Internet and System Administration - Cyber Security Informer

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Krebs on Security

MARCH 11, 2025

The final zero-day this month is CVE-2025-26633 , a weakness in the Microsoft Management Console , a component of Windows that gives system administrators a way to configure and monitor the system. The SANS Internet Storm Center has a useful list of all the Microsoft patches released today, indexed by severity.

System Administration

System Administration Engineering Internet Internet

DDoS Mitigation Firm Founder Admits to DDoS

Krebs on Security

JANUARY 20, 2020

DDoS attacks involve flooding a target Web site with so much junk Internet traffic that it can no longer accommodate legitimate visitors.

DDOS

DDOS Internet Internet System Administration

SolarWinds Detected Six Months Earlier

Schneier on Security

MAY 3, 2023

The software, used by system administrators to manage and configure networks, was communicating externally with an unfamiliar system on the internet. The DOJ asked the security firm Mandiant to help determine whether the server had been hacked.

System Administration

System Administration Software Engineering Internet

Patch Tuesday, October 2024 Edition

Krebs on Security

OCTOBER 8, 2024

One of the zero-day flaws — CVE-2024-43573 — stems from a security weakness in MSHTML , the proprietary engine of Microsoft’s Internet Explorer web browser. Cemerikic noted that while Internet Explorer is being retired on many platforms, its underlying MSHTML technology remains active and vulnerable.

Engineering

Engineering Internet Internet System Administration

Cyber Threat warning issued to all internet connected UPS devices

CyberSecurity Insiders

APRIL 1, 2022

However, in some countries like UK, certain UPS device making companies are offering them connected to the internet. Therefore, system administrators are being advised to put the connected UPS devices behind a virtual private network (VPN) and use them with a multifactor authentication in place.

Cyber threats

Cyber threats Internet Internet Energy and Utilities

It’s official, today you can say goodbye to Internet Explorer. Or can you?

Malwarebytes

JUNE 15, 2022

Today, the Internet Explorer (IE) 11 desktop application goes out of support and will be retired for certain versions of Windows 10. Microsoft’s Internet Explorer 1.0 With Windows 10, Edge became the default Microsoft browser, but Internet Explorer could still be found in the Windows Accessories folder. Not so much.

Internet

Internet Internet IoT System Administration

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

NOVEMBER 8, 2021

If it sounds unlikely that a normal Internet user could make millions of dollars unmasking the identities of REvil gang members, take heart and consider that the two men indicted as part this law enforcement action do not appear to have done much to separate their cybercriminal identities from their real-life selves.

Ransomware

Ransomware Cybercrime System Administration Passwords

Log4J: What You Need to Know

Adam Levin

DECEMBER 17, 2021

Here’s a quick breakdown of what it means for internet users. Log4J is an open-source software tool used to log activity on internet-based services and software. The ease of use and utility of Log4J has made it ubiquitous on servers and enterprise networks across the internet. What can the average internet user do?

Internet

Internet Internet System Administration Software

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

JUNE 10, 2022

At the outset of their federal criminal trial for hijacking vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct (now Amobee ) have pleaded guilty to lesser misdemeanor charges of fraud and misrepresentation via email.

Government

Government Marketing Internet Internet

Microsoft Patch Tuesday, June 2023 Edition

Krebs on Security

JUNE 13, 2023

today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. For a closer look at the patches released by Microsoft today and indexed by severity and other metrics, check out the always-useful Patch Tuesday roundup from the SANS Internet Storm Center. Microsoft Corp.

Social Engineering

Social Engineering System Administration Authentication Internet

Yandex suffers data breach after sysadmin sold access to user emails

Bleeping Computer

FEBRUARY 12, 2021

Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes. [.].

Data breaches

Data breaches System Administration Internet Internet

Yandex security team caught admin selling access to users’ inboxes

Security Affairs

FEBRUARY 12, 2021

Russian internet and search company Yandex discloses a data breach, a system administrator was selling access to thousands of user mailboxes. The employee was one of three system administrators with the necessary access rights to provide technical support for the service.

System Administration

System Administration Data breaches Accountability Passwords

‘Wormable’ Flaw Leads July Microsoft Patches

Krebs on Security

JULY 14, 2020

” CVE-2020-1350 is just the latest worry for enterprise system administrators in charge of patching dangerous bugs in widely-used software. The Windows Server isn’t the only nasty one addressed this month that malware or malcontents can use to break into systems without any help from users.

