Accountability, Antivirus and System Administration

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

AvosLocker affiliates use legitimate software and open-source remote system administration tools to compromise the victims’ networks. bat) scripts [T1059.003] for lateral movement, privilege escalation, and disabling antivirus software. This joint CSA updates the advisory published by the US Government on March 17, 2022.

Ransomware

Ransomware System Administration Antivirus Malware

Privileged account management challenges: comparing PIM, PUM and PAM

CyberSecurity Insiders

NOVEMBER 18, 2021

He is also looking for opportunities to collect additional access parameters (usernames and passwords), elevate privileges, or use already existing compromised accounts for unauthorized access to systems, applications, and data. Cybercriminals may also perform some destructive actions aimed at data or systems.

Accountability

Accountability Passwords Authentication Social Engineering

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

According to Constella, this email address was used in 2010 to register an account for a Dmitry Yurievich Khoroshev from Voronezh, Russia at the hosting provider firstvds.ru. 2011 said he was a system administrator and C++ coder. NeroWolfe seems to have abandoned all of his forum accounts sometime in 2016.

Ransomware

Ransomware Cybercrime Accountability Malware

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

The government says Snatch used a customized ransomware variant notable for rebooting Microsoft Windows devices into Safe Mode — enabling the ransomware to circumvent detection by antivirus or endpoint protection — and then encrypting files when few services are running. ru account and posted as him.

Ransomware

Ransomware Accountability Cybercrime Backups

Malvertiser copies PC news site to deliver infostealer

Malwarebytes

NOVEMBER 8, 2023

This type of website is often visited by geeks and system administrators to read the latest computer reviews, learn some tips and download software utilities. The download is also a signed MSI installer, which increases the chances for it to look legitimate from the operating system and antivirus software. com realvnc[.]pro

Software

Software System Administration Antivirus Malware

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

eSecurity Planet

MARCH 21, 2022

Inactive Accounts and Default Configurations. Hackers gained initial access by brute-forcing an existing account via “a simple, predictable password” to enroll a new device in the MFA procedures, the agencies said. MFA was automatically disabled because the account was inactive for a long period.

VPN

VPN Accountability Authentication Passwords

New Linux Malware Shikitega Can Take Full Control of Devices

eSecurity Planet

SEPTEMBER 15, 2022

The researchers said the attackers have encoded the final payload with several layers, requiring several loops of decoding before it gets deployed, making it impossible to detect by signature-based antivirus solutions. Two of them regard the current user and the rest are for the root account. Five Scripts Provide Persistence.

Malware

Malware Social Engineering System Administration Antivirus

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Security Affairs

MARCH 10, 2020

“They exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.” In many cases, some machines run without standard safeguards, like security updates and cloud-delivered antivirus protection.”

Ransomware

Ransomware Cybercrime Social Engineering Banking

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

“According to the indictment, Bugat is a malware specifically crafted to defeat antivirus and other protective measures employed by victims. ” According to the indictment, the criminal duo used the stolen banking credentials to make unauthorized transfers from the victims’ bank accounts to bank accounts owned by “money mules.”

Banking

Banking Malware Accountability Cybercrime

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

Implement network segmentation , “such that all machines on your network are not accessible from every other machine” Update antivirus software on all hosts and enable real-time detection. Update and patch operating systems, software, and firmware as soon as updates and patches are released. How to Use the CISA Catalog.

Ransomware

Ransomware Encryption Backups Accountability

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Kennedy founded cybersecurity-focused TrustedSec and Binary Defense Systems and co-authored Metasploit: The Penetration Tester’s Guide. Eugene Kaspersky | @e_kaspersky.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Malware Evolves to Present New Threats to Developers

Security Boulevard

FEBRUARY 10, 2022

As new forms of malicious code appeared, an antivirus (AV) industry arose to tackle the challenge of detecting and responding to cyber threats. This technique lets attackers deliver malicious code to thousands of systems through a vector that security measures routinely ignore?—?a Ransomware. Trojans/Spyware. Logic bombs.

Malware

Malware Software Ransomware Adware

3 security lessons from an MSP that survived the Kaseya VSA attack

Malwarebytes

SEPTEMBER 16, 2021

A disaster recovery plan is only as useful as it is accessible, and an inaccessible password vault could slow down literally every single part of a data recovery effort if administrators simply cannot access their accounts. Early the next morning, Northshore systems administrator Ski Kacoroski arrived on scene.

Ransomware

Ransomware Backups Passwords Software

How to Improve SD-WAN Security

eSecurity Planet

MAY 19, 2022

This cloud-centric model offers administrators granular network management opportunities while leveraging the bandwidth and reducing the cost of service delivery. Experienced administrators understand the importance of inspecting all network traffic. Traditional Networks vs Software-Define Networks (SDN). Inspecting Web Traffic.

Firewall

Firewall Architecture Software Backups

Is Cloud Storage Safe From Ransomware?

Spinone

FEBRUARY 18, 2020

These are words that no system administrator or business leader wants to hear from anyone using a computer on their network. Traditional antivirus solutions typically leverage this type of detection mechanism. SpinOne still allows the user account access to the environment.

Ransomware

Ransomware Encryption Malware Backups

Cyber Security Informer

FBI and CISA published a new advisory on AvosLocker ransomware

Privileged account management challenges: comparing PIM, PUM and PAM

Trending Sources

How Did Authorities Identify the Alleged Lockbit Boss?

A Closer Look at the Snatch Data Ransom Group

Malvertiser copies PC news site to deliver infostealer

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

New Linux Malware Shikitega Can Take Full Control of Devices

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

US authorities charged Dridex gang members for stealing over $100 Million

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Top Cybersecurity Accounts to Follow on Twitter

Malware Evolves to Present New Threats to Developers

3 security lessons from an MSP that survived the Kaseya VSA attack

How to Improve SD-WAN Security

Is Cloud Storage Safe From Ransomware?

Stay Connected