2014, DNS, Internet and IoT - Cyber Security Informer

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. Pierluigi Paganini.

IoT

IoT Firmware DNS Advertising

DNS hijacking campaigns target Gmail, Netflix, and PayPal users

Security Affairs

APRIL 6, 2019

Security experts at Bad Packets uncovered a DNS hijacking campaign that is targeting the users of popular online services, including Gmail, Netflix, and PayPal. Hackers compromised consumer routers and modified the DNS settings to redirect users to fake websites designed to trick victims into providing their login credentials.

DNS

DNS Advertising Internet Internet

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). Security IoT devices. If you have an IoT device at home, know there are ways to secure it. If you plan to get an IoT device soon, buy from a well-known brand. Stay safe!

Malware

Malware IoT DDOS DNS

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

M2M protocols can be abused to attack IoT and IIoT systems

Security Affairs

DECEMBER 4, 2018

Security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. attackers abuse M2M protocols to target IoT and IIoT devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Internet Internet Advertising

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. The experts demonstrated the remote management of the Twinkly lights carrying out the DNS rebinding attack technique. Pierluigi Paganini. SecurityAffairs – SDUSD , data breach).

IoT

IoT Hacking DNS Authentication

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. The IoT malware ran only on systems with an x86 architecture. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Architecture Malware

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

Security Affairs

APRIL 24, 2020

The Hoaxcalls IoT botnet expanded the list of targeted devices and has added new distributed denial of service (DDoS) capabilities. The botnet was initially designed to launch DDoS attacks using UDP, DNS and HEX floods. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. score of 9.8 Pierluigi Paganini.

DDOS

DDOS IoT Advertising DNS

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

In early 2019, researchers spotted a new TrickBot backdoor framework dubbed Anchor that was using the anchor_dns tool for abusing the DNS protocol for C2 communications. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Healthcare

Healthcare Ransomware Cybercrime Advertising

TrickBot operators employ Linux variants in attacks after recent takedown

Security Affairs

OCTOBER 28, 2020

Microsoft announced to have taken down 62 of the original 69 TrickBot C&C servers, seven servers that could not be brought down last week were Internet of Things (IoT) devices. At the end of 2019, researchers spotted a new TrickBot backdoor framework dubbed Anchor that was using the DNS protocol for C2 communications.

DNS

DNS Banking Advertising IoT

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Change the default username and passwords for all network devices, especially IoT devices.

DDOS

DDOS IoT Internet Internet

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Security Affairs

OCTOBER 1, 2018

Attackers have already hijacked over 100,000 home routers, the malicious code allows to modify DNS settings to hijack the traffic and redirect users to phishing websites. GhostDNS reminds us of the infamous DNSChanger malware that made the headlines for its ability to change DNS settings on the infected device.

DNS

DNS Malware Firmware Phishing

The Hacker Mind Podcast: Scanning the Internet

ForAllSecure

NOVEMBER 2, 2021

éveillé from ESET joins The Hacker Mind podcast to talk about the challenges of building his own internet scanner to scan for elusive malware. What if you were dialed the entire Internet? But to find that information back in 2014, he had to scan the Internet, the entire internet and that was a very noisy process.

Internet

Internet Internet Malware Authentication

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security Affairs

JULY 30, 2019

It is quite easy to find Wind River VxWorks in IoT devices, including webcam, network appliances, VOIP phones, and printers. Even a device that is reaching outbound to the internet could be attacked and taken over. In this scenario, an attacker inside a network can compromise connected IoT devices powered with VxWorks.

Risk

Risk IoT Firewall DNS

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. In some cases the router is reconfigured to use rogue DNS servers, which redirect victims to phishing pages that closely look like real online banking sites.

DNS

DNS Passwords Advertising Banking

Security Affairs newsletter Round 230

Security Affairs

SEPTEMBER 8, 2019

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers. Some Zyxel devices can be hacked via DNS requests. Creator of multiple IoT botnets, including Satori, pleaded guilty. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Crooks stole €1.5 Pierluigi Paganini.