DNS

DNS Backups Software System Administration

Story of the Year: global IT outages and supply chain attacks

SecureList

DECEMBER 9, 2024

was used by tens of millions of websites approximately 4% of all sites on the internet which highlights the severity of the incident, whose full impact is yet to be determined. It is a critical tool in various fields, including system administration, development, and cybersecurity. Why does it matter?

Internet

Internet Internet Risk Social Engineering

Black Hat Fireside Chat: Token’s wearable MFA solution combines PKI, biometrics — in a ring

The Last Watchdog

AUGUST 5, 2024

. “We looked at the important security advancements and asked how we could build upon them,” Gunn explains, adding that initial interest is coming from companies that will try them out on system administrators and senior execs. Will the Token ring be an incremental step – or might it be a great leap forward?

System Administration

System Administration Passwords Encryption Internet

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer. The “about me” section of DenisKloster.com says the 35-year-old was born in Omsk, that he got his first computer at age 12, and graduated from high school at 16.

Advertising

Advertising Cybercrime System Administration Hacking

Black Hat insights: Getting bombarded by multiple ransomware attacks has become commonplace

The Last Watchdog

AUGUST 15, 2022

Major vulnerabilities left unpatched, as well as weakly configured system administration tools are sure to get discovered and manipulated, not just once, but many times over. Configure system administrative tools more wisely. At this point, there’s little mystery about what companies need to do.

Ransomware

Ransomware System Administration Cyber Attacks Hacking

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. md , and that they were a systems administrator for sscompany[.]net. SocksEscort[.]com

Malware

Malware VPN Internet Internet

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

Krebs on Security

JUNE 9, 2020

City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin.

Ransomware

Ransomware System Administration Backups Technology

Microsoft Patch Tuesday, February 2022 Edition

Krebs on Security

FEBRUARY 8, 2022

One important item to note this week is that Microsoft announced it will start blocking Internet macros by default in Office. As Andrew Cunningham writes for Ars Technica , under the new regime when files that use macros are downloaded from the Internet, those macros will now be disabled entirely by default.

Authentication

Authentication Internet Internet System Administration

Lousy IoT Security

Schneier on Security

DECEMBER 19, 2019

Arbitrary code execution: unauthenticated root shell access through Android Debug Bridge (ADB) leads to arbitrary code execution and system administration (CVE-2019-16273). These are stupid design decisions made by engineers who had no idea how to create a secure system.

IoT

IoT Wireless System Administration Encryption

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

The Last Watchdog

MARCH 29, 2022

In the early days of the Internet, coders created new programs for the sake of writing good code, then made it available for anyone to use and extend, license free. However, once the commercial Internet took hold, developers began leveraging open-source components far and wide in proprietary systems. Firewalls predate SIEMs.

Firewall

Firewall Internet Internet Digital transformation

MY TAKE: Black Hat USA 2024’s big takeaway – GenAI factors into the quest for digital resiliency

The Last Watchdog

AUGUST 12, 2024

For starters the ring is aimed at system administrators and senior executives, but could eventually go mainstream. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. For a full drill down, give a listen to my LW Fireside Chat podcast discussion with Gunn.

Software

Software Technology Mobile Cybersecurity

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

For instance, major vulnerability was discovered lurking in the GNU C Library, or GLIBC, an open source component that runs deep inside of Linux operating systems used widely in enterprise settings. GLIBC keeps common code in one place, thus making it easier for multiple programs to connect to the company network and to the Internet.

Hacking

Hacking Energy and Utilities System Administration Accountability

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

NEROWOLFE A search on the ICQ number 669316 at Intel 471 shows that in April 2011, a user by the name NeroWolfe joined the Russian cybercrime forum Zloy using the email address d.horoshev@gmail.com , and from an Internet address in Voronezh, RU. 2011 said he was a system administrator and C++ coder. “P.S. .

Ransomware

Ransomware Cybercrime Accountability Malware

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

Security Affairs

MARCH 11, 2020

Microsoft’s Patch Tuesday updates for March 2020 address 115 vulnerabilities, 26 issues affecting Windows, Word, Dynamics Business Central, Edge, and Internet Explorer have been rated as critical severity. Microsoft’s Patch Tuesday updates for March 2020 address 115 vulnerabilities, 26 issues have been rated as critical severity.

