Accountability, Risk and System Administration

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

Meanwhile, only partially redacted names of CIA employees were sent over an unclassified email account. There’s a reason why every modification—hardware or software—to these systems goes through a complex planning process and includes sophisticated access-control mechanisms.

Government

Government Artificial Intelligence Banking Software

MY TAKE: A path for SMBs to achieve security maturity: start small controlling privileged accounts

The Last Watchdog

JUNE 23, 2021

The challenge of embracing digital transformation while also quelling the accompanying cyber risks has never been greater for small- and mid-sized businesses. Somehow SMBs must keep pace competitively, while also tamping down the rising risk of suffering a catastrophic network breach. Remote desktop risks.

Accountability

Accountability Passwords Hacking Cyber Risk

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

Tools like ChatGPT and Bard, powered by large language models, showcase how generative AI transforms business processesbut they also pose new risks. In a recent survey, 93% of respondents admitted to knowingly increasing their companys cybersecurity risks. The challenge? Securing these AI models and the data they generate.

Cybersecurity

Cybersecurity Insurance Cyber Insurance Risk

Privileged account management challenges: comparing PIM, PUM and PAM

CyberSecurity Insiders

NOVEMBER 18, 2021

He is also looking for opportunities to collect additional access parameters (usernames and passwords), elevate privileges, or use already existing compromised accounts for unauthorized access to systems, applications, and data. Cybercriminals may also perform some destructive actions aimed at data or systems.

Accountability

Accountability Passwords Authentication Social Engineering

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

“The command requires Windows system administrators,” Truniger’s ads explained. was also used to register an account at the online game stalker[.]so ru account is connected to the Telegram account “ Perchatka ,” (“glove” in Russian). ru account and posted as him.

Ransomware

Ransomware Accountability Cybercrime Backups

Q&A: Here’s why robust ‘privileged access management’ has never been more vital

The Last Watchdog

JANUARY 14, 2019

This is because privileged accounts are widely deployed all across modern business networks — on-premises, in the cloud, across DevOps environments and on endpoints. They’re a fundamental part of our IT infrastructure, which is why they carry such a high level of a risk if they’re not secured.

Accountability

Accountability Risk Technology System Administration

Story of the Year: global IT outages and supply chain attacks

SecureList

DECEMBER 9, 2024

million systems worldwide. This incident serves as a stark reminder of the critical risks posed by global IT disruptions and supply chain weaknesses. This case underscores the serious risk that social engineering and supply chain attacks pose to open-source projects. Why does it matter? Pager attack in Middle East What happened?

Internet

Internet Internet Risk Social Engineering

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

FEBRUARY 26, 2024

The fix: System administrators are encouraged to install the Exchange Server 2019 Cumulative Update 14 (CU14), which was issued in February 2024 and enabled NTLM credentials Relay Protection. Read our guide on privilege escalation attacks next to learn about the detection and prevention strategies for your privileged accounts and data.

Risk

Risk Authentication System Administration Ransomware

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

It was designed to make it convenient for system administrators to automate tasks and manage configurations across all Windows endpoints and servers in a company network. Critical application processes are at the greatest risk, including those that are running in air-gapped environments,” Gupta says.

Hacking

Hacking Energy and Utilities System Administration Accountability

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

FEBRUARY 20, 2020

One of the flaws patched the IT giant is a critical issue, tracked as CVE-2020-3158 , while six vulnerabilities are rated as high-risk severity. The CVE-2020-3158 flaw is related to the presence of a system account that has a default and static password in the Smart Software Manager tool.

Software

Software System Administration Advertising Accountability

FBI’s alert warns about using Windows 7 and TeamViewer

Security Affairs

FEBRUARY 14, 2021

The FBI is warning companies about the use of out-of-date Windows 7 systems, desktop sharing software TeamViewer, and weak account passwords. The alert urges organizations to review internal networks and mitigate the risks posed by the above factors. “The attempt on Friday was thwarted. ” reported the Reuters.

Passwords

Passwords Social Engineering Software System Administration

Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure

Security Affairs

JUNE 2, 2020

Escalate privileges from “Organization Administrator” (normally a customer account) to “System Administrator” with access to all cloud accounts (organization) as an attacker can change the hash for this account. VMware has also released a workaround to mitigate the risk of exploitation for the flaw.

System Administration

System Administration Accountability Advertising Passwords

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

OCTOBER 21, 2021

Skorodumov was one of the organization’s lead systems administrators, he configured and managed the clients’ domains and IP addresses, provided technical assistance to help clients optimize their malware and botnets. Follow me on Twitter: @securityaffairs and Facebook.