IoT

IoT Data breaches DNS Advertising

Key Takeaway from the Colonial Pipeline Attack

Cisco Security

MAY 24, 2021

Average fuel prices rose to their highest since 2014 and President Joe Biden declared a state of emergency to allow additional transport of fuel by road to alleviate shortages. Enforce security at the DNS layer. Attacks are controlled via the internet. Filling stations in several states also run out of fuel amid panic buying.

Firewall

Firewall IoT DNS Cyber Attacks

Dozens of Linksys router models leak data useful for hackers

Security Affairs

MAY 18, 2019

The expert used the Binary Edge IoT search engine to find vulnerable devices, earlier this week he discovered 25,617 routers that were leaking a total of 756,565 unique MAC addresses. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless IoT DNS Advertising

Ripple20 flaws in Treck TCP/IP stack potentially expose hundreds of millions of devices to hack

Security Affairs

JUNE 16, 2020

Serious security vulnerabilities in the Treck TCP/IP stack dubbed Ripple20 expose millions of IoT devices worldwide to cyber attacks, researchers warn. A remote attacker could exploit the flaw by sending specially crafted IP packets or DNS requests to the vulnerable devices. ” concludes the report. Pierluigi Paganini.

Hacking

Hacking IoT Advertising DNS

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. Searching with Shodan for internet-exposed Webmin installs, it is possible to find over 233,000 instances, most of them located in the United States, France and Germany. ” reads the analysis. Pierluigi Paganini.

DDOS

DDOS System Administration Advertising DNS

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

Security Affairs

FEBRUARY 23, 2019

A user reported that its D-Link DNS-320 device was infected by malicious code. The D-Link DNS-320 model is no more available for sale, one of the members of the forum explained that the firmware of its NAS was never updated and its device was exposed to WAN through ports 8080, FTP port 21, and a range of ports for port forwarding.

Ransomware

Ransomware DNS Firmware Encryption

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Mashable: Move over Heartbleed and welcome to shell shock, the latest security threat to hit the internet. Vamosi: In the fall of 2014, Shellshock was publicly disclosed. used vulnerabilities in sendmail and the fingerd protocol to construct unintentionally what would become the first internet worm. And it's a doozy program.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Mashable: Move over Heartbleed and welcome to shell shock, the latest security threat to hit the internet. Vamosi: In the fall of 2014, Shellshock was publicly disclosed. used vulnerabilities in sendmail and the fingerd protocol to construct unintentionally what would become the first internet worm. And it's a doozy program.

Software

Software Passwords Internet Internet

The Hacker Mind Podcast: EP 69 Self-Healing Operating Systems

ForAllSecure

APRIL 19, 2023

I first met Dan when he was literally saving the world; okay, at least saving the internet as we know it today by disclosing to the major ISPs in the world a flaw he’d found in the Domain Name System or DNS. Dan found a flaw that could have crippled the internet. CODEN: Very much.

Software

Software Backups Computers and Electronics Technology

Cyber Security Informer

New Ttint IoT botnet exploits two zero-days in Tenda routers

DNS hijacking campaigns target Gmail, Netflix, and PayPal users

Webinars

Trending Sources

Massive increase in XorDDoS Linux malware in last six months

Webinars

M2M protocols can be abused to attack IoT and IIoT systems

Hacking the Twinkly IoT Christmas lights

Chalubo, a new IoT botnet emerges in the threat landscape

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

TrickBot operators employ Linux variants in attacks after recent takedown

FBI warns cyber actors abusing protocols as new DDoS attack vectors

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

The Hacker Mind Podcast: Scanning the Internet

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs newsletter Round 230

Key Takeaway from the Colonial Pipeline Attack

Dozens of Linksys router models leak data useful for hackers

Ripple20 flaws in Treck TCP/IP stack potentially expose hundreds of millions of devices to hack

Roboto, a new P2P botnet targets Linux Webmin servers

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

The Hacker Mind Podcast: EP 69 Self-Healing Operating Systems

Stay Connected