Tag Archives: test-if-browser

185,000+ vulnerable Wi-Fi cameras just waiting to be hijacked

A generic wireless camera manufactured by a Chinese company and sold around the world under different names and brands can be easily hijacked and/or roped into a botnet. The flaw that allows this to happen is found in a custom version of GoAhead, a lightweight embedded web server that has been fitted into the devices. This and other vulnerabilities have been found by security researcher Pierre Kim, who tested one of the branded cameras – … More ?

Read this article:
185,000+ vulnerable Wi-Fi cameras just waiting to be hijacked

Advanced Windows botnet spreads Mirai malware

Kaspersky Lab experts are analyzing the first Windows-based spreader for the Mirai malware as part of a concerted effort to close down Mirai botnets in the wild. The Windows bot appears to have been created by a developer with more advanced skills than the attackers who unleashed the massive Mirai-powered DDoS attacks in late 2016, a fact that has worrying implications for the future use and targets of Mirai-based attacks. The malware author is likely … More ?

Monitoring scanning activities that could lead to IoT compromises

IoT devices are ideal targets for attackers looking to build DDoS botnets because they have limited or non-existent security features. Some IoT devices utilize hard-coded default passwords. Many devices have unnecessary services running that can be exploited, and others have unprotected management interfaces. Most important for DDoS attackers, IoT devices offer high-speed connections that are always on, which allows for a large, predictable amount of attack traffic volume per compromised device. Monitoring login attempts Looking … More ?

See original article:
Monitoring scanning activities that could lead to IoT compromises

Spora ransomware could become the new Locky

A recent decrease of Locky ransomware infections has been tied with the lack of activity of the Necurs botnet, which is used to deliver the malware directly to potential victims’ email accounts. In fact, most ransomware – and malware in general – is delivered via spam or spoofed emails, but some malware authors also try to make their creation spread by itself. This is the case with the recently discovered Spora ransomware. Spora (meaning “spore” … More ?

Taken from:
Spora ransomware could become the new Locky

How the application landscape is impacting IT organizations

Accelerating cloud adoption is creating increased demand for security application services including WAF, DNSSEC, and DDoS protection, according to F5 Networks. As an increase in application services often requires additional resources, respondents also indicated a shift toward DevOps methodologies to gain operational efficiencies through automation and programmability. This need for scalability replaces speed to market as the prime driver of DevOps adoption. “This past year, not a week went by without some hack or vulnerability … More ?

Original post:
How the application landscape is impacting IT organizations

DDoS attacks via WordPress now come with encryption

Kaspersky Lab experts have noted an emerging trend – a growth in the number of attacks using encryption. Such attacks are highly effective due to the difficulty in identifying them amongst the overall flow of clean requests. Recently, the company encountered yet more evidence of this trend – an attack exploiting vulnerabilities in WordPress via an encrypted channel. WordPress Pingback attacks have been in use since 2014. They fall under the amplification class of attacks, … More ?

Read the original:
DDoS attacks via WordPress now come with encryption

Law enforcement operation targets users of DDoS tools

From 5 to 9 December 2016, Europol and law enforcement authorities from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States carried out a coordinated action targeting users of DDoS tools, leading to 34 arrests and 101 suspects interviewed and cautioned. Europol’s European Cybercrime Centre (EC3) supported the countries in their efforts to identify suspects in the EU and beyond, mainly young adults under the … More ?

See the article here:
Law enforcement operation targets users of DDoS tools

Protecting smart hospitals: A few recommendations

The European Union Agency for Network and Information Security (ENISA) has released a new report to help IT and security officers of healthcare organizations implement IoT devices securely and protect smart hospitals from a variety of threats. We all know that attacks against hospitals are increasing, but according to security experts, ransomware and DDoS attacks are just the start. The report, compiled with the help of infosec officers from several European hospitals and consultants and … More ?

Read the article:
Protecting smart hospitals: A few recommendations

Insufficient security measures still hinder cloud adoption

Security and privacy of data and systems in the cloud remains a top worry for 70% of IT professionals worldwide, up from 63% in 2015, according to a new Cloud Security Survey by Netwrix. The top three cloud security concerns in 2016 are unauthorized access (69%), malware (37%) and denial of service (DoS) attacks (34%). Cloud security concerns (up to 5) Even though cloud service providers make security a top priority, cloud computing is still … More ?

More:
Insufficient security measures still hinder cloud adoption

Apocalypse now: The IoT DDoS threat

One of the things you learn about humanity, if you’re paying attention, is that “gold rushes” bring out the worse in us. When there are no constraints and there is a greed motivator, people will literally trample anyone or anything to get to the goods. Over the ages, literal and financial empires have been forged on this principle, and no matter when or for what particular gain, there has always been serious collateral damage. Despite … More ?

See the article here:
Apocalypse now: The IoT DDoS threat