System Administration

System Administration Advertising Internet Internet

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

“The command requires Windows system administrators,” Truniger’s ads explained. Semen-7907 registered at Tunngle from the Internet address 31.192.175[.]63 “Experience in backup, increase privileges, mikicatz, network. Details after contacting on jabber: truniger@xmpp[.]jp.”

Ransomware

Ransomware Accountability Cybercrime Backups

CyberSecurity Expert Joseph Steinberg To Speak At Endpoint Security Conference

Joseph Steinberg

SEPTEMBER 14, 2021

The panel will also cover advice as to how to obtain better visibility into endpoints – including the files and apps that such endpoints host – without undermining the fragile balance between maintaining security and ensuring worker productivity and privacy.

Cybersecurity

Cybersecurity Artificial Intelligence System Administration Internet

Top 8 trusted cybersecurity companies in the world

CyberSecurity Insiders

APRIL 10, 2022

As soon as the government of the United States announced a ban on Russian security software provided by Kaspersky, all the system administrators working across the world searched for the most trusted cybersecurity software companies in the world.

Cybersecurity

Cybersecurity Antivirus System Administration Threat Detection

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

JANUARY 7, 2022

. “Ransomware and brute-force attacks have been widely targeting all networking devices, and the most vulnerable victims will be those devices exposed to the Internet without any protection. “Check whether your NAS is exposed to the Internet.” ” states the security advisory published by the company.

Ransomware

Ransomware Internet Internet Encryption

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Security Affairs

OCTOBER 17, 2018

The exploitation of this vulnerability could cause major problems on the Internet. million servers running RPCBIND on the Internet. “We then decided to open a server with port 111 exposed on the Internet, with the same characteristics as those who were attacking us and we were monitoring that server for weeks.

DDOS

DDOS Internet Internet Advertising

Tricky Phish Angles for Persistence, Not Passwords

Krebs on Security

JANUARY 7, 2020

com — is different from the one I saw in late December, but it was hosted at the same Internet address as officesuited[.]com According to Phishlabs, the app that generates this request was created using information apparently stolen from a legitimate organization. The domain hosting the malicious app pictured above — officemtr[.]com

Phishing

Phishing Passwords Accountability Authentication

Yomi Hunter Catches the CurveBall

Security Affairs

JANUARY 21, 2020

Many system administrators and companies were rushing to update internet exposed machines, like web servers or gateways, worried about possible remote code execution, reviving the EternalBlue /WannaCry crisis in their mind. . The Malware Threat behind CurveBall.

Malware

Malware Advertising System Administration Risk

MY TAKE: Why monetizing data lakes will require applying ‘attribute-based’ access rules to encryption

The Last Watchdog

JUNE 2, 2021

PKI is the authentication and encryption framework on which the Internet is built. It works by issuing digital certificates to verify the authenticity of the servers ingesting the data trickling in from our smartphones, Internet of Things sensors and the like. I’ll keep watch, and keep reporting.

Encryption

Encryption Artificial Intelligence IoT Data collection

StealthWorker botnet targets Synology NAS devices to drop ransomware

Security Affairs

AUGUST 9, 2021

The Taiwanese company urges its customers to enable multi-factor authentication where available, enable auto block and account protection, and to use string administrative credentials, . System administrators that have noticed suspicious activity on their devices should report it to Synology technical support.

Ransomware

Ransomware System Administration Malware Authentication

Hacker breaches key Russian ministry in blink of an eye

Security Affairs

MARCH 16, 2022

No wonder Russia has been preparing to cut itself off from the global internet, hoping to move key government institutions to a sovereign Runet – a pan-Russian web limited to the Federation – to make them less prone to cyber attacks. Ideally, VNC should be used only with authenticated users, such as system administrators.

Authentication

Authentication Cyber Attacks System Administration Internet

Microsoft provides more mitigation instructions for the PetitPotam attack

Malwarebytes

JULY 29, 2021

The attack could force remote Windows systems to reveal password hashes that could then be easily cracked. Microsoft quickly sent out an advisory for system administrators to stop using the now deprecated Windows NT LAN Manager (NTLM) to thwart an attack. PetitPotam. ” New mitigation details.

Authentication

Authentication Passwords Encryption System Administration

NEW TECH: ‘Micro-segmentation’ security vendor Guardicore seeks to disrupt firewall market

The Last Watchdog

MARCH 30, 2020

Here are the key takeaways: Micro-managing workloads Companies today are immersed in digital transformation; they’re migrating to cloud-based business systems, going all in on mobile services and embracing Internet of Things systems whole hog. It gives system administrators a way to secure each microsegment, separately.

