Information Security, IT, Passwords and Systems administration

Yandex security team caught admin selling access to users’ inboxes

Security Affairs

FEBRUARY 12, 2021

Russian internet and search company Yandex discloses a data breach, a system administrator was selling access to thousands of user mailboxes. Russian search engine and internet provider Yandex discloses a data breach, the company revealed that one of its system administrators was caught selling access to 4,887 user email accounts.

Access

Access Systems administration Data breaches Security

Researcher compromised the Toyota Supplier Management Network

Security Affairs

FEBRUARY 8, 2023

The security researcher Eaton Zveare has exploited a vulnerability in Toyota’s Global Supplier Preparation Information Management System (GSPIMS) to achieve system admin access to Toyota’s global supplier management network. made it easy to find accounts that had elevated access to the system.

Systems administration

Systems administration Passwords Access Authentication

FBI’s alert warns about using Windows 7 and TeamViewer

Security Affairs

FEBRUARY 14, 2021

The FBI is warning companies about the use of out-of-date Windows 7 systems, desktop sharing software TeamViewer, and weak account passwords. “TeamViewer’s legitimate use, however, makes anomalous activity less suspicious to end users and system administrators compared to typical RATs.” Windows 10).

Passwords

Passwords Systems administration Risk Access

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

The Insider Threat: Strategies to Safeguard Against Malicious Insiders

IT Governance

OCTOBER 16, 2024

Your biggest security threat may be hiding in plain sight: your employees. Without access to confidential information and essential systems, staff can’t perform their roles. Because I’d know how to run an effective social engineering campaign and have access to lots of confidential information. It depends.

Risk

Risk Access Passwords Systems administration

15 Top Cybersecurity Certifications for 2022

eSecurity Planet

JUNE 21, 2022

An IT security certification can provide a key boost for your career, but with so many different certifications available (and so many organizations more than happy to take your money for training and testing), it’s important to make sure that the time and investment are well spent. The Top Cybersecurity Certifications.

Cybersecurity

Cybersecurity Systems administration Information Security Compliance

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

“These shortcomings were emblematic of a culture that evolved over years that too often prioritized creativity and collaboration at the expense of security,” according to the report. A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak.

IT

IT Data breaches Systems administration Security

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. “Looking at network telemetry, we were able to confirm that we saw victims talking back to it on various ports.”

Analytics

Analytics Passwords Systems administration Retail

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager

Security Affairs

MAY 5, 2021

.” reads the security advisory published. According to Tenable, the remote authentication-bypass vulnerability is tied to an issue related to how HPE handles password resets for administrator accounts. The password change is carried out by sending a request to URL /redfish/v1/SessionService/ResetPassword/1.

Authentication

Authentication Passwords Systems administration Cloud

Hacker breaches key Russian ministry in blink of an eye

Security Affairs

MARCH 16, 2022

Spielerkid89, who wished to remain anonymous, did not intend to harm the organization and left its systems intact. VNC is a desktop sharing system – you can use it to remotely access your work computer from home or any other location, or allow technical support staff to do likewise. Original post at [link].

Authentication

Authentication Access Systems administration Military

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

FEBRUARY 20, 2020

Cisco has released security updates to address 17 vulnerabilities affecting its networking and unified communications product lines. Cisco has released security patches to fix 17 vulnerabilities affecting its networking and unified communications product lines. ” reads the advisory published by Cisco.

Systems administration

Systems administration Passwords Communications Access

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

“Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE’s cloud computing service and used it as a launchpad to attack customers, plundering reams of corporate and government secrets for years in what U.S. The list of victims is long and includes tech giants like HPE, IBM, DXC, Fujitsu, and Tata.

Cloud

Cloud IT Systems administration Phishing

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

After identifying a critical Remote Authentication Dial-In User Service (RADIUS) server, the cyber actors gained credentials to access the underlying Structured Query Language (SQL) database [ T1078 ] and utilized SQL commands to dump the credentials [ T1555 ], which contained both cleartext and hashed passwords for user and administrative accounts.”

Authentication

Authentication Passwords Systems administration Access

Your Biggest Security Risk: The Insider Threat

IT Governance

JULY 23, 2024

Their head of information security made a point about how most of their people are working for this charity out of pride. The other problem is that you’re more likely to trust an insider – they’re supposed to have access to confidential systems and information. What is the insider threat, exactly?

Risk

Risk Security Phishing Data breaches

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

FEBRUARY 6, 2019

According to the complaint, over a period of 19 days, hackers were able to infiltrate the Company’s computer systems. They argue that the Company failed to protect its computer systems adequately, take steps to prevent the breach, disclose material facts to consumers, and provide timely and adequate notice, among other things.

Data breaches

Data breaches Computer and Electronics Security Insurance

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

The CISA agency provides recommendations for system administrators and owners to enhance the level of security of their organizations: Maintain up-to-date antivirus signatures and engines. Keep operating system patches up-to-date. If these services are required, use strong passwords or Active Directory authentication.

Healthcare

Healthcare Passwords Government Systems administration

FTC Posts Third Blog in Its “Stick with Security” Series

Hunton Privacy

AUGUST 9, 2017

On August 4, 2017, the FTC published the third blog post in its “Stick with Security” series. As we previously reported , the FTC will publish an entry every Friday for the next few months focusing on each of the 10 principles outlined in its Start with Security Guide for Businesses.

