Remove 2013 Remove Internet Remove System Administration
article thumbnail

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer.

article thumbnail

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

At the outset of their federal criminal trial for hijacking vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct (now Amobee ) have pleaded guilty to lesser misdemeanor charges of fraud and misrepresentation via email.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

If it sounds unlikely that a normal Internet user could make millions of dollars unmasking the identities of REvil gang members, take heart and consider that the two men indicted as part this law enforcement action do not appear to have done much to separate their cybercriminal identities from their real-life selves. 3 was Lublin, Poland.

article thumbnail

Microsoft Patch Tuesday, February 2022 Edition

Krebs on Security

Among those is CVE-2022-22005 , a weakness in Microsoft’s Sharepoint Server versions 2013-2019 that could be exploited by any authenticated user. One important item to note this week is that Microsoft announced it will start blocking Internet macros by default in Office.

article thumbnail

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

NEROWOLFE A search on the ICQ number 669316 at Intel 471 shows that in April 2011, a user by the name NeroWolfe joined the Russian cybercrime forum Zloy using the email address d.horoshev@gmail.com , and from an Internet address in Voronezh, RU. 2011 said he was a system administrator and C++ coder. “P.S. . “P.S.

article thumbnail

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

“The command requires Windows system administrators,” Truniger’s ads explained. Semen-7907 registered at Tunngle from the Internet address 31.192.175[.]63 “I’ve been using this login since about 2013 on all the forums where I register, and I don’t always set a strong password.

article thumbnail

Addressing Remote Desktop Attacks and Security

eSecurity Planet

Also read : Best Internet Security Suites & Software. A few days later, IT systems started malfunctioning with ransom messages following. The system administrator did not configure standard security controls when installing the server in question. Defending Against RDP Attacks: Best Practices.

VPN 118