Security Affairs

MAY 25, 2020

Cisco has released several security patches, including one for a critical issue, tracked as CVE-2020-3280 , in the call-center software Unified Contact Center Express. Cisco released a set of security patches , including one for a critical flaw in its call-center software Unified Contact Center Express, tracked as CVE-2020-3280.

System Administration 131

System Administration Advertising Software Hacking 131

Security Affairs

JANUARY 21, 2020

Yomi implements detection for CurveBall exploits and also supports CVE-2020-0601 exploit detection even for signed Powershell modules. . Such uncommon vulnerability reporter alerted the whole Industry, CVE-2020-0601 quickly conquered most of the headlines. . What the NSA states is real: CVE-2020-0601 exposes companies to high risks.

Malware 129

Malware Advertising System Administration Risk 129

Security Affairs

JUNE 2, 2020

Researchers disclosed a flaw in VMware Cloud Director platform, tracked as CVE-2020-3956 , that could be abused to takeover corporate servers. Modify the login page to Cloud Director, which allows the attacker to capture passwords of another customer in plaintext, including System Administrator accounts.

System Administration 129

System Administration Accountability Advertising Passwords 129

Security Affairs

JULY 2, 2020

It supports standard protocols like VNC, RDP, and SSH and allows system administrators to remotely access and manage Windows and Linux machines. In particular, all versions of Guacamole that were released before January 2020 are using vulnerable versions of FreeRDP.” ” reads the report published by CheckPoint.

Hacking 142

Hacking Risk System Administration Authentication 142

Security Affairs

APRIL 25, 2021

Threat actors are exploiting two vulnerabilities in the popular file-sharing server FileZen , tracked as CVE-2020-5639 and CVE-2021-20655 , to steal sensitive data from businesses and government organizations. The vendor recommended changing system administrator account, reset access control, and installing the latest available version.

System Administration 127

System Administration Firmware Government Hacking 127

Security Affairs

DECEMBER 24, 2020

— Marius Sandbu (@msandbu) December 20, 2020. 24 45.248.9.195 206.71.159.131 46.229.195.108 117.27.239.154 13.69.68.47 (1/3) pic.twitter.com/AuAg72BsEY — Daniel Weppeler (@_DanielWep) December 21, 2020. The attacks began last week, the systems administrator Marco Hofmann first detailed them. 24 220.167.109.0/24

DDOS 144

DDOS System Administration VPN Authentication 144

Security Affairs

FEBRUARY 2, 2021

Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning of ransomware attacks exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992 , to encrypt virtual hard disks.

Encryption 111

Encryption Ransomware System Administration Hacking 111

Security Affairs

APRIL 18, 2021

The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7 , aka Carbanak. In May 2020, authorities arrested another member of the FIN7 group, the Ukrainian nation Denys Iarmak.

System Administration 136

System Administration Penetration Testing Malware Hacking 136

Krebs on Security

JUNE 10, 2022

In 2020, Inspiring Networks and its director Maikel Uerlings were named in a dogged , multi-part investigation by South African news outlet MyBroadband.co.za . “Exhibit A” in a recent government court filing shows that in 2013 Adconion leased more than 65,000 IP addresses from Inspiring Networks , a Dutch network services company.

Government 328

Government Marketing Internet Internet 328

Security Affairs

AUGUST 9, 2021

The Taiwanese company urges its customers to enable multi-factor authentication where available, enable auto block and account protection, and to use string administrative credentials, . System administrators that have noticed suspicious activity on their devices should report it to Synology technical support.

Ransomware 139

Ransomware System Administration Malware Authentication 139

The Last Watchdog

AUGUST 12, 2024

ASPM toolsets came along in 2020 or so to help organizations get more organized about monitoring and updating code security as part of meeting data privacy and security regulations. For starters the ring is aimed at system administrators and senior executives, but could eventually go mainstream.

Software 290

Software Technology Mobile Cybersecurity 290

Security Affairs

JULY 6, 2020

F5 Networks has recently addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

System Administration 103

System Administration Advertising Hacking Banking 103

Krebs on Security

SEPTEMBER 30, 2023

“The command requires Windows system administrators,” Truniger’s ads explained. In April 2020, Truniger was banned from two of the top Russian cybercrime forums, where members from both forums confirmed that Semen7907 was one of Truniger’s known aliases. Details after contacting on jabber: truniger@xmpp[.]jp.”

