Tag Archives: security-read

Cisco issues new, complete fixes for critical flaw in enterprise security appliances

Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch last Tuesday. This discovery also means that the fix they pushed out at the time is incomplete, and administrators now have to update the vulnerable software again. More on CVE-2018-0101 Initially, they thought that the vulnerability (CVE-2018-0101) only affected the webvpn feature of the Cisco Adaptive Security … More ?

View original post here:
Cisco issues new, complete fixes for critical flaw in enterprise security appliances

What has the Necurs botnet been up to?

The Necurs botnet has been slowly growing since late 2012 and still tops the list of largest spam botnets in the world. Since then, the botnet has occasionally stopped or temporarily minimized the sending out of spam but has returned in full force. How big is the Necurs botnet? It’s difficult to say precisely, but the latest information provided by the Cisco Talos team can give a general idea. The researchers analyzed 32 distinct spam … More ?

See more here:
What has the Necurs botnet been up to?

PyCryptoMiner ropes Linux machines into Monero-mining botnet

A Linux-based botnet that has been flying under the radar has earned its master at least 158 Monero (currently valued around $63,000). The malware The botnet is based on a crypto-miner written in the Python scripting language, a fact that serves to keep its existence on the down-low. “Unlike a binary malware alternative, a scripting language-based malware is more evasive by nature as it can be easily obfuscated. It is also executed by a legitimate … More ?

Read More:
PyCryptoMiner ropes Linux machines into Monero-mining botnet

Andromeda botnet dismantled in international cyber operation

On 29 November 2017, the Federal Bureau of Investigation (FBI), in close cooperation with the Luneburg Central Criminal Investigation Inspectorate in Germany, Europol’s European Cybercrime Centre (EC3), the Joint Cybercrime Action Task Force (J-CAT), Eurojust and private-sector partners, dismantled one of the longest running malware families in existence called Andromeda (also known as Gamarue). According to Microsoft, Andromeda’s main goal was to distribute other malware families. Andromeda was associated with 80 malware families and, in … More ?

View article:
Andromeda botnet dismantled in international cyber operation

Millions download botnet-building malware from Google Play

Researchers have discovered a new batch of malicious apps on Google Play, some of which have been downloaded and installed on some 2.6 million devices. The apps’ capabilities The apps posed as legitimate offerings that modify the look of the characters in Minecraft: Pocket Edition (PE). In the background, though, they set out to rope the devices into a botnet. Once they were installed on a target device, they would connect to a C&C server, … More ?

See the original post:
Millions download botnet-building malware from Google Play

DDoS attacks: Brands have plenty to lose, even if attacked only once

DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage on brands. Neustar discovered that brands experienced a 27 percent increase in the number of breaches per DDoS attack, despite suffering similar attack levels in the same time period last year. Attackers are getting higher yields from determined attacks Data from the report shows attackers are achieving higher levels of success against brands they only hit once: … More ?

View original post here:
DDoS attacks: Brands have plenty to lose, even if attacked only once

Week in review: Cyber threat hunting, Android DDoS botnet, drone bug bounty

Here’s an overview of some of last week’s most interesting news, podcasts and articles: New, custom ransomware delivered to orgs via extremely targeted emails Ransomware campaigns are usually wide-flung affairs: the attackers send out as many malicious emails as possible and hope to hit a substantial number of targets. But more targeted campaigns are also becoming a trend. Getting a start on cyber threat hunting We live in a world where the adversaries will persist … More ?

View article:
Week in review: Cyber threat hunting, Android DDoS botnet, drone bug bounty

An internet-connected fish tank let hackers into a casino’s network

A high-tech, internet-connected fish tank in a North American casino has been used to exfiltrate data from the company’s network. Smart drawing pads used in an architectural firm were part of a botnet used to mount DDoS attacks against websites around the world owned by entertainment companies, design companies, and government bodies. These are just some of the discoveries made by UK-based cyber defense Darktrace, but serve as perfect examples of how lax security when … More ?

Follow this link:
An internet-connected fish tank let hackers into a casino’s network

Stealthy DDoS attacks distract from more destructive security threats

The greatest DDoS risk for organisations is the barrage of short, low volume attacks which mask more serious network intrusions. Despite several headline-dominating, high-volume DDoS attacks over the past year, the vast majority (98%) of the DDoS attack attempts against Corero customers during Q1 2017 were less than 10 Gbps per second in volume. In addition, almost three quarters (71%) of the attacks mitigated by Corero lasted 10 minutes or less. Due to their small … More ?

Link:
Stealthy DDoS attacks distract from more destructive security threats

There’s now a WannaCry decryptor tool for most Windows versions

As the criminals behind the WannaCry ransomware are trying to make it work again, security researchers have created tools for decrypting files encrypted by it. DDoS attacks against the killswitch domains Since researcher Marcus Hutchins (aka MalwareTech) registered a (previously non-existent) killswitch domain for the malware and stopped its onslaught, the domain has been under attack by Mirai-powered botnets. Today’s Sinkhole DDoS Attack pic.twitter.com/wxT2YUrdOF — MalwareTech (@MalwareTechBlog) May 18, 2017 That particular domain has been … More ?

See more here:
There’s now a WannaCry decryptor tool for most Windows versions