Cybercrime, Information Security and System Administration

FIN7 cybercrime gang creates fake cybersecurity firm to recruit pentesters for ransomware attacks

Security Affairs

OCTOBER 22, 2021

FIN7 is a Russian criminal group that has been active since mid-2015, it focuses on restaurants, gambling, and hospitality industries in the US to harvest financial information that was used in attacks or sold in cybercrime marketplaces. SecurityAffairs – hacking, cyber security). ” concludes the report.

Cybercrime

Cybercrime Ransomware Cybersecurity Backups

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

.” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer.

Advertising

Advertising Cybercrime System Administration Hacking

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they make it difficult to trace malicious traffic to its original source. SocksEscort began in 2009 as “ super-socks[.]com com , segate[.]org

Malware

Malware VPN Internet Internet

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7 , aka Carbanak. ” concludes DoJ.

System Administration

System Administration Penetration Testing Malware Hacking

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data.

Banking

Banking Telecommunications System Administration Hacking

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

AvosLocker affiliates use legitimate software and open-source remote system administration tools to compromise the victims’ networks. This joint CSA updates the advisory published by the US Government on March 17, 2022.

Ransomware

Ransomware System Administration Antivirus Malware

StealthWorker botnet targets Synology NAS devices to drop ransomware

Security Affairs

AUGUST 9, 2021

The Taiwanese company urges its customers to enable multi-factor authentication where available, enable auto block and account protection, and to use string administrative credentials, . System administrators that have noticed suspicious activity on their devices should report it to Synology technical support.

Ransomware

Ransomware System Administration Malware Authentication

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Security Affairs

OCTOBER 3, 2023

Our investigation revealed that this remote endpoint is associated with criminal activities dating back to 2019, indicating that these hosts were likely under the control of the same technical administration. This hostname connection is particularly heterogeneous, but it technically makes sense.

Scams

Scams Ransomware System Administration Malware

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

A new cryptocurrency stealer dubbed WeSteal is available on the cybercrime underground, unlike other commodity cryptocurrency stealers, its author doesn’t masquerade its purpose and promises “the leading way to make money in 2021.”. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

New iLOBleed Rootkit, the first time ever that malware targets iLO firmware

Security Affairs

DECEMBER 30, 2021

One of the most outstanding capabilities of iLOBleed is the manipulation of the iLO firmware upgrade routine, when the system administrator tries to upgrade the iLO firmware, the malware simulates the version change while preventing the upgrade routine. . ” continues the report.

Firmware

Firmware Malware System Administration Technology

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

OCTOBER 21, 2021

Skorodumov was one of the organization’s lead systems administrators, he configured and managed the clients’ domains and IP addresses, provided technical assistance to help clients optimize their malware and botnets.

System Administration

System Administration Malware Accountability Marketing

LockBit ransomware group claims to have hacked Bridgestone Americas

Security Affairs

MARCH 13, 2022

“Bridgestone Americas are currently investigating a potential information security incident. All we do is provide paid training to system administrators around the world on how to properly set up a corporate network. We are only interested in money for our harmless and useful work.

Hacking

Hacking Ransomware Manufacturing Cyber Attacks

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

For over a decade, Maksim Yakubets and Igor Turashev led one of the most sophisticated transnational cybercrime syndicates in the world,” said U.S. Then the criminals moved the money to other accounts or withdraw the funds and transport the funds overseas as smuggled bulk cash. . Attorney Brady.

Banking

Banking Malware Accountability Cybercrime

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The City experts believe that the group specifically targeted a prioritized list of servers using legitimate Microsoft system administrative tools. Early on the morning of Wednesday, May 03, 2023, the group started executing the ransomware on the City of Dallas.

Ransomware

Ransomware Surveillance Healthcare Accountability

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

Security Affairs

APRIL 26, 2021

“The lengthy delay for the cleanup routine to activate may be explained by the need to give system administrators time for forensics analysis and checking for other infections.” ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. concludes MalwareBytes.

Malware

Malware Banking System Administration Hacking

BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer

Security Affairs

MAY 21, 2023

Unfortunately, as system administrators seek ways to control access to these platforms, users may seek out alternative ways to gain access.” In this case, the visitors were downloading Midjourney-x64.msix, msix, which is a Windows Application Package also signed by ASHANA GLOBAL LTD. ” concludes the report.

System Administration

System Administration Advertising Malware Hacking

University of Phoenix Recognized With 2021 Academic Circle of Excellence Award by EC-Council, World’s Largest Cybersecurity Certification Body

CyberSecurity Insiders

DECEMBER 17, 2021

In an era seeing more cybercrime focused on businesses , cybersecurity knowledge and education is only becoming more critical. In addition to providing educational preparation for EC-Council certifications, the University’s College of Business and Information Technology offers students access to faculty that possess an average of 30.2

Cybersecurity

Cybersecurity Education Technology System Administration

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

The tool is basically a search engine for local and network shared files inside a Windows environment: unlike the default Windows search, it is designed to locate files and folders by filename instantly, speeding up system information discovery. Its name is YDArk and it is an open-source tool available even on GitHub ( link ).

Ransomware

Ransomware Software System Administration Encryption

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines.

Malware

Malware Social Engineering Encryption Marketing

How to Get Started in Cybersecurity: Steps, Skills & Resources

eSecurity Planet

JULY 30, 2024

A few highlights include analysts, engineering roles in networking, IT system administration, pentesting, and leadership roles. An information security analyst could expect to earn between $90,000 and $240,000, considering prior work experience and the location of the role.

Cybersecurity

Cybersecurity System Administration Engineering Firewall

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Brian Krebs | @briankrebs.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Cyber Security Informer

FIN7 cybercrime gang creates fake cybersecurity firm to recruit pentesters for ransomware attacks

Meet the Administrators of the RSOCKS Proxy Botnet

Trending Sources

Who and What is Behind the Malware Proxy Service SocksEscort?

A member of the FIN7 group was sentenced to 10 years in prison

Caketap, a new Unix rootkit used to siphon ATM banking data

FBI and CISA published a new advisory on AvosLocker ransomware

StealthWorker botnet targets Synology NAS devices to drop ransomware

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

WeSteal, a shameless commodity cryptocurrency stealer available for sale

New iLOBleed Rootkit, the first time ever that malware targets iLO firmware

Administrators of bulletproof hosting sentenced to prison in the US

LockBit ransomware group claims to have hacked Bridgestone Americas

US authorities charged Dridex gang members for stealing over $100 Million

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer

University of Phoenix Recognized With 2021 Academic Circle of Excellence Award by EC-Council, World’s Largest Cybersecurity Certification Body

Dissecting the malicious arsenal of the Makop ransomware gang

Updates from the MaaS: new threats delivered through NullMixer

How to Get Started in Cybersecurity: Steps, Skills & Resources

Top Cybersecurity Accounts to Follow on Twitter

Stay Connected