IT

IT Security Systems administration Passwords

Backdoored Webmin versions were available for download for over a year

Security Affairs

AUGUST 19, 2019

Webmin is an open-source web-based interface for system administration for Linux and Unix. The flaw affects the procedure for changing expired passwords, the backdoor could be exploited by a remote attacker to execute malicious commands with root privileges on the machine running vulnerable Webmin.

Passwords

Passwords Systems administration Authentication Security

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

JANUARY 7, 2022

.” Customers can check whether their NAS is exposed online by using the Security Counselor, a built-in security portal for QNAP NAS devices. Administrator of devices exposed to the Internet should: Disable the Port Forwarding function of the router. Follow me on Twitter: @securityaffairs and Facebook.

Security

Security Ransomware Encryption Systems administration

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

” The analysis of the bot revealed that it supports seven functions: reverse shell, self-uninstall, gather process’ network information, gather Bot information, execute system commands, run encrypted files specified in URLs, DDoS attack, etc. ” reads the analysis published by 360 Netlab.

Honeypots

Honeypots Systems administration Passwords IoT

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

They will often describe potential “legitimate” uses for their malware – only to further describe anti-malware evasion properties, silent installation and operation or features such as cryptocurrency mining, password theft or disabling webcam lights.” ” reads the post published by Palo Alto Networks.

Sales

Sales Systems administration Mining Risk

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

Technical details of the Makop ransomware encryption tool have been greatly deepened by the Lifars security team ( link ), so, in this article, I am going to focus on other parts of the Makop gang arsenal leveraged to conduct digital extortions. The crooks currently use it after the initial access phase of their attack chain.

Ransomware

Ransomware Encryption Passwords Systems administration

Threat actors are attempting to exploit recently fixed F5 BIG-IP flaw

Security Affairs

JULY 6, 2020

Researchers Rich Warren from NCC Group told ZDNet that hackers are attempting to exploit the flaw to steal administrator passwords from the hacked devices. System administrators need to upgrade to fixed versions ASAP. Unfortunately, the forecast was right, hackers have started targeting F5 BIG-IP equipment exposed online.

Honeypots

Honeypots Systems administration Passwords Cybersecurity

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. “This one seems to target enterprise systems.” The attack originates from clusters of compromised systems in the Americas, Asia, and Europe. .

IoT

IoT Honeypots Libraries Archiving

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Normally account take overs are due to insecure passwords or recovery options, this is definitely something different. Read more: Top IT Asset Management Tools for Security.

Cybersecurity

Cybersecurity e-Discovery Passwords Information Security

Best beginner cyber security certifications

IT Governance

SEPTEMBER 13, 2021

Are you considering a career in cyber security? CompTIA Security+. The CompTIA Security+ qualification is widely considered to be one of the best introductions to the cyber security industry. The CompTIA Security+ qualification is widely considered to be one of the best introductions to the cyber security industry.

Security

Security Systems administration Honeypots Risk

Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure

Security Affairs

JUNE 2, 2020

Using VMware Cloud Director, cloud providers deliver secure, efficient, and elastic cloud resources to thousands of enterprises and IT teams across the world. Modify the system database to steal foreign virtual machines (VM) assigned to different organizations within Cloud Director. and 10.0.0.2.

Cloud

Cloud Systems administration Passwords Authentication

What Is an Insider Threat? Definition, Types, and Examples

IT Governance

APRIL 25, 2023

A malicious threat can be an employee, contractor or business partner who is liable to leak sensitive information. Preventing this from happening requires a nuanced approach to information security, and it’s one that organisations are increasingly struggling with. Or that it’s a one-time thing, or a victimless crime.

Data breaches

Data breaches Phishing Personal data Access

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines. The CrashedTech Loader The “KiffAppE2.exe” Filename: KiffAppE2.exe

Encryption

Encryption Communications IoT Marketing

Information Management Today

Yandex security team caught admin selling access to users’ inboxes

Researcher compromised the Toyota Supplier Management Network

Webinars

Trending Sources

FBI’s alert warns about using Windows 7 and TeamViewer

Webinars

The Insider Threat: Strategies to Safeguard Against Malicious Insiders

15 Top Cybersecurity Certifications for 2022

CIA elite hacking unit was not able to protect its tools and cyber weapons

Who and What is Behind the Malware Proxy Service SocksEscort?

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager

Hacker breaches key Russian ministry in blink of an eye

Cisco fixes a static default credential issue in Smart Software Manager tool

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

China-linked threat actors have breached telcos and network service providers

Your Biggest Security Risk: The Insider Threat

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

US govt agencies share details of the China-linked espionage malware Taidoor

FTC Posts Third Blog in Its “Stick with Security” Series

Backdoored Webmin versions were available for download for over a year

How to secure QNAP NAS devices? The vendor’s instructions

Roboto, a new P2P botnet targets Linux Webmin servers

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Dissecting the malicious arsenal of the Makop ransomware gang

Threat actors are attempting to exploit recently fixed F5 BIG-IP flaw

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Top Cybersecurity Accounts to Follow on Twitter

Best beginner cyber security certifications

Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure

What Is an Insider Threat? Definition, Types, and Examples

Updates from the MaaS: new threats delivered through NullMixer

Stay Connected