2016, Hacking and System Administration

DDoS Mitigation Firm Founder Admits to DDoS

Krebs on Security

JANUARY 20, 2020

Preston was featured in the 2016 KrebsOnSecurity story DDoS Mitigation Firm Has History of Hijacks , which detailed how the company he co-founded — BackConnect Security LLC — had developed the unusual habit of hijacking Internet address space it didn’t own in a bid to protect clients from attacks.

DDOS

DDOS Internet Internet System Administration

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. The RUSdot mailer, the email spamming tool made and sold by the administrator of RSOCKS.

Advertising

Advertising Cybercrime System Administration Hacking

Only now we known that International Civil Aviation Organization (ICAO) was hacked in 2016

Security Affairs

MARCH 1, 2019

Canadian media revealed that in November 2016, the International Civil Aviation Organization (ICAO) was a hit by a large-scale cyberattack. “Mail server, domain administrator and system administrator accounts were all affected, giving cyberespions access to the past and current passwords of more than 2,000 ICAO system users.

Hacking

Hacking Advertising System Administration Media

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Back in 2016, the primary focus of our expert was on major cybergangs that targeted financial institutions, banks in particular. It could be compromised directly or by hacking the account of someone with access to the website management. This browser attack chain, popular in 2016, is no longer possible.

Cybercrime

Cybercrime Banking Malware Ransomware

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking

Hacking Engineering Data breaches Advertising

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware

Malware Advertising Marketing System Administration

Microsoft to notify Office 365 users of nation-state attacks

Security Affairs

FEBRUARY 8, 2021

Since 2016 , Microsoft has been alerting users of nation-state activity, now the IT giant added the same service to the Defender for Office 365 dashboard. The alerts are also sent to system administrators and security teams, who can directly contact the affected employees and take action to prevent their accounts take over.

System Administration

System Administration Hacking Cyber threats Accountability

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7 , aka Carbanak. Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak.

System Administration

System Administration Penetration Testing Malware Hacking

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

As first detailed by KrebsOnSecurity in July 2016 , Orcus is the brainchild of John “Armada” Rezvesz , a Toronto resident who until recently maintained and sold the RAT under the company name Orcus Technologies. An advertisement for Orcus RAT. In an “official press release” posted to pastebin.com on Mar.

Advertising

Advertising Malware Software Marketing

Critical Microsoft Windows Vulnerability found

CyberSecurity Insiders

JULY 7, 2021

Microsoft Corporation is urging all Windows users including those using Win 7 and 8 operating systems to update their devices with the latest security patches. Satya Nadella led company has already released security update guide that could help MS users know how they can protect their system from the Windows Print Spooler flaw.

System Administration

System Administration Cyber Attacks Engineering Accountability

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

The China-linked hacking group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset. The group hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies.

Banking

Banking Telecommunications System Administration Hacking

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – hacking, supply chain attack). ” reads the report published by Kaspersky. Pierluigi Paganini.

Malware

Malware System Administration Hacking Media

Yomi Hunter Catches the CurveBall

Security Affairs

JANUARY 21, 2020

Many system administrators and companies were rushing to update internet exposed machines, like web servers or gateways, worried about possible remote code execution, reviving the EternalBlue /WannaCry crisis in their mind. . SecurityAffairs – Curveball, hacking). The Malware Threat behind CurveBall. Pierluigi Paganini.

Advertising

Advertising Malware System Administration Risk

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The group was involved also in the string of attacks that targeted 2016 Presidential election. CERT-UA observed the campaign in April 2023, the malicious e-mails with the subject “Windows Update” were crafted to appear as sent by system administrators of departments of multiple government bodies.

System Administration

System Administration Government Phishing Malware

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak. Starting from 2016 the group developed a new custom malware using Cobalt Strike, a legitimate penetration testing framework. Hladyr is suspected to be a system administrator for the group.

Malware

Malware Penetration Testing Banking System Administration

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak. Starting from 2016 the group developed a new custom malware using Cobalt Strike, a legitimate penetration testing framework. Hladyr is suspected to be a system administrator for the group.

Malware

Malware Penetration Testing Banking System Administration

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Security Affairs

SEPTEMBER 9, 2019

In 2016, researchers from non-profit organization CitizenLab published a report that describes a campaign of targeted spyware attacks carried by the Stealth Falcon. The Windows Background Intelligent Transfer Service (BITS) service is a built-in component of the Microsoft Windows operating system.

Malware

Malware Advertising System Administration Spyware

New Linux/DDosMan threat emerged from an evolution of the older Elknot

Security Affairs

APRIL 1, 2019

But if we go on the Akamai blog we can still find a reference to Elknot posted on April 4, 2016 on a topic referred to “ BillGates ”, another DDoS malware whose “ attack vectors available within the toolkit include: ICMP flood, TCP flood, UDP flood, SYN flood, HTTP Flood (Layer7) and DNS reflection floods. O"]); // for persistence.

DDOS

DDOS Malware Encryption Penetration Testing

Happy 10th anniversary & Kali's story.so far

Kali Linux

MARCH 28, 2023

Being a system administrator, a patch could contain a security update to stop a vulnerability. Move from “Debian stable” to “Debian testing” 5 months later, January 2016 Kali become a rolling distribution with Kali 2016.1. In information security (infosec) there is the need to be on the latest version.

InfoSec

InfoSec Penetration Testing Architecture Software

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. Consequently, when different sophisticated hacking techniques, types of assaults, and malware are learned, your innocent employees become your cyber security partners.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

Is hacking a crime? Bryan McAninch (Aph3x) talks about his organization, Hacking Is Not A Crime , and the ethical line it draws on various hacking activities. I used to hack the phone company quite a bit. I was like living in our systems for years and I want to get in some trouble for that.

Hacking

Hacking Technology InfoSec Media

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Shah provides her expertise in hacking, software development, and kernel development and advocates for open source initiatives. Kennedy founded cybersecurity-focused TrustedSec and Binary Defense Systems and co-authored Metasploit: The Penetration Tester’s Guide. — Matthew Green (@matthew_d_green) February 17, 2016.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Cyber Security Informer

DDoS Mitigation Firm Founder Admits to DDoS

Meet the Administrators of the RSOCKS Proxy Botnet

Trending Sources

Only now we known that International Civil Aviation Organization (ICAO) was hacked in 2016

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

CIA elite hacking unit was not able to protect its tools and cyber weapons

Orcus RAT Author Charged in Malware Scheme

Microsoft to notify Office 365 users of nation-state attacks

A member of the FIN7 group was sentenced to 10 years in prison

Canadian Police Raid ‘Orcus RAT’ Author

Critical Microsoft Windows Vulnerability found

Caketap, a new Unix rootkit used to siphon ATM banking data

North Korea-linked Lazarus APT targets the IT supply chain

Yomi Hunter Catches the CurveBall

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

FireEye experts found source code for CARBANAK malware on VirusTotal?

FireEye experts found source code for CARBANAK malware on VirusTotal?

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

New Linux/DDosMan threat emerged from an evolution of the older Elknot

Happy 10th anniversary & Kali's story.so far

Cyber Security Awareness and Risk Management

The Hacker Mind Podcast: Ethical Hacking

Top Cybersecurity Accounts to Follow on Twitter

Stay Connected