Security Affairs

JULY 2, 2020

Security experts from Check Point Research have discovered multiple critical reverse RDP vulnerabilities in the Apache Guacamole, which is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH and allows system administrators to remotely access and manage Windows and Linux machines.

Hacking 143

Hacking Risk System Administration Authentication 143

Security Affairs

APRIL 25, 2021

Threat actors are exploiting two vulnerabilities in the popular file-sharing server FileZen , tracked as CVE-2020-5639 and CVE-2021-20655 , to steal sensitive data from businesses and government organizations. The vendor recommended changing system administrator account, reset access control, and installing the latest available version.

System Administration 129

System Administration Firmware Government Hacking 129

Security Affairs

DECEMBER 24, 2020

The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. — Marius Sandbu (@msandbu) December 20, 2020. The attacks began last week, the systems administrator Marco Hofmann first detailed them. 24 220.167.109.0/24

DDOS 145

DDOS System Administration VPN Authentication 145

Security Affairs

FEBRUARY 2, 2021

Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning of ransomware attacks exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992 , to encrypt virtual hard disks.

Encryption 111

Encryption Ransomware System Administration Hacking 111

Security Affairs

APRIL 18, 2021

The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7 , aka Carbanak. In May 2020, authorities arrested another member of the FIN7 group, the Ukrainian nation Denys Iarmak.

System Administration 138

System Administration Penetration Testing Malware Hacking 138

Security Affairs

AUGUST 9, 2021

The Taiwanese company urges its customers to enable multi-factor authentication where available, enable auto block and account protection, and to use string administrative credentials, . System administrators that have noticed suspicious activity on their devices should report it to Synology technical support.

Ransomware 141

Ransomware System Administration Malware Authentication 141

Security Affairs

JULY 6, 2020

F5 Networks has recently addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

System Administration 106

System Administration Advertising Hacking Banking 106

Security Affairs

DECEMBER 30, 2021

The experts explained that malware targeting iLO could be very insidious because it runs with high privileges (above any level of access in the operating system), very low-level access to the hardware, and it cannot be detected by admins and security software that doesn’t inspect iLO. ” continues the report.

Firmware 144

Firmware Malware System Administration Technology 144

Malwarebytes

FEBRUARY 17, 2021

Yandex, a European multinational technology firm best known for being the most-used search engine in Russia, has revealed it had a security breach, leading to the compromise of almost 5,000 Yandex email accounts. The company says it spotted the breach after a routine check by its security team.

Accountability 116

Accountability Social Engineering System Administration Engineering 116

Security Affairs

FEBRUARY 14, 2021

. “Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” states the FBI’s PIN alert.

Passwords 145

Passwords Social Engineering Software System Administration 145

Security Affairs

OCTOBER 27, 2021

Cybersecurity and Infrastructure Security Agency (CISA) in August 2020. The CISA MAR provided indicators of compromise (IoCs), Yara rules, and other technical info that could be used by system administrators to discover compromise systems within their networks. ” reads the report published by Kaspersky.

Malware 128

Malware System Administration Hacking Media 128

Security Affairs

MAY 2, 2021

Experts pointed out that ComplexCodes had been selling a “WeSupply Crypto Stealer” since May 2020., Organizations with effective spam filtering, proper system administration and up-to-date Windows hosts have a much lower risk of infection.” and WeSteal is likely simply an evolution of the WeSupply Crypto Stealer project.

Cryptocurrency 117

Cryptocurrency Malware Advertising System Administration 117

Security Affairs

JUNE 8, 2022

Ensure that you have dedicated management systems [ D3-PH ] and accounts for system administrators. Enable robust logging of Internet-facing services and monitor the logs for signs of compromise [ D3-NTA ] [ D3-PM ]. Protect these accounts with strict network policies [ D3-UAP ].

Telecommunications 100

Telecommunications Authentication Passwords Accountability 100

Security Affairs

MARCH 14, 2023

Makop gang did not conduct any significative retooling since 2020, which is a clear indicator of their effectiveness even after three years and hundreds of successful compromises. The gang leverages exposed remote administration services and internet-facing vulnerabilities to gain and maintain access to victim networks.

Ransomware 98

Ransomware Software Encryption System Administration 98

Security Affairs

APRIL 26, 2021

million computers worldwide that appear to have been infected with Emotet malware between April 1, 2020, and Jan. “The lengthy delay for the cleanup routine to activate may be explained by the need to give system administrators time for forensics analysis and checking for other infections.” ” stated the DoJ.

Malware 112

Malware Banking System Administration Hacking 112

Security Affairs

JUNE 3, 2023

At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure. The advisory includes potential mitigation measures for email recipients and recipients’ systems administrators.

Social Engineering 98

Social Engineering Phishing System Administration Engineering 98

McAfee

NOVEMBER 3, 2020

Women in Cloud and Security – A Panel with McAfee, AWS, and Our Customers. Thursday, November 5, 2020. Join McAfee in our Women in Cloud and Security Panel. Please join McAfee, AWS, and our customers to discuss the impact women are having on information security in the cloud. 10am PT | 12pm CT | 1pm ET.

Cybersecurity 93

Cybersecurity Architecture Cloud Migration Retail 93

CyberSecurity Insiders

FEBRUARY 9, 2021

According to Finances Online , most common cybersecurity attack vectors in 2020 include phishing (38%), network intrusions (32%), stolen/lost records (8%), and system misconfiguration (5%). Information Security Officer. IT Security Specialist. Firewall administration and maintenance. Cybersecurity Engineer.

B2B 70

B2B Cybersecurity Education Small Business 70

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. — Dave Kennedy (@HackingDave) July 15, 2020. link] pic.twitter.com/cVIyB44o6q — Eugene Kaspersky (@e_kaspersky) June 22, 2020. Eugene Kaspersky | @e_kaspersky.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

eSecurity Planet

JULY 30, 2024

A few highlights include analysts, engineering roles in networking, IT system administration, pentesting, and leadership roles. An information security analyst could expect to earn between $90,000 and $240,000, considering prior work experience and the location of the role.

Cybersecurity 123

Cybersecurity System Administration Engineering Firewall 123

SecureWorld News

OCTOBER 15, 2020

And they traced the cybersecurity failures to a lack of leadership and a vacant Chief Information Security Officer role: "The problems started at the top: Twitter had not had a chief information security officer (“CISO”) since December 2019, seven months before the Twitter Hack. Between approximately 3 a.m. and 10 a.m.

Social Engineering 105

Social Engineering Media Scams Financial Services 105

Security Affairs

AUGUST 4, 2020

NSCS @cse_cst @CISAgov @FBI [link] — @U.S.CyberCommand (@US_CYBERCOM) August 3, 2020. In May, the FBI and CISA also warned cyber attacks coordinated by Beijing and attempting to steal COVID-19 information from US health care, pharmaceutical, and research industry sectors. Keep operating system patches up-to-date.

Malware 139

Malware Government Passwords Advertising 139