Tag Archives: featured news

Researchers analyze DDoS attacks as coordinated gang activities

In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang. IP Gang attack-type classification against attack volume size Researchers analyzed attack types, volume, size of events, gang activities, and attack rates. By studying the historical behavior of the 80 gangs identified in the report, … More ? The post Researchers analyze DDoS attacks as coordinated gang activities appeared first on Help Net Security .

View the original here:
Researchers analyze DDoS attacks as coordinated gang activities

Hackers who DDoSed African telecom and US hospital get long prison sentences

Two men who launched DDoS attacks against a variety of targets have received substantial prison sentences on Friday. Attacks against Liberian telecom 30-year-old Daniel Kaye (aka “BestBuy”), from Egham, Surrey (UK) has been sentenced to spend 2 years and 8 months in prison for DDoS attacks targeting the Liberian telecommunications provider Lonestar MTN in 2015. According to the UK National Crime Agency (NCA), Kaye first used rented botnets and stressor services to attack Lonestar. He … More ? The post Hackers who DDoSed African telecom and US hospital get long prison sentences appeared first on Help Net Security .

See the original article here:
Hackers who DDoSed African telecom and US hospital get long prison sentences

Cisco fixes serious DoS flaws in its email security appliances

Cisco has plugged a heap of security holes in many of its products, including two vulnerabilities (one critical) that open its email security appliances to denial of service attacks. About the vulnerabilities Both vulnerabilities affect the Cisco AsyncOS Software for Cisco Email Security Appliances, and can be exploited remotely by unauthenticated attackers. CVE-2018-15453 can be exploited by sending a malicious S/MIME-signed email through a targeted device. “If Decryption and Verification or Public Key Harvesting is … More ? The post Cisco fixes serious DoS flaws in its email security appliances appeared first on Help Net Security .

Continue reading here:
Cisco fixes serious DoS flaws in its email security appliances

Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets

Attackers looking to add IoT devices to their botnets are increasingly adding vulnerability exploitation to their attack arsenal, Netscout researchers warn. Instead on just relying on a list of common or default passwords or brute-forcing attacks, they are taking advantage of the fact that IoT devices are rarely updated and manufacturers take a lot of time to push out fixes for known flaws. Currently under exploitation In November 2018, the company detected many exploitation attempts … More ? The post Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets appeared first on Help Net Security .

See the article here:
Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets

November 2018: Most wanted malware exposed

Check Point has published its latest Global Threat Index for November 2018. The index reveals that the Emotet botnet has entered the Index’s top 10 ranking after researchers saw it spread through several campaigns, including a Thanksgiving-themed campaign. This involved sending malspam emails in the guise of Thanksgiving cards, containing email subjects such as happy “Thanksgiving day wishes”, “Thanksgiving wishes” and “the Thanksgiving day congratulation!” These emails contained malicious attachments, often with file names related … More ? The post November 2018: Most wanted malware exposed appeared first on Help Net Security .

Follow this link:
November 2018: Most wanted malware exposed

Old and new OpenSSH backdoors threaten Linux servers

OpenSSH, a suite of networking software that allows secure communications over an unsecured network, is the most common tool for system administrators to manage rented Linux servers. And given that over one-third of public-facing internet servers run Linux, it shouldn’t come as a surprise that threat actors would exploit OpenSSH’s popularity to gain control of them. How severe is the threat? Nearly five years ago, ESET researchers helped to disrupt a 25 thousand-strong botnet of … More ? The post Old and new OpenSSH backdoors threaten Linux servers appeared first on Help Net Security .

View article:
Old and new OpenSSH backdoors threaten Linux servers

Why you shouldn’t be worried about UPnP port masking

Last May, security firm Imperva wrote a blog post discussing a new proof of concept for bypassing DDoS mitigation after discovering reflected network protocols appearing on non-standard network ports. Imperva was able to replicate the same behavior using a technique called UPnP Port Masking, which uses the Universal Plug and Play (UPnP) Protocol to alter the source port of commonly abused network protocols in DDoS attacks. Multiple news outlets picked up on Imperva’s research and … More ? The post Why you shouldn’t be worried about UPnP port masking appeared first on Help Net Security .

View article:
Why you shouldn’t be worried about UPnP port masking

For recent big data software vulnerabilities, botnets and coin mining are just the beginning

The phrase “with great power comes great responsibility” was excellent advice when Ben Parker said it to his nephew Peter, aka Spiderman. It is even more applicable to any organization using open source software to manage their big data analysis. This is especially true since, in 2018, significant vulnerabilities were identified and disclosed for both Hadoop and Spark, allowing unauthenticated remote code execution via their REST APIs. Many enterprises have adopted big data processing components … More ? The post For recent big data software vulnerabilities, botnets and coin mining are just the beginning appeared first on Help Net Security .

View the original here:
For recent big data software vulnerabilities, botnets and coin mining are just the beginning

Serverless botnets could soon become reality

We have been accustomed to think about botnets as a network of compromised machines – personal devices, IoT devices, servers – waiting for their masters’ orders to begin their attack, but Protego researchers say that many compromised machines are definitely not a requirement: botnets can quite as easily be comprised of serverless functions. They created one on the Google Cloud Functions platform as a proof of concept and have calculated that the losses experienced by … More ? The post Serverless botnets could soon become reality appeared first on Help Net Security .

Read the original post:
Serverless botnets could soon become reality

Banking Trojan attacks increase, large scale Ramnit campaign impacts organizations worldwide

Check Point revealed a significant increase in attacks using the Ramnit banking trojan. Ramnit has doubled its global impact over the past few months, driven by a large scale campaign that has been converting victim’s machines into malicious proxy servers. Ramnit “black” botnet geography During August 2018, Ramnit became the most prevalent banking Trojan in an upward trend in the use of banking Trojans that has more than doubled since June 2018. “This is the … More ? The post Banking Trojan attacks increase, large scale Ramnit campaign impacts organizations worldwide appeared first on Help Net Security .

More:
Banking Trojan attacks increase, large scale Ramnit campaign impacts organizations worldwide