function is to record events in a log for a system administrator to review and act upon. Most often their objective is to install a back door through which they can come and go – and take full control of the underlying system anytime they please, Pericin says.

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

Krebs on Security

that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. ” But on Friday, Florence Mayor Steve Holt confirmed that a cyberattack had shut down the city’s email system.

Simplify records management while improving information governance

OpenText Information Management

Challenge: Your organization has many users involved in the lifecycle management of important information assets–from knowledge workers to legal associates to system administrators and, yes, Records Managers.

Microsoft Patch Tuesday, February 2022 Edition

Krebs on Security

Microsoft today released software updates to plug security holes in its Windows operating systems and related software. ’ In terms of prioritization, defenders should first focus on patching server systems.”

StealthWorker botnet targets Synology NAS devices to drop ransomware

Security Affairs

Once compromised the device, threat actors employed it in a botnet used in attacks aimed at Linux systems, including Synology NAS. System administrators that have noticed suspicious activity on their devices should report it to Synology technical support.

‘Wormable’ Flaw Leads July Microsoft Patches

Krebs on Security

” CVE-2020-1350 is just the latest worry for enterprise system administrators in charge of patching dangerous bugs in widely-used software. Before you update with this month’s patch batch, please make sure you have backed up your system and/or important files.

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015. The post Administrators of bulletproof hosting sentenced to prison in the US appeared first on Security Affairs.

Cisco fixed a critical issue in the Unified Contact Center Express

Security Affairs

An attacker could exploit this vulnerability by sending a malicious serialized Java object to a specific listener on an affected system.” The issue could be exploited by supplying a malformed Java object to a specific listener on an vulnerable system.

15 Top Cybersecurity Certifications for 2022

eSecurity Planet

SSCP (Systems Security Certified Practitioner). SSCP from (ISC)2 is a mid-level certification designed for IT administrators, managers, directors, and network security professionals responsible for the hands-on operational security of their organization’s critical assets.