Tag Archives: don’t miss

There’s now a WannaCry decryptor tool for most Windows versions

As the criminals behind the WannaCry ransomware are trying to make it work again, security researchers have created tools for decrypting files encrypted by it. DDoS attacks against the killswitch domains Since researcher Marcus Hutchins (aka MalwareTech) registered a (previously non-existent) killswitch domain for the malware and stopped its onslaught, the domain has been under attack by Mirai-powered botnets. Today’s Sinkhole DDoS Attack pic.twitter.com/wxT2YUrdOF — MalwareTech (@MalwareTechBlog) May 18, 2017 That particular domain has been … More ?

See more here:
There’s now a WannaCry decryptor tool for most Windows versions

Bondnet botnet goes after vulnerable Windows servers

A botnet consisting of some 2,000 compromised servers has been mining cryptocurrency for its master for several months now, “earning” him around $1,000 per day. GuardiCore researchers first spotted it in December 2016, and have been mapping it out and following its evolution since then. The’ve dubbed it Bondnet, after the handle its herder uses online (“Bond007.01”). Compromised Windows servers serve different functions Bondnet’s main reason of being is the mining of cryptocurrencies: primarily Monero, … More ?

See more here:
Bondnet botnet goes after vulnerable Windows servers

DDoS attacks: $100,000 per hour is at risk during peak revenue generation periods

Neustar and Harris Interactive conducted global, independent research of 1,010 directors, managers, CISOs, CSOs, CTOs, and other c-suite executives to find out how DDoS attacks affect their organizations and what measures are in place to counter these threats. The respondents span many industries, including technology, financial services, retail, healthcare and energy. “DDoS attacks are the zeitgeist of today’s Internet,” said Barrett Lyon, pioneer of the DDoS defense industry and Head of Research and Development at … More ?

Continue Reading:
DDoS attacks: $100,000 per hour is at risk during peak revenue generation periods

How to securely deploy medical devices within a healthcare facility

The risks insecure medical devices pose to patient safety are no longer just theoretical, and compromised electronic health records may haunt patients forever. A surgical robot, pacemaker, or other life critical device being rendered non-functional would give a whole new, and wholly undesirable, meaning to denial of service. Malware like MEDJACK has been used to infect medical devices and use them as staging grounds to attack medical records systems. IoT ransomware is on the rise … More ?

Continue reading here:
How to securely deploy medical devices within a healthcare facility

CLDAP reflection attacks generate up to 24 Gbps of traffic

Akamai researchers Jose Arteaga and Wilber Majia have identified a new Connection-less Lightweight Directory Access Protocol (CLDAP) reflection and amplification method. CLDAP query packet Akamai’s Security Intelligence Response Team (SIRT) has observed this attack vector producing DDoS attacks consistently exceeding 1 Gbps, comparable to DNS reflection attacks. CLDAP Unlike other reflection-based vectors, where compromised hosts may number in the millions, the observed CLDAP amplification factor has been able to produce significant attack bandwidth with significantly … More ?

More:
CLDAP reflection attacks generate up to 24 Gbps of traffic

20,000-bots-strong Sathurbot botnet grows by compromising WordPress sites

A 20,000-bots-strong botnet is probing WordPress sites, trying to compromise them and spread a backdoor downloader Trojan called Sathurbot as far and as wide as possible. Sathurbot: A versatile threat “Sathurbot can update itself and download and start other executables. We have seen variations of Boaxxe, Kovter and Fleercivet, but that is not necessarily an exhaustive list,” the researchers noted. Sathurbot is also a web crawler, and searches for domain names that can be probed … More ?

Original post:
20,000-bots-strong Sathurbot botnet grows by compromising WordPress sites

Advanced Windows botnet spreads Mirai malware

Kaspersky Lab experts are analyzing the first Windows-based spreader for the Mirai malware as part of a concerted effort to close down Mirai botnets in the wild. The Windows bot appears to have been created by a developer with more advanced skills than the attackers who unleashed the massive Mirai-powered DDoS attacks in late 2016, a fact that has worrying implications for the future use and targets of Mirai-based attacks. The malware author is likely … More ?

Read More:
Advanced Windows botnet spreads Mirai malware

Review: DNS Security

About the authors Allan Liska is a Consulting Systems Engineer at FireEye, and Geoffrey Stowe is an Engineering Lead at Palantir Technologies. Inside DNS Security: Defending the Domain Name System DNS security is a topic that rarely comes up, and when it does, it’s usually after an attack or breach disruptive enough to merit a mention in the news. Last year’s DDoS attack against US-based DNS provider Dyn was one of those, but it isn’t … More ?

Originally posted here:
Review: DNS Security

Innovation and exploitation fuel DDoS attack landscape

Arbor Networks released its 12th Annual Worldwide Infrastructure Security Report offering direct insights from network and security professionals at global service providers, cloud/hosting and enterprise organizations. The stakes have changed for network and security teams. The threat landscape has been transformed by the emergence of IoT botnets. As IoT devices proliferate across networks, bringing tremendous benefits to businesses and consumers, attackers are able to weaponize them due to inherent security vulnerabilities. The largest DDoS attack … More ?

Read More:
Innovation and exploitation fuel DDoS attack landscape

How the application landscape is impacting IT organizations

Accelerating cloud adoption is creating increased demand for security application services including WAF, DNSSEC, and DDoS protection, according to F5 Networks. As an increase in application services often requires additional resources, respondents also indicated a shift toward DevOps methodologies to gain operational efficiencies through automation and programmability. This need for scalability replaces speed to market as the prime driver of DevOps adoption. “This past year, not a week went by without some hack or vulnerability … More ?

Original post:
How the application landscape is impacting IT organizations