2021, Cybercrime and System Administration

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime

Cybercrime Banking Malware Ransomware

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

NOVEMBER 8, 2021

Prosecutors say Vasinskyi was involved in a number of REvil ransomware attacks, including the July 2021 attack against Kaseya , Miami-based company whose products help system administrators manage large networks remotely. Vasinskyi was arrested Oct. 8 in Poland, which maintains an extradition treaty with the United States.

Ransomware

Ransomware Cybercrime System Administration Passwords

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

In a report released July 12, researchers at Lumen’s Black Lotus Labs called the AVrecon botnet “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history,” and a crime machine that has largely evaded public attention since first being spotted in mid-2021. com, super-socks[.]com,

Malware

Malware VPN Internet Internet

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

.” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards. “The command requires Windows system administrators,” Truniger’s ads explained.

Ransomware

Ransomware Accountability Cybercrime Backups

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing support for encrypting Linux systems, specifically VMware ESXi servers. This joint CSA updates the advisory published by the US Government on March 17, 2022.

Ransomware

Ransomware System Administration Antivirus Malware

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Security Affairs

OCTOBER 3, 2023

Our investigation revealed that this remote endpoint is associated with criminal activities dating back to 2019, indicating that these hosts were likely under the control of the same technical administration. In 2021, that hostname appeared in SMTP messages reported as a “romance scam” in a popular romance and dating scam tracking forum.

Scams

Scams Ransomware System Administration Malware

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

Digital Shadows

JULY 5, 2021

On 02 July 2021, details started to emerge of a sophisticated supply-chain attack targeting Kaseya VSA, virtual system administrator software.

System Administration

System Administration Ransomware Software Cyber threats

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

Security Affairs

APRIL 26, 2021

The authorities started pushing out a 32-bit payload named “ EmotetLoader.dll ” to clean up the infected systems, the process was set to trigger itself automatically on April 25, 2021 as confirmed by researchers at Malwarebytes. ” reads the post published by MalwareBytes. ” stated the DoJ.

Malware

Malware Banking System Administration Hacking

University of Phoenix Recognized With 2021 Academic Circle of Excellence Award by EC-Council, World’s Largest Cybersecurity Certification Body

CyberSecurity Insiders

DECEMBER 17, 2021

PHOENIX–( BUSINESS WIRE )–University of Phoenix is a recipient of the EC-Council 2021 Academic Circle of Excellence Award. In an era seeing more cybercrime focused on businesses , cybersecurity knowledge and education is only becoming more critical. years of professional experience. About EC-Council.

Cybersecurity

Cybersecurity Education Technology System Administration

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

The tool is basically a search engine for local and network shared files inside a Windows environment: unlike the default Windows search, it is designed to locate files and folders by filename instantly, speeding up system information discovery. Its name is YDArk and it is an open-source tool available even on GitHub ( link ).

Ransomware

Ransomware Software System Administration Encryption

Just What Does It Take to Develop a Career in the Cybersecurity Domain?

IT Security Guru

JANUARY 12, 2021

System Administrator (or, sysadmin). Far away from the glamor and spotlight that other career fields like programming or data science get, there is a full-on war for hiring good cyber talent because of the year-on-year spike in cybercrime. Secure Software Development. Secure DevOps. IoT (Internet of Things) Security.

Cybersecurity

Cybersecurity Government IoT Penetration Testing

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

In another publication , Google also followed up on the activities of a similar vendor named Cytrox that had leveraged four 0-day vulnerabilities in a 2021 campaign. A recent leak has put it in the hands of cybercrime actors and it is very likely that by the end of the year we will see it involved in APT cases too.

Firmware

Firmware Surveillance Mobile Telecommunications

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

Digital Shadows

JULY 5, 2021

On 02 July 2021, details started to emerge of a sophisticated supply-chain attack targeting Kaseya VSA, virtual system administrator software used to manage and monitor customers’ infrastructure. Kaseya’s CEO, Fred Voccola, claimed on 03 July 2021 that “fewer than 40 worldwide” customers were impacted.

Ransomware

Ransomware Encryption Cryptocurrency System Administration

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines.

Malware

Malware Social Engineering Encryption Marketing

IT threat evolution Q2 2021

SecureList

AUGUST 12, 2021

While analyzing the CVE-2021-1732 exploit, first discovered by DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we found another zero-day exploit that we believe is linked to the same threat actor. The exploit-chain attempts to install malware in the system through a dropper.

Ransomware

Ransomware Malware Banking Encryption

Ransomware Gangs and the Name Game Distraction

Krebs on Security

AUGUST 5, 2021

Reinvention is a basic survival skill in the cybercrime business. REvil’s last big victim was Kaseya , a Miami-based company whose products help system administrators manage large networks remotely. In early June 2021, researchers discovered the Dridex gang was once again trying to morph in an effort to evade U.S.

Ransomware

Ransomware Cybercrime Malware System Administration

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Also read: Top Endpoint Detection and Response (EDR) Solutions for 2021. — Eva (@evacide) October 4, 2021. Also read: Top Next-Generation Firewall (NGFW) Vendors for 2021.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

How to Get Started in Cybersecurity: Steps, Skills & Resources

eSecurity Planet

JULY 30, 2024

A few highlights include analysts, engineering roles in networking, IT system administration, pentesting, and leadership roles. Sysadmin roles can involve: Setting up networks and IT systems: These leaders manage setup processes for hardware, software, network connections, and user permissions.

Cybersecurity

Cybersecurity System Administration Engineering Firewall

Cyber Security Informer

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Webinars

Trending Sources

Who and What is Behind the Malware Proxy Service SocksEscort?

Webinars

A Closer Look at the Snatch Data Ransom Group

FBI and CISA published a new advisory on AvosLocker ransomware

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

University of Phoenix Recognized With 2021 Academic Circle of Excellence Award by EC-Council, World’s Largest Cybersecurity Certification Body

Dissecting the malicious arsenal of the Makop ransomware gang

Just What Does It Take to Develop a Career in the Cybersecurity Domain?

Advanced threat predictions for 2023

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

Updates from the MaaS: new threats delivered through NullMixer

IT threat evolution Q2 2021

Ransomware Gangs and the Name Game Distraction

Top Cybersecurity Accounts to Follow on Twitter

How to Get Started in Cybersecurity: Steps, Skills & Resources

Stay Connected