Tag Archives: events

IoT botnet bypasses firewalls to get to ZyXEL modems

NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: ZyXEL PK5001Z modems. The DoubleDoor attacks What’s interesting about this particular botnet is that it’s ready to pass an extra layer of security to get to the modem: Juniper Networks’ NetScreen hardware firewall devices. To pull off the attack, it employs exploits for two vulnerabilities: CVE-2015–7755, which … More ?

Visit link:
IoT botnet bypasses firewalls to get to ZyXEL modems

Cisco issues new, complete fixes for critical flaw in enterprise security appliances

Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch last Tuesday. This discovery also means that the fix they pushed out at the time is incomplete, and administrators now have to update the vulnerable software again. More on CVE-2018-0101 Initially, they thought that the vulnerability (CVE-2018-0101) only affected the webvpn feature of the Cisco Adaptive Security … More ?

View original post here:
Cisco issues new, complete fixes for critical flaw in enterprise security appliances

What has the Necurs botnet been up to?

The Necurs botnet has been slowly growing since late 2012 and still tops the list of largest spam botnets in the world. Since then, the botnet has occasionally stopped or temporarily minimized the sending out of spam but has returned in full force. How big is the Necurs botnet? It’s difficult to say precisely, but the latest information provided by the Cisco Talos team can give a general idea. The researchers analyzed 32 distinct spam … More ?

See more here:
What has the Necurs botnet been up to?

Sad-sack Anon calling himself ‘Mr Cunnilingus’ online is busted for DDoSing ex-bosses

Electronics tutor’s taunts come back to haunt him An electronics technician pleaded guilty on Wednesday to orchestrating distributed denial of service (DDoS) attacks on a former employer and other organizations – and to unlawfully possessing a firearm as a former felon.…

Link:
Sad-sack Anon calling himself ‘Mr Cunnilingus’ online is busted for DDoSing ex-bosses

Satori variant hacks into mining rigs, steals ETH by replacing wallet address

Qihoo 360 Netlab researchers warn about a new variant of the Satori malware that apparently goes after ether (ETH) mining rigs. The malware The malware, dubbed Satori.Coin.Robber, started to reestablish the Satori botnet sinkholed last December, but also hacks into Windows-based mining hosts running the popular Claymore Miner software. Older versions of the Claymore Miner provide a remote monitoring and management interface on port 3333, which by default allow remote reading for mining status, the … More ?

Read More:
Satori variant hacks into mining rigs, steals ETH by replacing wallet address

IoT malware targeting zero-day vulnerabilities

Once it became evident that IoT devices can be relatively easily enslaved in botnets and that even their limited power can be used for a variety of nefarious purposes, it was open season for malicious actors. First, they targeted IoT devices with default or weak passwords, and manufacturers and users began changing them. Then they used known vulnerabilities, and IoT vendor increased their efforts to push out patches. Now, some of the botmasters are making … More ?

More here:
IoT malware targeting zero-day vulnerabilities

2017 Forrester Wave: DDoS Mitigation Solutions report

In their 36-criteria evaluation of DDoS mitigation providers, Forrester identified 11 of the most significant ones — Akamai Technologies, Arbor Networks, Cloudflare, F5 Networks, Fortinet, Huawei Technologies, Imperva, Neustar, Nexusguard, Radware, and Verisign — and researched, analyzed, and scored them. The Forrester Wave: DDoS Mitigation Solutions, Q4 2017 report features information designed to help you: Gain critical insights into the growing DDoS mitigation solution market Identify the ideal DDoS mitigation solution for your company’s needs … More ?

Read the original:
2017 Forrester Wave: DDoS Mitigation Solutions report

OK, OK, MIRA-I DID IT: Botnet-building compsci kid comes clean

Jha rule-breaker and pals confess IoT gadget hack crimes, now facing the slammer A former New Jersey college student has copped to helping create and run the massive Mirai DDoS botnet.…

More here:
OK, OK, MIRA-I DID IT: Botnet-building compsci kid comes clean

Will IoT botnets catapult the industry toward security regulation in 2018?

Attackers demonstrated the power of an IoT-fueled botnet in 2016 when the Mirai botnet took down major websites like Reddit, Twitter and GitHub. Despite the damages, no significant changes to the IoT industry occurred. As a matter of fact, consumers continue to purchase and deploy IoT devices with little care outside the guarantee that the device works and the price tag is cheap. Manufacturers continue to pump out new IoT devices at a rapid pace, … More ?

Read more here:
Will IoT botnets catapult the industry toward security regulation in 2018?