Ransomware 283

Ransomware Accountability Cybercrime Backups 283

Security Affairs

DECEMBER 30, 2021

The experts explained that malware targeting iLO could be very insidious because it runs with high privileges (above any level of access in the operating system), very low-level access to the hardware, and it cannot be detected by admins and security software that doesn’t inspect iLO. ” continues the report.

Firmware 143

Firmware Malware System Administration Technology 143

Security Affairs

FEBRUARY 14, 2021

. “Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” states the FBI’s PIN alert.

Passwords 144

Passwords Social Engineering Software System Administration 144

Malwarebytes

APRIL 19, 2022

A new advisory issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department (Treasury), highlights the cyberthreats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020.

Cryptocurrency 134

Cryptocurrency Social Engineering Computers and Electronics Engineering 134

Security Affairs

OCTOBER 27, 2021

Cybersecurity and Infrastructure Security Agency (CISA) in August 2020. The CISA MAR provided indicators of compromise (IoCs), Yara rules, and other technical info that could be used by system administrators to discover compromise systems within their networks. ” reads the report published by Kaspersky.

Malware 125

Malware System Administration Hacking Media 125

Malwarebytes

FEBRUARY 17, 2021

They found that one of their system administrators with access to customer accounts was allowing third-parties to see some of these accounts “for personal gain” Yandex made it clear in its official press release that no payment details were compromised.

Accountability 113

Accountability Social Engineering System Administration Engineering 113

Security Affairs

JUNE 8, 2022

Ensure that you have dedicated management systems [ D3-PH ] and accounts for system administrators. Enable robust logging of Internet-facing services and monitor the logs for signs of compromise [ D3-NTA ] [ D3-PM ]. Protect these accounts with strict network policies [ D3-UAP ].

Telecommunications 100

Telecommunications Authentication Passwords Accountability 100

The Last Watchdog

MARCH 30, 2020

Micro-segmentation got a lot of attention at RSA 2020. It gives system administrators a way to secure each microsegment, separately. Microsegmentation is a way for companies to put eyes on just about any type of workload, no matter how small or fleeting, and ultimately apply automated controls to a given micro zone.

Firewall 149

Firewall Marketing Digital transformation Cloud Migration 149

Malwarebytes

APRIL 20, 2021

Hladyr is the systems administrator for the FIN7 hacking group, and is considered the mastermind behind the Carbanak campaign , a series of cyberattacks said to stolen as much as $900 million from banks in early part of the last decade. According to acting US Attorney Tessa M.

System Administration 89

System Administration Banking Malware Penetration Testing 89

Security Affairs

MAY 2, 2021

Experts pointed out that ComplexCodes had been selling a “WeSupply Crypto Stealer” since May 2020., Organizations with effective spam filtering, proper system administration and up-to-date Windows hosts have a much lower risk of infection.” and WeSteal is likely simply an evolution of the WeSupply Crypto Stealer project.

Cryptocurrency 115

Cryptocurrency Malware Advertising System Administration 115

Malwarebytes

APRIL 21, 2021

Most of the problems discovered by Pulse Secure and Mandiant involve three vulnerabilities that were patched in 2019 and 2020. CVE-2020-8243 a vulnerability in the Pulse Connect Secure < 9.1R8.2 But there is also a very serious new issue that it says impacts a very limited number of customers. The old vulnerabilities.

VPN 82

VPN Authentication Malware System Administration 82

Security Affairs

MARCH 14, 2023

Makop gang did not conduct any significative retooling since 2020, which is a clear indicator of their effectiveness even after three years and hundreds of successful compromises. The gang leverages exposed remote administration services and internet-facing vulnerabilities to gain and maintain access to victim networks.

Ransomware 98

Ransomware Software System Administration Encryption 98

The Last Watchdog

JUNE 2, 2021

The amount of data in the world topped an astounding 59 zetabytes in 2020, much of it pooling in data lakes. The NIST standards serve as a roadmap showing how to more granularly manage access rights for people and systems without unduly burdening users or system administrators. Related: The importance of basic research.

