SecureList

OCTOBER 20, 2021

We investigated 200 cases for clients in Russia in 2020, and already over 300 in the first nine months of 2021. In 2021, browsers are much safer, with some of them updating automatically, without any user participation, while browser developers continually invest in vulnerabilities assessment.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

Krebs on Security

JUNE 10, 2022

For many years, Dye was a system administrator for Optinrealbig , a Colorado company that relentlessly pimped all manner of junk email, from mortgage leads and adult-related services to counterfeit products and Viagra. Adconion was acquired in June 2014 by Amobee , a Redwood City, Calif.

Government 328

Government Internet Marketing Internet 328

Security Boulevard

JULY 26, 2021

In the first half of 2021, prominent attacks against SolarWinds and Microsoft Exchange both highlighted the collateral impact and potential reach of targeting the software supply chain. This year will be remembered as annus horribilis for attacks against the software supply chain.

Ransomware 111

Ransomware System Administration Software 111

Security Boulevard

SEPTEMBER 14, 2021

With system administrators eagerly waiting for a patch to CVE-2021-40444, this month’s Patch Tuesday comes with fixes for 86 vulnerabilities , including those previously released for Microsoft Edge, out of which three are classified as Critical and 56 as Important ….

System Administration 59

System Administration 59

Krebs on Security

FEBRUARY 8, 2022

In July 2021, Microsoft issued an emergency fix for a Print Spooler flaw dubbed “ PrintNightmare ” that was actively being exploited to remotely compromise Windows PCs. The change will also be enabled for all currently supported standalone versions of Office, including versions 2021, 2019, 2016, and 2013.

Authentication 237

Authentication Internet Internet System Administration 237

Security Affairs

APRIL 25, 2021

Threat actors are exploiting two vulnerabilities in the popular file-sharing server FileZen , tracked as CVE-2020-5639 and CVE-2021-20655 , to steal sensitive data from businesses and government organizations. The vendor recommended changing system administrator account, reset access control, and installing the latest available version.

System Administration 127

System Administration Firmware Government Hacking 127

CyberSecurity Insiders

DECEMBER 2, 2021

The tech giant also issued an alert to system administrators to patch their vulnerable Exchange Servers quickly to avoid being targeted by more ProxyShell Attack claims. By April 2021, the Satya Nadella led company found that its email servers were being exploited to be used as ransomware distribution devices.

Ransomware 126

Ransomware System Administration Threat Detection Cyber threats 126

Security Affairs

OCTOBER 13, 2023

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing support for encrypting Linux systems, specifically VMware ESXi servers. This joint CSA updates the advisory published by the US Government on March 17, 2022.

Ransomware 130

Ransomware System Administration Antivirus Malware 130

Malwarebytes

DECEMBER 10, 2021

An exploit listed as CVE-2021-44228 was made public on December 9, 2021. The exploit is simple, easy to trigger, and can be used to perform remote code execution (RCE) in vulnerable systems, which could allow an attacker to gain full control of them. Stay safe, everyone!

System Administration 141

System Administration Software 141

Malwarebytes

OCTOBER 22, 2021

Unfortunately, in an echo of the Y2K bug, a flaw in some versions of GPSD could cause time to roll back after October 23, 2021. The buggy versions of the code reportedly subtract 1024 from the week number on October 24, 2021. It is also good for system administrators to make a mental note of the date October 24, 2021.

Authentication 145

Authentication System Administration Firmware Passwords 145

Security Boulevard

AUGUST 10, 2021

After last month’s PrintNightmare vulnerability, system admins are only just catching their breaths, but this month’s Patch Tuesday is already here, so it’s back to hustling for IT teams. With most organizations embracing a distributed workforce, system administrators are bound ….

