As the criminals behind the WannaCry ransomware are trying to make it work again, security researchers have created tools for decrypting files encrypted by it. DDoS attacks against the killswitch domains Since researcher Marcus Hutchins (aka MalwareTech) registered a (previously non-existent) killswitch domain for the malware and stopped its onslaught, the domain has been under attack by Mirai-powered botnets. Today’s Sinkhole DDoS Attack pic.twitter.com/wxT2YUrdOF — MalwareTech (@MalwareTechBlog) May 18, 2017 That particular domain has been … More ?
Mirai is the name of the worm that has taken control of many IoT devices around the world and used them to mount DDoS attacks, the most high-profile of which was directed against US-based DNS provider Dyn and resulted in many websites and online services being inaccessible for hours on end. Its source code was leaked by the author, which lead to the creation of more botnets, and an increased fear that we’ll soon witness … More ?
Hajime IoT worm infects devices to head off Mirai
Every hour of every day, computer systems and IoT devices are under attack by bots trying to recruit them into growing botnets. Security researchers have recently highlighted two of these threats coming after Linux- and BusyBox-based systems and devices. Amnesia A year after security researcher Rotem Kerner discovered a remote code execution vulnerability that affected digital video recorders (DVRs) manufactured by Chinese company TVT Digital and sold by more than 70 different vendors around the … More ?
A generic wireless camera manufactured by a Chinese company and sold around the world under different names and brands can be easily hijacked and/or roped into a botnet. The flaw that allows this to happen is found in a custom version of GoAhead, a lightweight embedded web server that has been fitted into the devices. This and other vulnerabilities have been found by security researcher Pierre Kim, who tested one of the branded cameras – … More ?
Read this article:
185,000+ vulnerable Wi-Fi cameras just waiting to be hijacked
DDoS atacks are costly to your reputation and your bottom line. In this podcast recorded at RSA Conference 2017, Avi Freedman, CEO at Kentik, discusses how to recognize attacks quickly and accurately, then shut them down with situation-appropriate mitigation. Here’s a transcript of the podcast for your convenience. I’m Avi Freedman, CEO of a startup called Kentik Technologies, I’m here today, on this podcast, to talk about the power of Big Data for security, operations, … More ?
Kaspersky Lab experts are analyzing the first Windows-based spreader for the Mirai malware as part of a concerted effort to close down Mirai botnets in the wild. The Windows bot appears to have been created by a developer with more advanced skills than the attackers who unleashed the massive Mirai-powered DDoS attacks in late 2016, a fact that has worrying implications for the future use and targets of Mirai-based attacks. The malware author is likely … More ?
DDoS attacks increasingly formed blended attacks of four or more vulnerabilities over the course of the fourth quarter of 2016, with an intent to overload targeted monitoring, detection and logging systems, according to Nexusguard. Hybrid attacks were a common attack pattern against financial and government institutions. DDoS botnet activity: Top attacking countries The supersized Mirai attack from Q3 set the stage for Q4 challenges, resulting in a ripple of botnets from connected devices and the … More ?
IoT devices are ideal targets for attackers looking to build DDoS botnets because they have limited or non-existent security features. Some IoT devices utilize hard-coded default passwords. Many devices have unnecessary services running that can be exploited, and others have unprotected management interfaces. Most important for DDoS attackers, IoT devices offer high-speed connections that are always on, which allows for a large, predictable amount of attack traffic volume per compromised device. Monitoring login attempts Looking … More ?
See original article:
Monitoring scanning activities that could lead to IoT compromises
Arbor Networks released its 12th Annual Worldwide Infrastructure Security Report offering direct insights from network and security professionals at global service providers, cloud/hosting and enterprise organizations. The stakes have changed for network and security teams. The threat landscape has been transformed by the emergence of IoT botnets. As IoT devices proliferate across networks, bringing tremendous benefits to businesses and consumers, attackers are able to weaponize them due to inherent security vulnerabilities. The largest DDoS attack … More ?
A recent decrease of Locky ransomware infections has been tied with the lack of activity of the Necurs botnet, which is used to deliver the malware directly to potential victims’ email accounts. In fact, most ransomware – and malware in general – is delivered via spam or spoofed emails, but some malware authors also try to make their creation spread by itself. This is the case with the recently discovered Spora ransomware. Spora (meaning “spore” … More ?
Spora ransomware could become the new Locky