Monthly Archives: August 2023

The power of passive OS fingerprinting for accurate IoT device identification

The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased the attack surface. Each interconnected device can potentially create new avenues for cyberattacks and security breaches. The Mirai botnet demonstrated just that, by using thousands of vulnerable IoT devices to launch massive DDoS attacks on critical internet infrastructure and popular websites. To effectively safeguard against the risks … More ? The post The power of passive OS fingerprinting for accurate IoT device identification appeared first on Help Net Security .

Originally posted here:
The power of passive OS fingerprinting for accurate IoT device identification

The removal of Qakbot from infected computers is just the first step

The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by specially crafted FBI software. Arranging a widespread Qakbot removal The Qakbot administrators use a system of tiered servers (Tier 1, Tier 2, and Tier 3) to control the Qakbot malware installed on infected computers. “Tier 1 servers are computers infected with Qakbot that have an additional software ‘supernode’ module installed … More ? The post The removal of Qakbot from infected computers is just the first step appeared first on Help Net Security .

See the original post:
The removal of Qakbot from infected computers is just the first step

FBI-led Operation Duck Hunt shoots down Qakbot

Totally plucked: Agents remotely roasted Windows botnet malware on victims’ machines Uncle Sam today said an international law enforcement effort dismantled Qakbot, aka QBot, a notorious botnet and malware loader responsible for losses totaling hundreds of millions of dollars worldwide, and seized more than $8.6 million in illicit cryptocurrency.…

Follow this link:
FBI-led Operation Duck Hunt shoots down Qakbot

Qakbot botnet disrupted, malware removed from 700,000+ victim computers

The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world. “To disrupt the botnet, the FBI was able to redirect Qakbot botnet traffic to and through servers controlled by the FBI, which in turn instructed infected computers in the United States and elsewhere to download a file created by … More ? The post Qakbot botnet disrupted, malware removed from 700,000+ victim computers appeared first on Help Net Security .

See original article:
Qakbot botnet disrupted, malware removed from 700,000+ victim computers

Tor turns to proof-of-work puzzles to defend onion network from DDoS attacks

No miners were involved in this story Tor, which stands for The Onion Router, weathered a massive distributed denial-of-service (DDoS) storm from June last year through to May.…

Read the original:
Tor turns to proof-of-work puzzles to defend onion network from DDoS attacks

Bogus OfficeNote app delivers XLoader macOS malware

A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample have appeared on VirusTotal throughout July, indicating that the malware has been widely distributed in the wild,” SentinelOne researchers said. The new XLoader macOS malware variant XLoader is a malware-as-a-service infostealer and botnet that has been active since 2015, but first appeared as a macOS variant in 2021, written in Java. “The … More ? The post Bogus OfficeNote app delivers XLoader macOS malware appeared first on Help Net Security .

Link:
Bogus OfficeNote app delivers XLoader macOS malware

Macs are getting compromised to act as proxy exit nodes

AdLoad, well-known malware that has been targeting systems running macOS for over half a decade, has been observed delivering a new payload that – unbeknown to the owners – enlisted their systems into a residential proxy botnet. According to AT&T Alien Labs threat intelligence researchers, who analyzed over 150 samples of the malware they found in the wild, many devices are infected. “Alien Labs has identified over 10,000 IPs reaching out to the proxy servers … More ? The post Macs are getting compromised to act as proxy exit nodes appeared first on Help Net Security .

Follow this link:
Macs are getting compromised to act as proxy exit nodes

How to accelerate and access DDoS protection services using GRE

As we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks, according to Gcore. The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attacks, while SYN flood accounted for 24%. In third place was TCP flood. The most-attacked business sectors are gaming, telecom, and finance. The longest attack duration in Q2/Q3 was seven days, 16 hours, and 22 minutes. … More ? The post How to accelerate and access DDoS protection services using GRE appeared first on Help Net Security .

Read More:
How to accelerate and access DDoS protection services using GRE

Old-school hacktivism is back because it never went away

Mysterious Team Bangladesh has carried out 846 attacks since June 2022, mostly DDoS Hacktivism may have dropped off of organization radars over the past few years, but it is now very visibly coming from what is believed to be Bangladesh, thanks to a group tracked by cybersecurity firm Group-IB.…

Read the article:
Old-school hacktivism is back because it never went away

67% of data breaches start with a single click

Technology is accelerating faster than it ever has before, giving IT and security teams more tools to fend off cybersecurity attacks from an increasingly diverse slate of bad actors, according to Comcast Business. Cybercriminals employ sophisticated tactics However, the tactics cybercriminals are using to access systems are also growing more sophisticated by the day. Access to armies of botnets and sprawling lists of customer data are just a few clicks away on the dark web. … More ? The post 67% of data breaches start with a single click appeared first on Help Net Security .

See the original post:
67% of data breaches start with a single click