Tag Archives: whitepapers

DNS amplification attacks double in Q1 2018

DNS amplification types of DDoS attacks doubled in the first quarter of 2018 over last quarter, and spiked nearly 700 percent year-over-year, according to Nexusguard. Nexusguard’s scanning and attack Memcached honeypot Nexusguard’s Q1 2018 Threat Report, which analyzes thousands of global cyber attacks, reported that 55 of the attacks were due to exploited Memcached servers. The vulnerable servers pose a significant new risk if not properly configured, similar to exposed servers enabled by DNSSEC, a … More ? The post DNS amplification attacks double in Q1 2018 appeared first on Help Net Security .

Read the original post:
DNS amplification attacks double in Q1 2018

Protecting consumers from mobile and IoT threats

A new report by Allot Communications revealed a dynamic and automated threat landscape in which consumers lack the security expertise to effectively protect themselves. Mobile and Internet of Things continue to be primary attack vectors, contributing to a spike in cryptojacking, adware, and DDoS attacks. The Telco Security Trends Report is based on anonymous data gathered from four communications service providers (CSPs) across Europe and Israel, who between them, protect seven million customers. It found … More ? The post Protecting consumers from mobile and IoT threats appeared first on Help Net Security .

Read More:
Protecting consumers from mobile and IoT threats

How Mirai spawned the current IoT malware landscape

When, in late 2016, US-based DNS provider Dyn suffered a massive DDoS attack that it resulted in the temporary unavailability of many popular online services, the name of the Mirai malware became instantly known outside the cybersecurity industry. Since then, we’ve come to know the identities of the author of the malware and the botmasters who used it to mount that and other attacks. But, even before the attack against Dyn, they released the malware’s … More ? The post How Mirai spawned the current IoT malware landscape appeared first on Help Net Security .

View article:
How Mirai spawned the current IoT malware landscape

Hacking for fun and profit: How one researcher is making IoT device makers take security seriously

We should all be so lucky to enjoy our work as much as Ken Munro does. Generally attracted by research that “looks fun” and particularly interested in probing the security of technologies that have yet to be comprehensively investigated by security researchers, for the past few years Munro has been poking and probing consumer Internet of Things devices, and doing things such as denial of service attacks on Wi-Fi-enabled kettles, or showing that you can … More ? The post Hacking for fun and profit: How one researcher is making IoT device makers take security seriously appeared first on Help Net Security .

Read More:
Hacking for fun and profit: How one researcher is making IoT device makers take security seriously

Week in review: New Cybersecurity Framework, Android patching issues, RSA Conference 2018

Here’s an overview of some of last week’s most interesting news and articles: RSA Conference 2018 coverage Check out what you missed at the infosec event of the year. Real-time detection of consumer IoT devices participating in DDoS attacks Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do someting about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of … More ? The post Week in review: New Cybersecurity Framework, Android patching issues, RSA Conference 2018 appeared first on Help Net Security .

View article:
Week in review: New Cybersecurity Framework, Android patching issues, RSA Conference 2018

Week in review: Memcached-based reflected DDoS attacks, new issue of (IN)SECURE

Here’s an overview of some of last week’s most interesting news and articles: Automating out of the skill gap sinkhole When thinking about the bigger picture, information security leaders must aim to automate as much of the IR cycle as possible. However, this does not mean automation can replace humans. Microsoft releases Spectre fixes for Windows 10 on Skylake CPUs Microsoft has pushed out a new set of Spectre (variant 2) security updates. For the … More ?

See the article here:
Week in review: Memcached-based reflected DDoS attacks, new issue of (IN)SECURE

IoT botnet bypasses firewalls to get to ZyXEL modems

NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: ZyXEL PK5001Z modems. The DoubleDoor attacks What’s interesting about this particular botnet is that it’s ready to pass an extra layer of security to get to the modem: Juniper Networks’ NetScreen hardware firewall devices. To pull off the attack, it employs exploits for two vulnerabilities: CVE-2015–7755, which … More ?

Visit link:
IoT botnet bypasses firewalls to get to ZyXEL modems

Android devices roped into new Monero-mining botnet

A new Monero-mining bot sprang up a few days ago and, in just a few days, has created a botnet consisting of over 7,000 Android devices, most of which are located in China (39%) and Korea (39%). Spreading capabilities The rise of the botnet has been flagged by researchers with Qihoo 360’s Netlab, who analyzed the mining malware and discovered that it has worm-like spreading capabilities. Once ADB.miner – as they’ve dubbed the threat – … More ?

Read More:
Android devices roped into new Monero-mining botnet

Brit behind Titanium Stresser DDoS malware sent to chokey

20-year-old Herts man slapped with two years’ stripey suntan time A Hertfordshire man has been jailed for two years after netting nearly £400,000 from the malware he wrote as a 15-year-old student.…

See more here:
Brit behind Titanium Stresser DDoS malware sent to chokey