Security News

Sysadmin and spouse admit to part in 'massive' pirated Avaya licenses scam
2023-09-20 12:17

A sysadmin and his partner pleaded guilty this week to being part of a "Massive" international ring that sold software licenses worth $88 million for "Significantly below the wholesale price." After agreeing to a plea deal, the Pearces must also forfeit at least $4 million as well as gold, silver, collectible coins, cryptocurrency, and a vehicle, and "Make full restitution to their victims," the US Department of Justice said.

S3 Ep135: Sysadmin by day, extortionist by night
2023-05-18 18:48

You know your catchphrase, "We'll keep an eye on that"? Even worse, Doug, it seems that, when they became suspicious of him.

How to celebrate SysAdmin Day!
2022-07-29 18:37

Well, it's much the same with computers, mobile phones and all the other digital devices that we rely on so much, and that we blithely assume will work perfectly tomorrow, on the grounds that they're fine today. Do you try to replace your own drainage pipe / re-render your own ceiling / rebuild the garden wall on your own / cook yourself a crepe / fix your own computer?

Avaya sysadmin indicted for illegally generating, selling VoIP licenses
2022-06-29 18:44

Three defendants who allegedly sold over $88 million worth of software licenses belonging to Avaya Holdings Corporation have been charged in Oklahoma, U.S., facing 14 counts of wire fraud and money laundering. The defendants are accused of stealing software licenses from ADI and selling them to thousands of companies worldwide that used them to unlock features of "Avaya IP Office" telephone systems.

Rush to remote work left sysadmins struggling to keep businesses safe
2022-02-02 05:30

Remotely announced the results of a survey that details the degree to which enterprises have been left vulnerable to disruption in the wake of the rush to remote work by millions of employees during the Covid pandemic. Asked, "What are the biggest challenges you face as a remote IT team in keeping users safe and productive?" almost 33 percent of respondents said, "Keeping users secure, daily." That's because 67.49 percent said they're mired in the minutiae of provisioning services and apps, managing user identities, wrangling employees who have ignored best IT practices, and helping onboard new employees while trying to navigate the biggest and fastest physical workplace shift in decades.

Sysadmins: Why not simply verify there's no backdoor in every program you install, and thus avoid any cyber-drama?
2021-07-31 07:14

Half of publicly reported supply chain attacks were carried out by "Well known APT groups", according to an analysis by EU infosec agency ENISA, which warned such digital assaults need to drive "New protective methods." Juhan Lepassaar, ENISA's exec director, said in a canned statement: "Due to the cascading effect of supply chain attacks, threat actors can cause widespread damage affecting businesses and their customers all at once. With good practices and coordinated actions at EU level, Member States will be able to reach a similar level of capabilities raising the common level of cybersecurity in the EU.".

Sysadmin for FIN7 criminal cracking group gets 10 years in US prison for managing card slurping malware scam
2021-04-19 14:15

The former systems administrator for the FIN7 card-slurping gang has been sentenced to 10 years in a US prison. Fedir Hladyr, 35, pled guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking last year, and on Friday was sentenced for his role in the theft and resale of over than 20 million customer card records from over 6,500 point-of-sale terminals across the US using the malware dubbed Carbanak.

SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence
2021-04-17 02:44

A high-level manager and systems administrator associated with the FIN7 threat actor has been sentenced to 10 years in prison, the U.S. Department of Justice announced Friday. Fedir Hladyr, a 35-year-old Ukrainian national, is said to have played a crucial role in a criminal scheme that compromised tens of millions of debit and credit cards, in addition to aggregating the stolen information, supervising other members of the group, and maintaining the server infrastructure that FIN7 used to attack and control victims' machines.

The Top Free Tools for Sysadmins in 2021
2021-02-25 03:18

Password Auditor does what its namesake implies by scanning all user accounts within your environment to detect leaked passwords. Specops maintains a dictionary of compromised passwords; should any user passwords match, Password Auditor highlights them within the tool.

Yandex suffers data breach after sysadmin sold access to user emails
2021-02-12 16:02

Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes. The investigation revealed that the employee's actions led to the compromise of almost 5,000 Yandex email inboxes.