Encryption 176

Encryption Artificial Intelligence IoT Data collection 176

SC Magazine

JULY 7, 2021

CISA assigned CVE-2020-1938 to the flaw, which stems from the use of Apache JServ (AJP). Philips released software updates to address some of the flaws, but multiple vulnerabilities require system administrators to apply workarounds in the interim as the patches are currently in development and won’t be released for some time.

VPN 121

VPN Software System Administration Passwords 121

Security Boulevard

MAY 3, 2023

New reporting from Wired reveals that the Department of Justice detected the SolarWinds attack six months before Mandient detected it in December 2020, but didn’t realize what they detected—and so ignored it. The DOJ asked the security firm Mandiant to help determine whether the server had been hacked.

System Administration 52

System Administration Software Internet Internet 52

Security Affairs

JUNE 3, 2023

At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure. Additionally, the APT group also impersonates operators or administrators of popular web portals claiming that a victim’s account has been locked following suspicious activity or fraudulent use.

Social Engineering 98

Social Engineering Phishing System Administration Engineering 98

Security Affairs

APRIL 26, 2021

million computers worldwide that appear to have been infected with Emotet malware between April 1, 2020, and Jan. “The lengthy delay for the cleanup routine to activate may be explained by the need to give system administrators time for forensics analysis and checking for other infections.” ” stated the DoJ.

Malware 110

Malware Banking System Administration Hacking 110

IT Security Guru

SEPTEMBER 7, 2022

Per a recent report from Q4 2020 to Q4 2021 , the average number of APIs per company increased by 221% in 12 months and that API attack traffic grew by 681% while overall API traffic grew by 321%. Microservices Architecture has Created a Security Blind Spot. API Security Tools.

DDOS 131

DDOS Authentication Architecture Social Engineering 131

SecureWorld News

SEPTEMBER 15, 2020

Between January and August 2020, unidentified actors used aggregation software to link actor-controlled accounts to client accounts belonging to the same institution, resulting in more than $3.5 Some of the credentials belonged to company leadership, system administrators, and other employees with privileged access.".

Banking 74

Banking Accountability Passwords DDOS 74

IT Security Guru

APRIL 12, 2022

The use of legacy protocols such as POP or IMAP, make it difficult for system administrators to set up and activate MFA. Microsoft warns users to be on the lookout for deceptive OAuth apps to avoid malicious attacks, like many remote workers using O365 experienced in September and December of 2020. .

CISO 113

CISO Passwords Marketing System Administration 113

SecureList

OCTOBER 20, 2021

On top of that, due to changes in legislation that limited financial institutions in hiring external services, the number of cases we investigated for financial industry clients in 2020 was zero. We investigated 200 cases for clients in Russia in 2020, and already over 300 in the first nine months of 2021.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

eSecurity Planet

JULY 6, 2021

After a series of highly publicized ransomware attacks this spring, the Kaseya attack most resembles the compromise of SolarWinds in late 2020. Kaseya’s flagship product is a remote monitoring and management (RMM) solution called the Virtual Systems Administrator (VSA) and is the product at the center of the current attack.

Ransomware 123

Ransomware Software B2B System Administration 123

SecureList

JUNE 17, 2021

Black Kingdom is not a new player: it was observed in action following other vulnerability exploitations in 2020, such as CVE-2019-11510. Product affected. CVE-2019-11510. Pulse Secure. March 2021. CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065. Microsoft Exchange Server. Technical analysis.

Ransomware 144

Ransomware Encryption VPN System Administration 144

SecureWorld News

JANUARY 13, 2021

In order to use this new defense against ransomware, system administrators are only required to use security software that supports it. Intel TDT issues no specialized efficacy or performance reports; rather, the data is seamlessly incorporated as a part of normal endpoint sensor reporting.". Intel's 11th gen core vPro processors.

Ransomware 63

Ransomware Computers and Electronics Firmware Threat Detection 63

eSecurity Planet

FEBRUARY 15, 2022

CVE-2020-0796 : A flaw in Microsoft Server Message Block (SMBv3) allows local privilege escalation and remote code execution, which attackers can exploit to execute code on a target server or client. Federal organizations will only have until February 24, 2022 to patch this vulnerability. How to Use the CISA Catalog.

Ransomware 129

Ransomware Encryption Backups Accountability 129