Accountability, DNS and System Administration

Accountability

DNS

System Administration

‘Wormable’ Flaw Leads July Microsoft Patches

Krebs on Security

JULY 14, 2020

Top of the heap this month in terms of outright scariness is CVE-2020-1350 , which concerns a remotely exploitable bug in more or less all versions of Windows Server that attackers could use to install malicious software simply by sending a specially crafted DNS request.

DNS

DNS Backups Software System Administration

Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

Malwarebytes

APRIL 9, 2024

In the past couple of weeks, we have observed an ongoing campaign targeting system administrators with fraudulent ads for popular system utilities. We have observed several different advertiser accounts which were all reported to Google. Click here for more information about DNS filtering via our Nebula platform.

System Administration

System Administration DNS Engineering Social Engineering

Join 28,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

eSecurity Planet

MARCH 21, 2022

Inactive Accounts and Default Configurations. Hackers gained initial access by brute-forcing an existing account via “a simple, predictable password” to enroll a new device in the MFA procedures, the agencies said. MFA was automatically disabled because the account was inactive for a long period.

VPN

VPN Accountability Authentication Passwords

Backdoored Webmin versions were available for download for over a year

Security Affairs

AUGUST 19, 2019

Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day is that Webmin contained a remote code execution vulnerability, tracked as CVE-2019-15107, for more than a year.

Passwords

Passwords System Administration Advertising DNS

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

The Roboto botnet spreads by compromising systems by exploiting the Webmin RCE vulnerability tracked as CVE-2019-15107 to drop its downloader module on Linux servers running vulnerable installs. Webmin is an open-source web-based interface for system administration for Linux and Unix.

DDOS

DDOS Advertising System Administration DNS

Addressing Remote Desktop Attacks and Security

eSecurity Planet

MARCH 25, 2022

A few days later, IT systems started malfunctioning with ransom messages following. The system administrator did not configure standard security controls when installing the server in question. Meanwhile, the suspect server was connected to the CDOT domain with an administrator account and the internet.

VPN

VPN Software Authentication Encryption

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

Adam Levin

APRIL 8, 2019

Facebook’s Two-Factor Authentication phone numbers exposed: After prompting users to provide phone numbers to secure their accounts, Facebook allows anyone to look up their account by using them. Denying anything happened gives system administrators more time to identify and patch newly discovered vulnerabilities.

Hacking

Hacking Data privacy Artificial Intelligence System Administration

Misconfiguration Manager: Detection Updates

Security Boulevard

DECEMBER 16, 2024

As many security researchers began this career path, I started my career in customer support and eventually found myself in system administration. Many years ago, I can remember learning how to deploy security patches, software, and operating systems via SCCM. Event ID: 4663 An attempt was made to access an object.

Accountability

Accountability System Administration DNS Media

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Kennedy founded cybersecurity-focused TrustedSec and Binary Defense Systems and co-authored Metasploit: The Penetration Tester’s Guide. Denial-of-Suez attack.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Ransomware: Why do backups fail when you need them most?

Malwarebytes

OCTOBER 22, 2021

So why do we keep hearing things like this: We’re also feeling relatively confident, we have a very good backup system … and then we find out at about four or five hours after the [ransomware] attack that our backup system is completely gone. Ski Kacoroski, System administrator, Northshore School District.

Backups

Backups Ransomware System Administration DNS

Cyber Security Informer

‘Wormable’ Flaw Leads July Microsoft Patches

Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

Trending Sources

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

Backdoored Webmin versions were available for download for over a year

Roboto, a new P2P botnet targets Linux Webmin servers

Addressing Remote Desktop Attacks and Security

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

Misconfiguration Manager: Detection Updates

Top Cybersecurity Accounts to Follow on Twitter

Ransomware: Why do backups fail when you need them most?

Stay Connected