Tag Archives: newsletters

VPNFilter malware compromises over 500,000 networking devices around the world

Cisco Talos researchers have flagged a huge botnet of small and home office routers and NAS devices, capable of collecting communications and data and launching cyber attacks. About the VPNFilter malware The malware that makes it all possible has been dubbed VPNFilter. It’s persistent, modular, and delivered in several stages. The stage 1 malware’s main task is to persist through reboots and to discover the IP address of the current stage 2 deployment server. The … More ? The post VPNFilter malware compromises over 500,000 networking devices around the world appeared first on Help Net Security .

Visit link:
VPNFilter malware compromises over 500,000 networking devices around the world

Hacking for fun and profit: How one researcher is making IoT device makers take security seriously

We should all be so lucky to enjoy our work as much as Ken Munro does. Generally attracted by research that “looks fun” and particularly interested in probing the security of technologies that have yet to be comprehensively investigated by security researchers, for the past few years Munro has been poking and probing consumer Internet of Things devices, and doing things such as denial of service attacks on Wi-Fi-enabled kettles, or showing that you can … More ? The post Hacking for fun and profit: How one researcher is making IoT device makers take security seriously appeared first on Help Net Security .

Week in review: New Cybersecurity Framework, Android patching issues, RSA Conference 2018

Here’s an overview of some of last week’s most interesting news and articles: RSA Conference 2018 coverage Check out what you missed at the infosec event of the year. Real-time detection of consumer IoT devices participating in DDoS attacks Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do someting about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of … More ? The post Week in review: New Cybersecurity Framework, Android patching issues, RSA Conference 2018 appeared first on Help Net Security .

View article:
Week in review: New Cybersecurity Framework, Android patching issues, RSA Conference 2018

Malware leverages web injects to empty users’ cryptocurrency accounts

Criminals trying to get their hands on victims’ cryptocurrency stashes are trying out various approaches. The latest one includes equipping malware with Man-in-the-Browser capabilities so they can hijack online accounts and perform fraudulent transactions on the fly. Injecting malicious scripts into target sites Since the beginning of the year, SecurityScorecard researchers have observed two botnets – powered by the Zeus Panda and Ramnit malware families – that are after Coinbase.com accounts and Blockchain.info wallets. The … More ? The post Malware leverages web injects to empty users’ cryptocurrency accounts appeared first on Help Net Security .

Original post:
Malware leverages web injects to empty users’ cryptocurrency accounts

Week in review: Memcached-based reflected DDoS attacks, new issue of (IN)SECURE

Here’s an overview of some of last week’s most interesting news and articles: Automating out of the skill gap sinkhole When thinking about the bigger picture, information security leaders must aim to automate as much of the IR cycle as possible. However, this does not mean automation can replace humans. Microsoft releases Spectre fixes for Windows 10 on Skylake CPUs Microsoft has pushed out a new set of Spectre (variant 2) security updates. For the … More ?

See the article here:
Week in review: Memcached-based reflected DDoS attacks, new issue of (IN)SECURE

Surge in memcached-based reflected DDoS attacks is due to misconfigured servers

Massive memcached-based reflection DDoS attacks with an unprecedented amplification factor have been ongoing for the last few days, by taking advantage of memcached servers exposed to the Internet. What is memcached? Memcached is a distributed memory caching system and is used to speed up dynamic database-driven websites and Internet-facing services by caching data and objects in RAM. It is often deployed in data center, cloud, and IaaS networks. According to both Rapid7 and SANS ISC, … More ?

Read this article:
Surge in memcached-based reflected DDoS attacks is due to misconfigured servers

IoT botnet bypasses firewalls to get to ZyXEL modems

NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: ZyXEL PK5001Z modems. The DoubleDoor attacks What’s interesting about this particular botnet is that it’s ready to pass an extra layer of security to get to the modem: Juniper Networks’ NetScreen hardware firewall devices. To pull off the attack, it employs exploits for two vulnerabilities: CVE-2015–7755, which … More ?

Visit link:
IoT botnet bypasses firewalls to get to ZyXEL modems

Cisco issues new, complete fixes for critical flaw in enterprise security appliances

Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch last Tuesday. This discovery also means that the fix they pushed out at the time is incomplete, and administrators now have to update the vulnerable software again. More on CVE-2018-0101 Initially, they thought that the vulnerability (CVE-2018-0101) only affected the webvpn feature of the Cisco Adaptive Security … More ?

View original post here:
Cisco issues new, complete fixes for critical flaw in enterprise security appliances