Memcached attacks are going to be this year’s thing Last week, the code repository GitHub was taken off air in a 1.3Tbps denial of service attack. We predicted then that there would be more such attacks and it seems we were right.…
Read this article:
World’s biggest DDoS attack record broken after just five days
Here’s an overview of some of last week’s most interesting news and articles: Automating out of the skill gap sinkhole When thinking about the bigger picture, information security leaders must aim to automate as much of the IR cycle as possible. However, this does not mean automation can replace humans. Microsoft releases Spectre fixes for Windows 10 on Skylake CPUs Microsoft has pushed out a new set of Spectre (variant 2) security updates. For the … More ?
See the article here:
Week in review: Memcached-based reflected DDoS attacks, new issue of (IN)SECURE
Massive memcached-based reflection DDoS attacks with an unprecedented amplification factor have been ongoing for the last few days, by taking advantage of memcached servers exposed to the Internet. What is memcached? Memcached is a distributed memory caching system and is used to speed up dynamic database-driven websites and Internet-facing services by caching data and objects in RAM. It is often deployed in data center, cloud, and IaaS networks. According to both Rapid7 and SANS ISC, … More ?
Read this article:
Surge in memcached-based reflected DDoS attacks is due to misconfigured servers
NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: ZyXEL PK5001Z modems. The DoubleDoor attacks What’s interesting about this particular botnet is that it’s ready to pass an extra layer of security to get to the modem: Juniper Networks’ NetScreen hardware firewall devices. To pull off the attack, it employs exploits for two vulnerabilities: CVE-2015–7755, which … More ?
Visit link:
IoT botnet bypasses firewalls to get to ZyXEL modems
Mining Monero on SCADA networks? Why can’t you kids be normal and just DDoS Updated Infosec bods say they have uncovered what’s thought to be the first case of a major industrial control system network infected with cryptocurrency-mining malware.…
See more here:
Now that’s taking the p… Sewage plant ‘hacked’ to craft crypto-coins
A new Monero-mining bot sprang up a few days ago and, in just a few days, has created a botnet consisting of over 7,000 Android devices, most of which are located in China (39%) and Korea (39%). Spreading capabilities The rise of the botnet has been flagged by researchers with Qihoo 360’s Netlab, who analyzed the mining malware and discovered that it has worm-like spreading capabilities. Once ADB.miner – as they’ve dubbed the threat – … More ?
Read More:
Android devices roped into new Monero-mining botnet
Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch last Tuesday. This discovery also means that the fix they pushed out at the time is incomplete, and administrators now have to update the vulnerable software again. More on CVE-2018-0101 Initially, they thought that the vulnerability (CVE-2018-0101) only affected the webvpn feature of the Cisco Adaptive Security … More ?
View original post here:
Cisco issues new, complete fixes for critical flaw in enterprise security appliances
A new Imperva survey showed a heightened concern for cybersecurity risk related to API use. Specifically, 63 percent of respondents are most worried about DDoS threats, bot attacks, and authentication enforcement for APIs. APIs power the interactive digital experiences users love and are fundamental to an organization’s digital transformation. However, they also provide a window into an application that presents a heightened cybersecurity risk. The survey shows that 69 percent of organizations are exposing APIs … More ?
With a special HNAP exploit just for D-Link kit Security researchers believe the author of the Satori botnet is at it again, this time attacking routers to craft a botnet dubbed “Masuta”.…
View article:
Fresh botnet recruiting routers with weak credentials
The Necurs botnet has been slowly growing since late 2012 and still tops the list of largest spam botnets in the world. Since then, the botnet has occasionally stopped or temporarily minimized the sending out of spam but has returned in full force. How big is the Necurs botnet? It’s difficult to say precisely, but the latest information provided by the Cisco Talos team can give a general idea. The researchers analyzed 32 distinct spam … More ?
See more here:
What has the Necurs botnet been up to?