Firewall

Firewall Marketing Digital transformation Cloud Migration

Yandex Email Admin Sold His Inbox Access and Compromised Almost 5,000 Accounts

Hot for Security

FEBRUARY 16, 2021

Yandex is an Internet company that provides users with a suite of products like Internet browsers for all major platforms, a search engine, an ad platform and an email service. The employee was one of three system administrators with the necessary access rights to provide technical support for the service.”

Accountability

Accountability Data breaches System Administration Internet

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Cashdollar explained that threat actors started scanning the Internet for Intel systems that would accept files over SSH port 22 to maximize their efforts. Summarizing, crooks extended the list of targets passing from Arm and MIPS-powered devices to Intel systems. . ” Cashdollar concludes.

IoT

IoT Cryptocurrency Malware Advertising

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

. “ our research has uncovered new vulnerabilities, which we collectively dubbed USBAnywhere , in the baseboard management controllers (BMCs) of Supermicro servers, which can allow an attacker to easily connect to a server and virtually mount any USB device of their choosing to the server, remotely over any network including the Internet.”

Hacking

Hacking Firmware Media Authentication

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

The CISA agency provides recommendations for system administrators and owners to enhance the level of security of their organizations: Maintain up-to-date antivirus signatures and engines. Keep operating system patches up-to-date. Scan all software downloaded from the Internet prior to executing.

Malware

Malware Government Passwords Advertising

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Security Affairs

MARCH 10, 2020

“They exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.” ” reads the post published by Microsoft.

Ransomware

Ransomware Cybercrime Social Engineering Banking

Technology’s contributions toward safety in healthcare

CyberSecurity Insiders

JANUARY 5, 2022

Innovations from 5G networks to Internet of Things (IoT) devices are transforming how we connect and assemble data networks, in turn enabling new medical solutions. These innovations power information systems, a market expected to reach $39.7 billion in value by 2025. For instance, the Michael J.

Healthcare

Healthcare Artificial Intelligence Computers and Electronics Technology

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

DDoS Mitigation Firm Founder Admits to DDoS

Trending Sources

SolarWinds Detected Six Months Earlier

Patch Tuesday, October 2024 Edition

Cyber Threat warning issued to all internet connected UPS devices

It’s official, today you can say goodbye to Internet Explorer. Or can you?

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Log4J: What You Need to Know

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Microsoft Patch Tuesday, June 2023 Edition

Yandex suffers data breach after sysadmin sold access to user emails

Yandex security team caught admin selling access to users’ inboxes

‘Wormable’ Flaw Leads July Microsoft Patches

Story of the Year: global IT outages and supply chain attacks

Black Hat Fireside Chat: Token’s wearable MFA solution combines PKI, biometrics — in a ring

Meet the Administrators of the RSOCKS Proxy Botnet

Black Hat insights: Getting bombarded by multiple ransomware attacks has become commonplace

Who and What is Behind the Malware Proxy Service SocksEscort?

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

Microsoft Patch Tuesday, February 2022 Edition

Lousy IoT Security

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

MY TAKE: Black Hat USA 2024’s big takeaway – GenAI factors into the quest for digital resiliency

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

How Did Authorities Identify the Alleged Lockbit Boss?

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

A Closer Look at the Snatch Data Ransom Group

CyberSecurity Expert Joseph Steinberg To Speak At Endpoint Security Conference

Top 8 trusted cybersecurity companies in the world

How to secure QNAP NAS devices? The vendor’s instructions

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Tricky Phish Angles for Persistence, Not Passwords

Yomi Hunter Catches the CurveBall

MY TAKE: Why monetizing data lakes will require applying ‘attribute-based’ access rules to encryption

StealthWorker botnet targets Synology NAS devices to drop ransomware

Hacker breaches key Russian ministry in blink of an eye

Microsoft provides more mitigation instructions for the PetitPotam attack

NEW TECH: ‘Micro-segmentation’ security vendor Guardicore seeks to disrupt firewall market

Yandex Email Admin Sold His Inbox Access and Compromised Almost 5,000 Accounts

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

USBAnywhere BMC flaws expose Supermicro servers to hack

US govt agencies share details of the China-linked espionage malware Taidoor

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Technology’s contributions toward safety in healthcare

Stay Connected