2013, Malware and System Administration

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer.

Advertising

Advertising Cybercrime System Administration Hacking

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. 2011 said he was a system administrator and C++ coder. Dmitry Yuryevich Khoroshev. Image: treasury.gov. “P.S. .

Ransomware

Ransomware Cybercrime Accountability Malware

Microsoft Patch Tuesday, February 2022 Edition

Krebs on Security

FEBRUARY 8, 2022

But it does fix four dozen flaws, including several that Microsoft says will likely soon be exploited by malware or malcontents. Among those is CVE-2022-22005 , a weakness in Microsoft’s Sharepoint Server versions 2013-2019 that could be exploited by any authenticated user.

Authentication

Authentication Internet Internet System Administration

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7 , aka Carbanak. Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak.

System Administration

System Administration Penetration Testing Malware Hacking

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

The Carbanak gang (aka FIN7 , Anunak or Cobalt ) stole over a billion euros from banks across the world, the name “Carbanak” comes with the name of the malware they used to compromise computers at banks, other financial institutions, restaurants, and other industries. Hladyr is suspected to be a system administrator for the group.

Malware

Malware Penetration Testing Banking System Administration

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

The Carbanak gang (aka FIN7 , Anunak or Cobalt ) stole over a billion euros from banks across the world, the name “Carbanak” comes with the name of the malware they used to compromise computers at banks, other financial institutions, restaurants, and other industries. Hladyr is suspected to be a system administrator for the group.

Malware

Malware Penetration Testing Banking System Administration

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

“The command requires Windows system administrators,” Truniger’s ads explained. “I’ve been using this login since about 2013 on all the forums where I register, and I don’t always set a strong password. “Experience in backup, increase privileges, mikicatz, network.

Ransomware

Ransomware Accountability Cybercrime Backups

FIN7 sysadmin behind “billions in damage” gets 10 years

Malwarebytes

APRIL 20, 2021

Hladyr is the systems administrator for the FIN7 hacking group, and is considered the mastermind behind the Carbanak campaign , a series of cyberattacks said to stolen as much as $900 million from banks in early part of the last decade. The malware. The campaigns all started with spear-phishing targeted at bank employees.

System Administration

System Administration Banking Malware Penetration Testing

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Krebs on Security

SEPTEMBER 2, 2019

For many years, Dye was a system administrator for Optinrealbig , a Colorado company that relentlessly pimped all manner of junk email, from mortgage leads and adult-related services to counterfeit products and Viagra. This individual, Daniel Dye , has a history of working with others to hijack IP addresses for use by spammers.

Media

Media Government Marketing Internet

Kimsuky APT poses as journalists and broadcast writers in its attacks

Security Affairs

JUNE 3, 2023

Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. “In many instances, Kimsuky actors do not attach malware to their initial email. “Usually, the questions will revolve around current events and whether U.S.

Social Engineering

Social Engineering Phishing System Administration Engineering

Addressing Remote Desktop Attacks and Security

eSecurity Planet

MARCH 25, 2022

With lateral movement across a victim’s IT infrastructure, threat actors can escalate privileges, spread malware , extract data , and disrupt IT services as with ransomware attacks. SamSam Ransomware: Malware Specializing in RDP. A few days later, IT systems started malfunctioning with ransom messages following.

VPN

VPN Software Authentication Encryption

Ransomware Gangs and the Name Game Distraction

Krebs on Security

AUGUST 5, 2021

It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. REvil’s last big victim was Kaseya , a Miami-based company whose products help system administrators manage large networks remotely. ” That CrowdStrike report was from July 2019. .

Ransomware

Ransomware Cybercrime Malware System Administration

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Russian software engineer Eugene Kaspersky’s frustration with the malware of the 80s and 90s led to the founding of antivirus and cybersecurity vendor Kaspersky Lab.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Detecting browser data theft using Windows Event Logs

Google Security

APRIL 30, 2024

Posted by Will Harris, Chrome Security Team Chromium's sandboxed process model defends well from malicious web content, but there are limits to how well the application can protect itself from malware already on the computer.

Passwords

Passwords Malware Encryption System Administration

Cyber Security Informer

Meet the Administrators of the RSOCKS Proxy Botnet

How Did Authorities Identify the Alleged Lockbit Boss?

Trending Sources

Microsoft Patch Tuesday, February 2022 Edition

A member of the FIN7 group was sentenced to 10 years in prison

FireEye experts found source code for CARBANAK malware on VirusTotal?

FireEye experts found source code for CARBANAK malware on VirusTotal?

A Closer Look at the Snatch Data Ransom Group

FIN7 sysadmin behind “billions in damage” gets 10 years

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Kimsuky APT poses as journalists and broadcast writers in its attacks

Addressing Remote Desktop Attacks and Security

Ransomware Gangs and the Name Game Distraction

Top Cybersecurity Accounts to Follow on Twitter

Detecting browser data theft using Windows Event Logs

Stay Connected