Tag Archives: features

Attackers continue to enhance their performance, apply smart business techniques

During the second half of 2018, attackers bulked up existing tactics, rapidly evolvied new performance enhancements, and applied smart business techniques to vastly accelerate attack growth rate, according to the latest Threat Landscape Report by Netscout. IoT’s countdown to attack Constant targets of DDoS malware, IoT devices come under attack within five minutes of being plugged in and targeted by specific exploits within 24 hours. IoT security is minimal to nonexistent on many devices, making … More ? The post Attackers continue to enhance their performance, apply smart business techniques appeared first on Help Net Security .

Original post:
Attackers continue to enhance their performance, apply smart business techniques

Modern browser APIs can be abused for hijacking device resources

Powerful capabilities of modern browser APIs could be misused by attackers to take control of a site visitor’s browser, add it to their botnet, and use it for a variety of malicious actions, researchers from the Foundation for Research and Technology – Hellas and Stony Brook University are warning. To prove their point, they’ve created MarioNet, a prototype framework that allows them to do just that. The hijacked resources could be used for unwanted and … More ? The post Modern browser APIs can be abused for hijacking device resources appeared first on Help Net Security .

Continued here:
Modern browser APIs can be abused for hijacking device resources

Week in review: Man in the Cloud attacks, Google GDPR fine, business resilience

Here’s an overview of some of last week’s most interesting news and articles: Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution A vulnerability in the firmware of a Wi-Fi chipset that is widely used in laptops, streaming, gaming and a variety of “smart” devices can be exploited to compromise them without user interaction. Researchers analyze DDoS attacks as coordinated gang activities In a new report, NSFOCUS introduced the IP Chain-Gang concept, … More ? The post Week in review: Man in the Cloud attacks, Google GDPR fine, business resilience appeared first on Help Net Security .

Read More:
Week in review: Man in the Cloud attacks, Google GDPR fine, business resilience

Vulnerable cloud infrastructure experiencing increasing attacks

Attackers are increasingly targeting vulnerable cloud infrastructure to exploit it for covert cryptojacking or to deliver ransomware, Securonix researchers warn. Some attacks are fairly trivial, but others are multi-vector/multi-platform threats where multiple functionalities are combined as part of the same malicious threat (e.g., XBash, which combines cryptomining, ransomware and botnet/worm activity). The way in The attacks are automated and probe the infrastructure and cloud services for vulnerabilities and/or weak or default login credentials. Among the … More ? The post Vulnerable cloud infrastructure experiencing increasing attacks appeared first on Help Net Security .

Visit site:
Vulnerable cloud infrastructure experiencing increasing attacks

Researchers analyze DDoS attacks as coordinated gang activities

In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang. IP Gang attack-type classification against attack volume size Researchers analyzed attack types, volume, size of events, gang activities, and attack rates. By studying the historical behavior of the 80 gangs identified in the report, … More ? The post Researchers analyze DDoS attacks as coordinated gang activities appeared first on Help Net Security .

View the original here:
Researchers analyze DDoS attacks as coordinated gang activities

Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets

Attackers looking to add IoT devices to their botnets are increasingly adding vulnerability exploitation to their attack arsenal, Netscout researchers warn. Instead on just relying on a list of common or default passwords or brute-forcing attacks, they are taking advantage of the fact that IoT devices are rarely updated and manufacturers take a lot of time to push out fixes for known flaws. Currently under exploitation In November 2018, the company detected many exploitation attempts … More ? The post Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets appeared first on Help Net Security .

See the article here:
Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets

Why you shouldn’t be worried about UPnP port masking

Last May, security firm Imperva wrote a blog post discussing a new proof of concept for bypassing DDoS mitigation after discovering reflected network protocols appearing on non-standard network ports. Imperva was able to replicate the same behavior using a technique called UPnP Port Masking, which uses the Universal Plug and Play (UPnP) Protocol to alter the source port of commonly abused network protocols in DDoS attacks. Multiple news outlets picked up on Imperva’s research and … More ? The post Why you shouldn’t be worried about UPnP port masking appeared first on Help Net Security .

View article:
Why you shouldn’t be worried about UPnP port masking

“Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack

Cisco Talos researchers have flagged four serious vulnerabilities in TP-Link’s SafeStream Gigabit Broadband VPN Router (TL-R600VPN). All four affect the device’s HTTP server, and can lead to denial of service, information disclosure, and remote code execution. About the vulnerabilities The flaws affect TP-Link TL-R600VPN, hardware versions 2 and 3. Numbered CVE-2018-3948 and CVE-2018-3949, respectively, the flaws that can be exploited for DoS and information disclosure can be triggered via an unauthenticated web request and a … More ? The post “Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack appeared first on Help Net Security .

Read More:
“Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack

Cequence Security announces application security platform to stop bot attacks

Cequence Security released Cequence ASP, an application security platform that provides a scalable defense against the growing number of bot attacks affecting today’s hyper-connected organizations. These financially-motivated attacks target externally-facing web and mobile apps, as well as API services that provide connections to other applications across their digital ecosystem. Attack objectives can include account takeover, content scraping, distributed denial of service, and much more. “From a bad actor’s perspective, geo-distributed bot attacks are relatively easy … More ? The post Cequence Security announces application security platform to stop bot attacks appeared first on Help Net Security .

View article:
Cequence Security announces application security platform to stop bot attacks

NTT Security adds botnet infrastructure detection to Managed Security Services

NTT Security has developed a new network analytics technology to detect and defend NTT Group’s Managed Security Services (MSS) customers from attacks launched on botnet infrastructures. The new network flow data analysis uses machine learning and scalable streaming analytics – developed in partnership with NTT Group companies – and pulls data from NTT’s global network infrastructure, which provides visibility into the world’s internet traffic. The enhancement will enable NTT Security to find attacks on customers’ … More ? The post NTT Security adds botnet infrastructure detection to Managed Security Services appeared first on Help Net Security .

Read More:
NTT Security adds botnet infrastructure detection to Managed Security Services