Krebs on Security

NOVEMBER 8, 2021

Prosecutors say Vasinskyi was involved in a number of REvil ransomware attacks, including the July 2021 attack against Kaseya , Miami-based company whose products help system administrators manage large networks remotely. Prosecutors say Vasinskyi also used the monikers “ Yarik45 ,” and “ Yaroslav2468.”

Ransomware 320

Ransomware Cybercrime System Administration Passwords 320

Malwarebytes

JULY 29, 2021

The attack could force remote Windows systems to reveal password hashes that could then be easily cracked. Microsoft quickly sent out an advisory for system administrators to stop using the now deprecated Windows NT LAN Manager (NTLM) to thwart an attack. Vulnerable systems. PetitPotam. ” New mitigation details.

Authentication 138

Authentication Passwords Encryption System Administration 138

eSecurity Planet

FEBRUARY 15, 2022

Update and patch operating systems, software, and firmware as soon as updates and patches are released. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts. or Windows Server (2008 R2 SP1, 2012 Gold) allows attackers to execute arbitrary code via crafted HTTP requests.

Ransomware 128

Ransomware Encryption Backups Accountability 128