Antivirus, Government and System Administration

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

The government alleges Khoroshev created, sold and used the LockBit ransomware strain to personally extort more than $100 million from hundreds of victim organizations, and that LockBit as a group extorted roughly half a billion dollars over four years. 2011 said he was a system administrator and C++ coder. Image: treasury.gov.

Ransomware

Ransomware Cybercrime Accountability Malware

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

This joint CSA updates the advisory published by the US Government on March 17, 2022. AvosLocker affiliates use legitimate software and open-source remote system administration tools to compromise the victims’ networks. bat) scripts [T1059.003] for lateral movement, privilege escalation, and disabling antivirus software.

Ransomware

Ransomware System Administration Antivirus Malware

Top 8 trusted cybersecurity companies in the world

CyberSecurity Insiders

APRIL 10, 2022

As soon as the government of the United States announced a ban on Russian security software provided by Kaspersky, all the system administrators working across the world searched for the most trusted cybersecurity software companies in the world.

Cybersecurity

Cybersecurity Antivirus System Administration Threat Detection

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

The government says Snatch used a customized ransomware variant notable for rebooting Microsoft Windows devices into Safe Mode — enabling the ransomware to circumvent detection by antivirus or endpoint protection — and then encrypting files when few services are running. Details after contacting on jabber: truniger@xmpp[.]jp.”

Ransomware

Ransomware Accountability Cybercrime Backups

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

. “Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE’s cloud computing service and used it as a launchpad to attack customers, plundering reams of corporate and government secrets for years in what U.S. prosecutors say was an effort to boost Chinese economic interests.”

Identity Theft

Identity Theft Hacking Advertising System Administration

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

Secret Service issued a detailed advisory on the BlackByte Ransomware as a Service (RaaS) group, which has attacked critical infrastructure industries in recent months, among them government, financial and food and agriculture targets. Update and patch operating systems, software, and firmware as soon as updates and patches are released.

Ransomware

Ransomware Encryption Backups Accountability

Malware Evolves to Present New Threats to Developers

Security Boulevard

FEBRUARY 10, 2022

As new forms of malicious code appeared, an antivirus (AV) industry arose to tackle the challenge of detecting and responding to cyber threats. They also provide cover for malicious actions from governments and organizations by introducing a layer of separation between the attackers and the attack source. Ransomware. Trojans/Spyware.

Malware

Malware Software Ransomware Adware

Earning Trust In Public Cloud Services

SiteLock

OCTOBER 12, 2021

Governments, NGO’s and enterprises of any size and profile are now subscribing to cloud provider services. Mature customers tend to have rules implemented governing the relationships with cloud service providers, as well as indicators for evaluating such cooperation. Businesses are opting for the cloud more and more. About The Author.

System Administration

System Administration Insurance Penetration Testing Social Engineering

Vulnerability Management as a Service: Top VMaaS Providers

eSecurity Planet

OCTOBER 24, 2022

Here, organizations should work toward achieving an effective system-wide process between security operations, IT operations, and system administration teams to ensure everyone is on the same page. Syxsense enables businesses to meet governance or compliance regulations with help from its services team.

Software

Software Risk Healthcare Artificial Intelligence

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

Specifically, we foresee that a record number of disruptive and destructive cyberattacks will be observed next year, affecting both the government sector and key industries. One caveat is that in all likelihood, a proportion of them will not be easily traceable to cyber-incidents and will look like random accidents. The next WannaCry.

Firmware

Firmware Surveillance Mobile Telecommunications

The Hacker Mind Podcast: Beyond MITRE ATT&CK

ForAllSecure

AUGUST 16, 2022

government agencies such as the FAA, the IRS, the Department of the Defense, Department of Homeland Security, Centers for Medicare and Medicaid and NIST. Perhaps more relevant to security, MITRE maintains the Common Vulnerabilities and Exposures (CVE) system and the Common Weakness Enumeration (CWE) project.

InfoSec

InfoSec Firewall Engineering System Administration

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Russian software engineer Eugene Kaspersky’s frustration with the malware of the 80s and 90s led to the founding of antivirus and cybersecurity vendor Kaspersky Lab. Graham Cluley started as a videogame developer and antivirus programmer three decades ago before serving in senior roles at Sophos and McAfee. Denial-of-Suez attack.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

FireEye/SolarWinds/SUNBURST Hack – What You Need to Know

Vipre

DECEMBER 22, 2020

There are also major geopolitical implications as we believe this attack was perpetrated by a major nation state, and it’s clear that the attacker had very specific government targets in their sights. Some of the most secure companies and government agencies operated for months with no idea that attackers were deep inside their networks.

Hacking

Hacking Software Malware Penetration Testing

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware. “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1 “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1

Malware

Malware Government Passwords Advertising

China-linked APT group MirrorFace targets Japan

Security Affairs

JANUARY 10, 2025

Between 2019 and 2024, the MirrorFace group launched three cyber campaigns targeting Japanese think tanks, government, academia, and key industries. Campaign A (20192023): Used emails with malware attachments (LODEINFO) to target politicians, media, and government. Track antivirus detections carefully.

Antivirus

Antivirus Malware System Administration Technology

Cyber Security Informer

How Did Authorities Identify the Alleged Lockbit Boss?

FBI and CISA published a new advisory on AvosLocker ransomware

Trending Sources

Top 8 trusted cybersecurity companies in the world

A Closer Look at the Snatch Data Ransom Group

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Malware Evolves to Present New Threats to Developers

Earning Trust In Public Cloud Services

Vulnerability Management as a Service: Top VMaaS Providers

Advanced threat predictions for 2023

The Hacker Mind Podcast: Beyond MITRE ATT&CK

Top Cybersecurity Accounts to Follow on Twitter

FireEye/SolarWinds/SUNBURST Hack – What You Need to Know

US govt agencies share details of the China-linked espionage malware Taidoor

China-linked APT group MirrorFace targets Japan

Stay Connected