System Administration

System Administration Malware Accountability Marketing

US CISA and NSA publish guidance to secure Kubernetes deployments

Security Affairs

AUGUST 4, 2021

US CISA and NSA released new guidance that provides recommendations on how to harden Kubernetes deployments and minimize the risk of hack. Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management.

System Administration

System Administration Architecture Firewall Risk

Announcing Duo’s Vision to Streamline Authentication & Enhance User Experience

Duo's Security Blog

JUNE 8, 2023

During the workday, on the other hand, I spend a lot of time talking to systems administrators, security operations analysts, and IT professionals who do love MFA. They’ve seen it drive down incidents and help desk tickets, reduce their risks, and make compliance programs a lot easier.

Authentication

Authentication VPN System Administration Engineering

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

Distribution of Broken Access Control vulnerabilities by risk level, 2021–2023 ( download ) Almost half of the Broken Access Control vulnerabilities carried a medium risk level, and 37%, a high risk level. High-risk vulnerabilities can cause errors in applications and affect customers’ business.

Passwords

Passwords Authentication Architecture Risk

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Security Affairs

APRIL 30, 2020

The PerSwaysion campaign proliferates with alarming rates by leveraging compromised accounts’ email data to select further targets who hold important roles in their companies and share business relations with the victims. New round of phishing attempts leveraging current victim’s account usually takes less than 24 hours.

Phishing

Phishing Accountability Financial Services Cloud Migration

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. To prevent the threat from spreading within the network, the City shut down the impacted IT systems. ” reads the report.

Ransomware

Ransomware Surveillance Healthcare Accountability

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

eSecurity Planet

MARCH 21, 2022

Inactive Accounts and Default Configurations. Hackers gained initial access by brute-forcing an existing account via “a simple, predictable password” to enroll a new device in the MFA procedures, the agencies said. MFA was automatically disabled because the account was inactive for a long period.

VPN

VPN Accountability Authentication Passwords

Best Privileged Access Management (PAM) Software for 2022

eSecurity Planet

NOVEMBER 30, 2021

Privileged accounts are among an organization’s biggest cybersecurity concerns. These accounts give admins control over data, applications, infrastructure and other critical assets that average system users don’t have permission to access or change. What is Privileged Access Management (PAM)? WALLIX Bastion. PAM best practices.

Software

Software Accountability Government Passwords

How to Overcome Common SSH Machine Identity Risks with Automation

Security Boulevard

JUNE 9, 2022

How to Overcome Common SSH Machine Identity Risks with Automation. Collecting Risk Intelligence. Prevent breaches by automating the collection of risk intelligence required to quickly identify and respond to SSH machine identity risks, weaknesses or security events. Higher levels of automation for system administrators.

Risk

Risk Digital transformation InfoSec System Administration

Understanding Brute Force Attacks: The Persistent Threat in Cybersecurity

Webroot

APRIL 2, 2024

While RDP is a powerful tool for remote administration and support, it has also become a favored vector for brute force attacks for several reasons: Widespread use: RDP is commonly used in businesses to enable remote work and system administration.

Cybersecurity

Cybersecurity Passwords VPN Authentication

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

Update and patch operating systems, software, and firmware as soon as updates and patches are released. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts. These flaws represent a considerable risk for enterprises and government agencies, and threat actors use them regularly.

Ransomware

Ransomware Encryption Backups Accountability

Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits

eSecurity Planet

JULY 15, 2024

To reduce the risks caused by these vulnerabilities, affected users should apply patches, upgrade software, and strengthen security measures as soon as possible. To mitigate the risk, apply these updates immediately. GitLab disclosed a pipeline flaw and Veeam addressed flaws exploited in active ransomware attacks. to 17.1.2).

Authentication

Authentication Backups Software Risk

Beautiful Basics: Lesson 3

Security Boulevard

MAY 28, 2022

If you don’t have fake accounts, computers, and configurations that look vulnerable mixed in with your population of systems you are missing out. System administrators usually know their systems very well. No one should EVER use this account. Finally lets get to the meat of this lesson.

System Administration

System Administration Accountability Passwords VPN

What Real-Life SaaS Attack Misconfiguration Exploits Can Teach Us

IT Security Guru

APRIL 12, 2022

There are a few notable exploited misconfigurations, from default built-in file sharing, and lack of password enforcement, albeit no password to multi-factor authentication (MFA), to the risks of legacy protocols and OAuth apps, that can bring a little clarity to understanding the complex landscape that is a company’s SaaS security posture.

