Accountability, Education and System Administration

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

Meanwhile, only partially redacted names of CIA employees were sent over an unclassified email account. DOGE personnel are also reported to be feeding Education Department data into artificial intelligence software, and they have also started working at the Department of Energy. This story is moving very fast.

Government

Government Artificial Intelligence Banking Software

Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

Malwarebytes

APRIL 9, 2024

In the past couple of weeks, we have observed an ongoing campaign targeting system administrators with fraudulent ads for popular system utilities. We have observed several different advertiser accounts which were all reported to Google. Yet, the threat has become prevalent enough to warrant better user education.

System Administration

System Administration DNS Engineering Social Engineering

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. To prevent the threat from spreading within the network, the City shut down the impacted IT systems. ” reads the report.

Ransomware

Ransomware Surveillance Healthcare Accountability

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

CERT-UA observed the campaign in April 2023, the malicious e-mails with the subject “Windows Update” were crafted to appear as sent by system administrators of departments of multiple government bodies. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

System Administration

System Administration Government Phishing Malware

The Implications of the Uber Breach

Security Boulevard

SEPTEMBER 17, 2022

These types of "unauthorized access" attacks account for 50% of all data breaches and can cost companies as much as $9.5M It has to be complemented with well-designed, enforceable policies, proven procedures, and strong system hygiene coupled with continuous education and awareness. Continuously educating your workforce.

Social Engineering

Social Engineering Education Technology Engineering

Raising a Cyber-Savvy Village: Remote Learning Security in the Age of COVID-19

Herjavec Group

OCTOBER 30, 2020

Like it or not, within a few months, educational institutions have now become enterprise IT entities, taking on all the responsibilities of securely delivering qualitative technology services. Ask your school system administrators to provide a copy of their incident response policies and plans. School Systems and Educators.

Education

Education Wireless System Administration Firewall

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

It could be compromised directly or by hacking the account of someone with access to the website management. The adoption of cloud servers made life easier for cybercriminals — now, if multiple complaints resulted in the suspension of an account, moving the data to a new server was a two-minute job.

Cybercrime

Cybercrime Banking Malware Ransomware

Don’t Get Hooked! 5 Essential Security Tips to Combat Holiday Phishing

Duo's Security Blog

DECEMBER 19, 2024

While we tend to associate phishing emails more with our personal accounts, attacks targeting our work identities whether through socially engineered phishing, brute force, or another form, are very common. Combined, these sectors accounted for more than 30 percent of account compromises.

Phishing

Phishing Authentication Social Engineering Passwords

SPOTLIGHT: Women in Cybersecurity

McAfee

NOVEMBER 3, 2020

In this role, Diane is accountable for the security of the retail stores, cyber-security, infrastructure, security/network engineering, data protection, third-party risk assessments, Directory Services, SOX & PCI compliance, application security, security awareness and Identity Management. Director/CISO of IT Risk Management. Ulta Beauty.

Cybersecurity

Cybersecurity Architecture Cloud Migration Retail

10 Unbelievable Ways the CIA Is Failing at Cybersecurity

SecureWorld News

JUNE 18, 2020

Shared passwords and a failure to control access: "Most of our sensitive cyber weapons were not compartmented, users shared systems administrator-level passwords.". Because no one had that ability, no one was accountable—and the mission system in question, like others, lacked appropriate security.".

Cybersecurity

Cybersecurity Authentication Government System Administration

(ISC)² Supports Cyber Newcomers

CyberSecurity Insiders

APRIL 5, 2023

Recently, the Center for Cyber Safety and Education held its first Birds of a Feather : Newbies in Cyber webinar to promote an open dialogue and space for those leaning toward a career in cybersecurity, career changers and anyone interested in joining the field with questions.

Education

Education Cybersecurity System Administration Engineering

Just What Does It Take to Develop a Career in the Cybersecurity Domain?

IT Security Guru

JANUARY 12, 2021

You can explore your options through online education platforms such as PluralSight , Cybrary , and PentesterAcademy. System Administrator (or, sysadmin). As a CBO at Ampcus Cyber, Viral overlooks the go-to-market Strategy, channel partner programs, strategic accounts, and customer relationship management. Secure DevOps.

Cybersecurity

Cybersecurity Government IoT Penetration Testing

Linux Patch Management: Tools, Issues & Best Practices

eSecurity Planet

JUNE 21, 2023

By concentrating on crucial patches that fix serious flaws or have a significant influence on system stability, system administrators may make sure that resources are used effectively and that possible disruptions are kept to a minimum. Professional plans start from $245/year up to $24,295/year.

Software

Software Backups Risk System Administration

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Kennedy founded cybersecurity-focused TrustedSec and Binary Defense Systems and co-authored Metasploit: The Penetration Tester’s Guide. Denial-of-Suez attack.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Always keep your eyes open to control-rights of the senior IT managers or systems administrators with the authority to configure servers, firewalls, cloud storage, and file-sharing (or another network privilege).

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

How to Get Started in Cybersecurity: Steps, Skills & Resources

eSecurity Planet

JULY 30, 2024

A few highlights include analysts, engineering roles in networking, IT system administration, pentesting, and leadership roles. Sysadmin roles can involve: Setting up networks and IT systems: These leaders manage setup processes for hardware, software, network connections, and user permissions.

Cybersecurity

Cybersecurity System Administration Engineering Firewall

MY TAKE: Remote classes, mobile computing heighten need for a security culture in K-12 schools

The Last Watchdog

JUNE 22, 2020

To Zoom’s credit, password protection and a “waiting room” feature, which allows the host to control when a participant joins the meeting, are the default settings for its free and single license paid accounts. It’s just a matter of finances and institutional intent, which go hand in glove.

Mobile

Mobile Passwords Technology VPN

IT threat evolution Q2 2021

SecureList

AUGUST 12, 2021

Our telemetry indicates that dozens of organizations were affected, belonging to the government or military sector, or otherwise related to the health, diplomacy, education or political verticals. Successful exploitation leads to the deployment of further malware – named DropPhone and CoreLoader. Notify your supervisors as soon as possible.

Ransomware

Ransomware Malware Banking Encryption

Cyber Security Informer

DOGE as a National Cyberattack

Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

Webinars

Trending Sources

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Webinars

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

The Implications of the Uber Breach

Raising a Cyber-Savvy Village: Remote Learning Security in the Age of COVID-19

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Don’t Get Hooked! 5 Essential Security Tips to Combat Holiday Phishing

SPOTLIGHT: Women in Cybersecurity

10 Unbelievable Ways the CIA Is Failing at Cybersecurity

(ISC)² Supports Cyber Newcomers

Just What Does It Take to Develop a Career in the Cybersecurity Domain?

Linux Patch Management: Tools, Issues & Best Practices

Top Cybersecurity Accounts to Follow on Twitter

Cyber Security Awareness and Risk Management

How to Get Started in Cybersecurity: Steps, Skills & Resources

MY TAKE: Remote classes, mobile computing heighten need for a security culture in K-12 schools

IT threat evolution Q2 2021

Stay Connected