System Administration 52

System Administration 52

Malwarebytes

AUGUST 23, 2021

Last Saturday the Cybersecurity and Infrastructure Security Agency issued an urgent warning that threat actors are actively exploiting three Microsoft Exchange vulnerabilities— CVE-2021-34473 , CVE-2021-34523 , and CVE-2021-31207. Fixes were available in the May 2021 Security Updates issued by Microsoft. (To

Ransomware 111

Ransomware Authentication Encryption System Administration 111

The Last Watchdog

AUGUST 12, 2024

based AppSOC launched in 2021 to aggregate, consolidate and prioritize security data from various toolsets used in the software development lifecycle ( SDLC ). For starters the ring is aimed at system administrators and senior executives, but could eventually go mainstream. San Jose, Calif.-based

Software 290

Software Technology Mobile Cybersecurity 290

Security Affairs

FEBRUARY 5, 2021

4 XSS in FortiWeb (CVE-2021-22122), found by Andrey Medov, have been patched. cmdb_edit_path=");alert('xss');// Advisory: [link] pic.twitter.com/jCOILHKWc4 — PT SWARM (@ptswarm) February 4, 2021. Two example PoCs: 1⃣ /error3?msg=30&data=';alert('xss');//

Firewall 142

Firewall System Administration Technology Hacking 142

Joseph Steinberg

SEPTEMBER 14, 2021

CyberSecurity Expert Joseph Steinberg will speak about endpoint security at the Endpoint Management and Security Conference , to be held virtually on Tuesday, September 14, 2021.

Cybersecurity 26

Cybersecurity Artificial Intelligence System Administration Internet 26

Malwarebytes

JULY 14, 2021

The list of July 2021 Patch Tuesday updates looks endless. Looking at the urgency levels Microsoft has assigned to them, system administrators have their work cut out for them once again: 13 criticial patches 103 important patches. CVE-2021-31979 Windows Kernel Elevation of Privilege Vulnerability for Windows 7, Windows 8.1,

DNS 106

DNS Media System Administration Engineering 106

Security Boulevard

MARCH 12, 2021

Following exposure and publication of a major remote execution vulnerability like Exchange’s ProxyLogon (CVE-2021-26855), we expect other threat actors to join the race against system administrators trying to patch their systems. Following the release of patches and responsible….

Ransomware 75

Ransomware System Administration 75

CyberSecurity Insiders

MARCH 10, 2021

Cases of cyber-attacks are rapidly increasing, and businesses have every reason to worry following the recent prediction that damage costs might shoot beyond $6 trillion by the end of 2021. Cybersecurity services will still be in high demand 2021 and beyond. million jobs available by 2021. Identify a gap and bridge it.

Cybersecurity 143

Cybersecurity Marketing System Administration Backups 143

Digital Shadows

JULY 5, 2021

On 02 July 2021, details started to emerge of a sophisticated supply-chain attack targeting Kaseya VSA, virtual system administrator software.

System Administration 65

System Administration Ransomware Software Cyber threats 65

McAfee

OCTOBER 4, 2021

The 2021 Hispanic Heritage Month theme invites us to celebrate Hispanic Heritage and to reflect on how great our tomorrow can be if we hold onto our resilience and hope. The post 2021 Hispanic Heritage Month Pt. One way to do this is to make more information available in Spanish. So, if you’re reading this, you have no excuses!

InfoSec 83

InfoSec System Administration Cybersecurity Engineering 83

Security Affairs

MAY 5, 2021

Researchers from Tenable have disclosed a critical authentication bypass vulnerability in HPE Edgeline Infrastructure Manager (EIM), tracked as CVE-2021-29203 , that could be exploited by attackers to compromise a customer’s cloud infrastructure. EIM is the company’s two-year-old edge computing-management suite. or later to fix the bug.

Authentication 131

Authentication Passwords Accountability System Administration 131

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency 115

Cryptocurrency Malware Advertising System Administration 115

Security Affairs

APRIL 26, 2021

The authorities started pushing out a 32-bit payload named “ EmotetLoader.dll ” to clean up the infected systems, the process was set to trigger itself automatically on April 25, 2021 as confirmed by researchers at Malwarebytes. ” reads the post published by MalwareBytes. ” stated the DoJ.

Malware 110

Malware Banking System Administration Hacking 110

SecureList

JUNE 17, 2021

Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an unknown adversary for exploiting a Microsoft Exchange vulnerability (CVE-2021-27065). March 2021. CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065.

Ransomware 144

Ransomware Encryption VPN System Administration 144

Trend Micro

SEPTEMBER 13, 2021

The September 2021 Patch Tuesday cycle is relatively good news for system administrators with only 66 total bulletins. Perhaps more significantly, only three of these were Critical bulletins.