CISO

CISO Passwords Marketing System Administration

Only now we known that International Civil Aviation Organization (ICAO) was hacked in 2016

Security Affairs

MARCH 1, 2019

According to an investigation conducted by Secureworks hackers were also able to access the hackers were also able to compromise the mail servers to obtain access to admin accounts. ” “ICAO maintains no type of financial or other private information which could possibly pose risks to individual Canadians.”

Hacking

Hacking Advertising System Administration Media

Kaseya Breach Underscores Vulnerability of IT Management Tools

eSecurity Planet

JULY 6, 2021

Kaseya’s flagship product is a remote monitoring and management (RMM) solution called the Virtual Systems Administrator (VSA) and is the product at the center of the current attack. When administrators noticed suspicious behavior on Friday, Kaseya shut down VSA. Managing supply chain risk. VSA server breached.

Ransomware

Ransomware Software B2B System Administration

Arachnophobic: How Duo Customers Can Respond to CISA’s Report on Scattered Spider

Duo's Security Blog

NOVEMBER 27, 2023

We also recognize that defenders and system administrators operate with a lot of constraints and aren’t always able to configure their environment to their ideal security posture. Be especially aware of the owner role, which is a super-admin role: it can grant admin privileges to other accounts.

Authentication

Authentication Social Engineering Risk Accountability

Can smart cities be secured and trusted?

Thales Cloud Protection & Licensing

OCTOBER 15, 2019

And, according to eMazzanti Technologies , “Often, information technology (IT) accounts for less than 0.1% Balancing the promise against the potential of cyber risks of smart cities will be critical to realizing their potential. The surge in attacks makes clear that many cities are unprepared for cybersecurity threats.

Technology

Technology Encryption Government System Administration

5 Emotions Used in Social Engineering Attacks [with Examples]

SecureWorld News

MARCH 11, 2022

He writes about this in his book, "Ghost in the Wires": "I would call the company I'd targeted, ask for their computer room, make sure I was talking to a system administrator, and tell him, 'This is [whatever fictitious name popped into my head at that moment], from DEC support. A security report against my American Express account?

Social Engineering

Social Engineering Engineering Phishing Accountability

Legendary Entertainment Relies on MVISION CNAPP Across Its Multicloud Environment

McAfee

NOVEMBER 10, 2021

However, some of the shadow IT application has weak or no security controls – resulting the opportunities for external collaborator accounts to be compromised or have mis-managed privileges. Unacceptable levels of risk. MVISION CNAPP helps me keep my system administrators and developers accountable for what they are doing.

Data breaches

Data breaches Risk CSO Media

SPOTLIGHT: Women in Cybersecurity

McAfee

NOVEMBER 3, 2020

Her work centered on helping aerospace manufacturers manage the convergence of cyber risk across their increasingly complex business ecosystem, including IT, OT and connected products. During her first few years at Booz Allen, she supported technology, innovation and risk analysis initiatives across U.S. government clients.

Cybersecurity

Cybersecurity Architecture Cloud Migration Retail

The Implications of the Uber Breach

Security Boulevard

SEPTEMBER 17, 2022

These types of "unauthorized access" attacks account for 50% of all data breaches and can cost companies as much as $9.5M Companies need to leverage artificial intelligence (AI) to combat account takeovers and tackle fraud at the front door and subsequently throughout their networks. dollars to remediate per incident.

Social Engineering

Social Engineering Education Technology Engineering

Don’t Get Hooked! 5 Essential Security Tips to Combat Holiday Phishing

Duo's Security Blog

DECEMBER 19, 2024

While we tend to associate phishing emails more with our personal accounts, attacks targeting our work identities whether through socially engineered phishing, brute force, or another form, are very common. Combined, these sectors accounted for more than 30 percent of account compromises.

Phishing

Phishing Authentication Social Engineering Passwords

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

In this article we will learn how to address and effectively respond to major enterprise cybersecurity threats and provide tips to mitigate IT security risk. Be On Your Guard with the Most Treacherous Insider Roles A paramount priority when addressing the threat is to distinguish the fundamental insider risks.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Addressing Remote Desktop Attacks and Security

eSecurity Planet

MARCH 25, 2022

As remote desktop solutions are prevalent among IT and managed service providers (MSP), downstream clients can be at risk, as Kaseya experienced in 2021. A few days later, IT systems started malfunctioning with ransom messages following. Reconnaissance. Also read : Best Internet Security Suites & Software.

