Tag Archives: linux

IoT malware targeting zero-day vulnerabilities

Once it became evident that IoT devices can be relatively easily enslaved in botnets and that even their limited power can be used for a variety of nefarious purposes, it was open season for malicious actors. First, they targeted IoT devices with default or weak passwords, and manufacturers and users began changing them. Then they used known vulnerabilities, and IoT vendor increased their efforts to push out patches. Now, some of the botmasters are making … More ?

More here:
IoT malware targeting zero-day vulnerabilities

UK lotto players quids in: Website knocked offline by DDoS attack

It could be you* The UK National Lottery has apologised for a website outage that left money in their pockets of punters unable to play games on Saturday evening.…

Read the article:
UK lotto players quids in: Website knocked offline by DDoS attack

‘App DDoS bombs’ that slam into expensive APIs worry Netflix

Attackers can look legit while hitting APIs that make the most work for an app Netflix has identified denial of service threat to microservices architectures that it’s labelled “application DDoS”.…

Continued here:
‘App DDoS bombs’ that slam into expensive APIs worry Netflix

Don’t all rush out at once, but there are a million devices ripe to be the next big botnet

As bad as Mirai was, it could have been much worse A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn.…

More:
Don’t all rush out at once, but there are a million devices ripe to be the next big botnet

World’s worst botnet fiends switch from ransomware to stock scam spam

IT LIVES! Cybercriminals behind the Necurs botnet have reactivated the zombie network and returned to their original business of using compromised machines as conduits for spam distribution.…

More here:
World’s worst botnet fiends switch from ransomware to stock scam spam

Dormant Linux kernel vulnerability finally slayed

Just, er, eight years later A recently resolved vulnerability in the Linux kernel that had the potential to allow an attacker to gain privilege escalation or cause denial of service went undiscovered for seven years.…

Originally posted here:
Dormant Linux kernel vulnerability finally slayed

Mirai Linux Trojan corrals IoT devices into DDoS botnets

Mirai, a newly discovered and still poorly detected piece of Linux malware, is being used to rope IoT devices into DDoS botnets. Researchers from MalwareMustDie have recently gotten their hands on several variants of the threat, and have discovered the following things: It comes in the form of an ELF file (typical for executable files in Unix and Unix-like systems) It targets mostly routers, DVR or WebIP cameras, Linux servers, and Internet of Things devices … More ?

Read More:
Mirai Linux Trojan corrals IoT devices into DDoS botnets

Luabot malware used to launch DDoS attacks

A security researcher discovered a Trojan that infects Linux platforms used in distributed denial of service (DDoS) attacks. According to MalwareMustDie, the security researcher responsible for the discovery, the malware is written in the Lua programming language (version 5.3.0). The malware, dubbed Linux/Luabot, targets the Linux operating system, used often in web servers and Internet of Things (IoT) devices. The Trojan issues botnet commands to affected systems, MalwareMustDie wrote in a blog post published on Monday. “There are plenty new ELF malware coming & lurking our network recently & hitting out Linux layer IoT and services badly,” MalwareMustDie wrote in the blog post. The researcher advised security professionals to “watch for unusual hazards for the security of our 24/7 running Linux nodes.” Last week, security firm Sucuri disclosed vulnerabilities in IoT home routers that were exploited to launch an application-level DDoS attack. The Strider cyberespionage group disclosed by Symantec last month also used modules written in Lua. Source: http://www.scmagazine.com/luabot-malware-used-to-launch-ddos-attacks/article/520814/

View article:
Luabot malware used to launch DDoS attacks