Tag Archives: articles

Where does the cyber security buck stop?

Late last year, Bruce Schneier testified before the U.S. House Energy and Commerce committee asking them to consider imposing security regulations on the Internet of Things (IoT). Schneier argued that neither IoT buyers nor sellers care about a device’s security. Sellers are interested in quickly releasing inexpensive products to market, while buyers only care about getting cool gadgets for cheap. This unhealthy and unsecure IoT market results in incidents like the Mirai botnet, in which … More ?

More here:
Where does the cyber security buck stop?

Attack rates are increasing across the board

Finance and technology are the sectors most resilient to cyber intrusions, new research from Vectra Networks has found. The company released the results of its Post-Intrusion Report, based on data from a sample set of nearly 200 of its enterprise customers. They looked at the prevalence of strategic phases of the attack lifecycle: command-and-control (C&C), reconnaissance, lateral movement, botnet, and exfiltration attacker behaviours across thirteen industries. Over 90 days (January-March 2017), the company monitored 2,145,708 … More ?

Follow this link:
Attack rates are increasing across the board

Bondnet botnet goes after vulnerable Windows servers

A botnet consisting of some 2,000 compromised servers has been mining cryptocurrency for its master for several months now, “earning” him around $1,000 per day. GuardiCore researchers first spotted it in December 2016, and have been mapping it out and following its evolution since then. The’ve dubbed it Bondnet, after the handle its herder uses online (“Bond007.01”). Compromised Windows servers serve different functions Bondnet’s main reason of being is the mining of cryptocurrencies: primarily Monero, … More ?

See more here:
Bondnet botnet goes after vulnerable Windows servers

Malware Hunter: Find C&C servers for botnets

Recorded Future and Shodan released Malware Hunter, a specialized crawler for security researchers that explores the Internet to find computers acting as remote access trojan (RAT) command and control centers. What Malware Hunter does Malware Hunter unearths computers hosting RAT controller software that remotely controls malware-infected computers and instructs them to execute malicious activities such as recording audio, video, and keystrokes on a victim’s machine. Using command and control servers, attackers can launch widescale attacks … More ?

Locky ransomware makes a comeback, courtesy of Necurs botnet

The Necurs botnet has, once again, begun pushing Locky ransomware on unsuspecting victims. The botnet, which flip-flops from sending penny stock pump-and-dump emails to booby-trapped files that lead to malware (usually Locky or Dridex), has been spotted slinging thousand upon thousand of emails in the last three or four days. “Talos has seen in excess of 35K emails in the last several hours associated with this newest wave of Locky,” Cisco Talos researchers noted on … More ?

Continued here:
Locky ransomware makes a comeback, courtesy of Necurs botnet

Alleged Kelihos botmaster indicted

36-year-old Pyotr Levashov was charged on Friday in the US with one count of causing intentional damage to a protected computer, one count of conspiracy, one count of accessing protected computers in furtherance of fraud, one count of wire fraud, one count of threatening to damage a protected computer, two counts of fraud in connection with email and one count of aggravated identity theft. Levashov stands accused of controlling and operating the Kelihos botnet to, … More ?

Read the article:
Alleged Kelihos botmaster indicted

IoT devices under attack: Amnesia hijacks, BrickerBot destroys

Every hour of every day, computer systems and IoT devices are under attack by bots trying to recruit them into growing botnets. Security researchers have recently highlighted two of these threats coming after Linux- and BusyBox-based systems and devices. Amnesia A year after security researcher Rotem Kerner discovered a remote code execution vulnerability that affected digital video recorders (DVRs) manufactured by Chinese company TVT Digital and sold by more than 70 different vendors around the … More ?

See more here:
IoT devices under attack: Amnesia hijacks, BrickerBot destroys

How the Necurs botnet influences the stock market

After a three-months-long partial hiatus, the Necurs botnet is back to flinging spam emails left and right. But unlike before the break, when it was mostly delivering the infamous Locky ransomware or the Dridex banking Trojan, the botnet is now engaged in distributing emails with no malicious attachment or link. According to Cisco Talost researchers, the botnet has been spotted firing off short-lasting but sizeable bursts of penny stock pump-and-dump emails. Necurs botnet’s latest campaign … More ?

Taken from:
How the Necurs botnet influences the stock market

The power of Big Data for security, operations and DDoS protection

DDoS atacks are costly to your reputation and your bottom line. In this podcast recorded at RSA Conference 2017, Avi Freedman, CEO at Kentik, discusses how to recognize attacks quickly and accurately, then shut them down with situation-appropriate mitigation. Here’s a transcript of the podcast for your convenience. I’m Avi Freedman, CEO of a startup called Kentik Technologies, I’m here today, on this podcast, to talk about the power of Big Data for security, operations, … More ?

More:
The power of Big Data for security, operations and DDoS protection

Advanced Windows botnet spreads Mirai malware

Kaspersky Lab experts are analyzing the first Windows-based spreader for the Mirai malware as part of a concerted effort to close down Mirai botnets in the wild. The Windows bot appears to have been created by a developer with more advanced skills than the attackers who unleashed the massive Mirai-powered DDoS attacks in late 2016, a fact that has worrying implications for the future use and targets of Mirai-based attacks. The malware author is likely … More ?