VPN

VPN Software Authentication Encryption

CSPM vs CWPP vs CIEM vs CNAPP: What’s the Difference?

eSecurity Planet

AUGUST 4, 2023

Cloud Infrastructure Entitlement Management (CIEM): Best used to effectively manage cloud resource entitlements, reduce access risks, and maintain compliance. CWPP provides strong defenses against a wide range of risks such as malware , ransomware , DDoS attacks , configuration errors , insider threats, and data breaches.

Architecture

Architecture Risk Data breaches Threat Detection

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

It could be compromised directly or by hacking the account of someone with access to the website management. The adoption of cloud servers made life easier for cybercriminals — now, if multiple complaints resulted in the suspension of an account, moving the data to a new server was a two-minute job.

Cybercrime

Cybercrime Banking Malware Ransomware

10 Unbelievable Ways the CIA Is Failing at Cybersecurity

SecureWorld News

JUNE 18, 2020

The page above reveals the bottom line of this report: "This wake-up call presents us with an opportunity to right longstanding imbalances and lapses, to reorient how we view risk, redacted.We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change.".

Cybersecurity

Cybersecurity Authentication Government System Administration

Most Common SSH Vulnerabilities & How to Avoid Them

Security Boulevard

DECEMBER 2, 2022

In most organization system administrators can disable or change most or all SSH configurations; these settings and configurations can significantly increase or reduce SSH security risks. Disabling root account remote login - This prevents users from logging in as the root (super user) account. Related Posts.

Risk

Risk Passwords Authentication Accountability

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. An attacker creates a new admin user and logs into an OpenFire account. They shouldn’t be connected to any networks because of the risk they still pose, despite attempted patches.

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. An attacker creates a new admin user and logs into an OpenFire account. They shouldn’t be connected to any networks because of the risk they still pose, despite attempted patches.

VPN

VPN Authentication Mobile Firewall

Check: that Republican audit of Maricopa

Security Boulevard

SEPTEMBER 24, 2021

Patches in those systems can destabilize systems and kill people, so these industries are risk averse. Dominion simply uses “role based security” instead of normal user accounts. The auditors claim account passwords must “be changed every 90 days”. Ideally, accounts wouldn’t be created until they were needed.

Software

Software Computers and Electronics Accountability Firewall

DOGE as a National Cyberattack

MY TAKE: A path for SMBs to achieve security maturity: start small controlling privileged accounts

Trending Sources

Top Cybersecurity Trends to Watch Out For in 2025

Privileged account management challenges: comparing PIM, PUM and PAM

A Closer Look at the Snatch Data Ransom Group

Q&A: Here’s why robust ‘privileged access management’ has never been more vital

Story of the Year: global IT outages and supply chain attacks

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

Cisco fixes a static default credential issue in Smart Software Manager tool

FBI’s alert warns about using Windows 7 and TeamViewer

Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure

Administrators of bulletproof hosting sentenced to prison in the US

US CISA and NSA publish guidance to secure Kubernetes deployments

Announcing Duo’s Vision to Streamline Authentication & Enhance User Experience

Top 10 web application vulnerabilities in 2021–2023

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

Best Privileged Access Management (PAM) Software for 2022

How to Overcome Common SSH Machine Identity Risks with Automation

Understanding Brute Force Attacks: The Persistent Threat in Cybersecurity

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits

Beautiful Basics: Lesson 3

What Real-Life SaaS Attack Misconfiguration Exploits Can Teach Us

Only now we known that International Civil Aviation Organization (ICAO) was hacked in 2016

Kaseya Breach Underscores Vulnerability of IT Management Tools

Arachnophobic: How Duo Customers Can Respond to CISA’s Report on Scattered Spider

Can smart cities be secured and trusted?

5 Emotions Used in Social Engineering Attacks [with Examples]

Legendary Entertainment Relies on MVISION CNAPP Across Its Multicloud Environment

SPOTLIGHT: Women in Cybersecurity

The Implications of the Uber Breach

Don’t Get Hooked! 5 Essential Security Tips to Combat Holiday Phishing

Cyber Security Awareness and Risk Management

Addressing Remote Desktop Attacks and Security

CSPM vs CWPP vs CIEM vs CNAPP: What’s the Difference?

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

10 Unbelievable Ways the CIA Is Failing at Cybersecurity

Most Common SSH Vulnerabilities & How to Avoid Them

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Check: that Republican audit of Maricopa

Stay Connected