NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: ZyXEL PK5001Z modems. The DoubleDoor attacks What’s interesting about this particular botnet is that it’s ready to pass an extra layer of security to get to the modem: Juniper Networks’ NetScreen hardware firewall devices. To pull off the attack, it employs exploits for two vulnerabilities: CVE-2015–7755, which … More ?
Mining Monero on SCADA networks? Why can’t you kids be normal and just DDoS Updated Infosec bods say they have uncovered what’s thought to be the first case of a major industrial control system network infected with cryptocurrency-mining malware.…
A new Monero-mining bot sprang up a few days ago and, in just a few days, has created a botnet consisting of over 7,000 Android devices, most of which are located in China (39%) and Korea (39%). Spreading capabilities The rise of the botnet has been flagged by researchers with Qihoo 360’s Netlab, who analyzed the mining malware and discovered that it has worm-like spreading capabilities. Once ADB.miner – as they’ve dubbed the threat – … More ?
Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch last Tuesday. This discovery also means that the fix they pushed out at the time is incomplete, and administrators now have to update the vulnerable software again. More on CVE-2018-0101 Initially, they thought that the vulnerability (CVE-2018-0101) only affected the webvpn feature of the Cisco Adaptive Security … More ?
View original post here:
Cisco issues new, complete fixes for critical flaw in enterprise security appliances
A new Imperva survey showed a heightened concern for cybersecurity risk related to API use. Specifically, 63 percent of respondents are most worried about DDoS threats, bot attacks, and authentication enforcement for APIs. APIs power the interactive digital experiences users love and are fundamental to an organization’s digital transformation. However, they also provide a window into an application that presents a heightened cybersecurity risk. The survey shows that 69 percent of organizations are exposing APIs … More ?
With a special HNAP exploit just for D-Link kit Security researchers believe the author of the Satori botnet is at it again, this time attacking routers to craft a botnet dubbed “Masuta”.…
Fresh botnet recruiting routers with weak credentials
The Necurs botnet has been slowly growing since late 2012 and still tops the list of largest spam botnets in the world. Since then, the botnet has occasionally stopped or temporarily minimized the sending out of spam but has returned in full force. How big is the Necurs botnet? It’s difficult to say precisely, but the latest information provided by the Cisco Talos team can give a general idea. The researchers analyzed 32 distinct spam … More ?
See more here:
What has the Necurs botnet been up to?
Electronics tutor’s taunts come back to haunt him An electronics technician pleaded guilty on Wednesday to orchestrating distributed denial of service (DDoS) attacks on a former employer and other organizations – and to unlawfully possessing a firearm as a former felon.…
Qihoo 360 Netlab researchers warn about a new variant of the Satori malware that apparently goes after ether (ETH) mining rigs. The malware The malware, dubbed Satori.Coin.Robber, started to reestablish the Satori botnet sinkholed last December, but also hacks into Windows-based mining hosts running the popular Claymore Miner software. Older versions of the Claymore Miner provide a remote monitoring and management interface on port 3333, which by default allow remote reading for mining status, the … More ?
Researchers: Code designed to hit Linux devices A new variant of the notorious Mirai malware is exploiting kit with ARC processors.…
New Mirai botnet species ‘Okiru’ hunts for ARC-based kit