System Administration 52

System Administration 52

Security Affairs

APRIL 30, 2023

CERT-UA observed the campaign in April 2023, the malicious e-mails with the subject “Windows Update” were crafted to appear as sent by system administrators of departments of multiple government bodies. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

System Administration 98

System Administration Government Phishing Malware 98

eSecurity Planet

SEPTEMBER 15, 2022

The malware seems to leverage the infamous Pwnkit vulnerability (CVE-2021-4034), one of the easiest exploits imaginable, and OverlayFS ( CVE-2021-3493 ), a kernel exploit that pentesters , capture-the-flag (CTF) players, and hackers know all too well. How to Protect Against Shikitega.

Malware 118

Malware Social Engineering System Administration Antivirus 118

Security Affairs

OCTOBER 3, 2023

Our investigation revealed that this remote endpoint is associated with criminal activities dating back to 2019, indicating that these hosts were likely under the control of the same technical administration. In 2021, that hostname appeared in SMTP messages reported as a “romance scam” in a popular romance and dating scam tracking forum.

Scams 144

Scams Ransomware System Administration Malware 144

Krebs on Security

SEPTEMBER 30, 2023

“The command requires Windows system administrators,” Truniger’s ads explained. Flashpoint said Truniger recruited “pen testers” for a new, then-unnamed cybercrime group, by posting their private Jabber instant messenger contact details on multiple Russian language coding forums, as well as on Facebook.

Ransomware 283

Ransomware Accountability Cybercrime Backups 283

Malwarebytes

JULY 1, 2021

In June, Microsoft patched a vulnerability in the Windows Print Spooler that was listed as CVE-2021-1675. Which means that someone with limited access to a system could raise their privilege level, giving them more power over the affected system. They called theirs PrintNightmare and believed it was the same as CVE-2021-1675.

System Administration 95

System Administration Backups Marketing Engineering 95

Malwarebytes

JUNE 15, 2022

Windows Server 2022 and Windows 10 Enterprise LTSC 2021 are also out of scope. It’s also worth reading for system administrators that want to prepare for the second phase of the retirement process. In-market Windows 10 LTSC and Windows Server are also unaffected by this change. Not so much.

Internet 98

Internet Internet IoT System Administration 98

CyberSecurity Insiders

DECEMBER 17, 2021

PHOENIX–( BUSINESS WIRE )–University of Phoenix is a recipient of the EC-Council 2021 Academic Circle of Excellence Award. Current faculty includes 136 chief executive officers, 19 chief information officers, three chief information security officers, and 127 information technology/system administrators.

Cybersecurity 52

Cybersecurity Education Technology System Administration 52

Krebs on Security

JULY 25, 2023

In a report released July 12, researchers at Lumen’s Black Lotus Labs called the AVrecon botnet “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history,” and a crime machine that has largely evaded public attention since first being spotted in mid-2021.

Malware 239

Malware VPN Internet Internet 239

Malwarebytes

APRIL 21, 2021

The new vulnerability (CVE-2021-22893) is a Remote Code Execution (RCE) vulnerability with a CVSS score of 10—the maximum—and a Critical rating. There is no patch for it yet (it is expected to be patched in early May), so system administrators will need to mitigate for the problem for now, rather than simply fixing it.

VPN 82

VPN Authentication Malware System Administration 82

Malwarebytes

JULY 23, 2021

CNA’s network was compromised in March 2021. “With elevated privileges, the Threat Actor moved laterally within the environment to conduct reconnaissance and establish persistence onto certain systems within the environment. You can listen to it below, or on Apple Podcasts , Spotify , and Google Podcasts.

Ransomware 104

Ransomware Unstructured Data Accountability Consumer Protection 104

Malwarebytes

JUNE 24, 2021

The researchers have written a paper (pdf) about Active Directory Certificate Services (AD CS) to raise awareness for both attackers and defenders alike of the security issues surrounding this complex, widely deployed, and often misunderstood system. They will also present this material at BlackHat USA 2021.

Authentication 125

Authentication System Administration Passwords 125

eSecurity Planet

MARCH 21, 2022

By using a misconfigured Cisco Duo MFA implementation to force enrollment of a new device, the hackers were then able to use the “PrintNightmare” Windows Print Spooler vulnerability ( CVE-2021-34527 and CVE-2021-36958 ) to obtain administrator privileges. Inactive Accounts and Default Configurations.

VPN 118

VPN Accountability Authentication Passwords 118