2014, Architecture and Internet - Cyber Security Informer

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

The second architectural flaw is related subscriber credentials that are checked on S-GW (SGSN) equipment by default. phone number) of a real subscriber and impersonate him to access the Internet. “On all tested networks, it was possible to use mobile Internet at the expense of both other subscribers and the operator.”

Mobile

Mobile Internet Internet Advertising

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Security Affairs

APRIL 27, 2020

“The system calls on companies and entities in the energy and water sectors to immediately exchange passwords from the Internet to the control systems, reduce Internet connectivity and ensure that the most up-to-date version of controllers is installed.” .” reads the alert issued by the Israeli government.

Energy and Utilities

Energy and Utilities Government Cyber Attacks Architecture

Experts spotted a new Mirai variant that targets new processors

Security Affairs

APRIL 10, 2019

Palo Alto Networks researchers discovered a new variant of the Mirai malware that is targeting more processor architectures than previous ones. Mirai botnet continues to be one of the most dangerous malware in the threat landscape, experts at Palo Alto Networks discovered a new variant that targets more processor architectures than before.

Architecture

Architecture DDOS IoT Internet

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Experts noticed that the malware supports multiple CPU architectures, including x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III) and PPC, it is written in the Go open-source programming language. The malware is able to wipe content from home routers, Internet of Things (IoT) smart devices, and Linux servers. ” concludes the post.

Architecture

Architecture IoT Malware Advertising

US Government is asking allies to ban Huawei equipment

Security Affairs

NOVEMBER 24, 2018

US Government is inviting its allies to exclude Huawei equipment from critical infrastructure and 5G architectures, reports the Wall Street Journal. The Wall Street Journal reported that the US Government is urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Pierluigi Paganini.

Government

Government Architecture Advertising Internet

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

In November 2018, the Wall Street Journal reported that the US Government was urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Manufacturing

Manufacturing Advertising Surveillance Architecture

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). The only simple (yet effective) tactic it uses is to brute force its way to gain root access to various Linux architectures. MMD believed the Linux Trojan originated in China.

Malware

Malware IoT DDOS DNS

FreeRTOS flaws expose millions of IoT devices to cyber attacks

Security Affairs

OCTOBER 22, 2018

Researchers found that one of the most popular Internet of Things real-time operating system, FreeRTOS, is affected by serious vulnerabilities. Researchers at Zimperium’s zLabs team have found that one of the most popular Internet of Things real-time operating system, FreeRTOS , is affected by serious vulnerabilities. CVE-2018-16601.

IoT

IoT Cyber Attacks Internet Internet

Czech cyber-security agency warns over Huawei, ZTE security threat

Security Affairs

DECEMBER 18, 2018

In November 2018, the Wall Street Journal reported that the US Government was urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures. The Chinese firm was already excluded by several countries from building their 5G internet networks. Pierluigi Paganini.

Manufacturing

Manufacturing Advertising Internet Internet

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

. “Our analysis of this particular sample indicates the file executes on microprocessor without interlocked pipelined stages (MIPS) architecture. This is an extension understood by machines running reduced instruction set computer (RISC) architecture, which is prevalent on many IoT devices.” ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Security Affairs

DECEMBER 17, 2018

In November 2018, the Wall Street Journal reported that the US Government is urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures. Huawei was already excluded by several countries from building their 5G internet networks. Pierluigi Paganini. SecurityAffairs –BSI, Huawei).

Technology

Technology Internet Internet Advertising

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. Then the script downloads the actual Enemybot binary which is compiled for the target device’s architecture.

DDOS

DDOS Architecture Malware Cybercrime

Torii botnet, probably the most sophisticated IoT botnet of ever

Security Affairs

SEPTEMBER 29, 2018

According to experts from Avast, the Torii bot has been active since at least December 2017, it could targets a broad range of architectures, including ARM, MIPS, x86, x64, PowerPC, and SuperH. The Torii IoT botnet stands out for the largest sets of architectures it is able to target. ” reads the analysis published by Avast.

IoT

IoT Architecture Advertising DDOS

Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw

Security Affairs

NOVEMBER 21, 2018

These Mirai variants are the first one that doesn’t target Internet of Things devices, the bot was specifically developed to target Linux servers. “Mirai botmasters that target Linux servers no longer need to tailor their malware for strange architectures , they assume their targets are using x86.”

IoT

IoT Advertising Malware Architecture

Chinese APT Tropic Trooper target air-gapped military Networks in Asia

Security Affairs

MAY 15, 2020

Since December 2014, the threat actors are using a malware dubbed USBferry in attacks against military/navy agencies, government institutions, military hospitals, and also a national bank. ” The group used “tracert” and “ping” commands to map the target’s network architecture (i.e. Pierluigi Paganini.

Government

Government Malware Advertising Architecture

Czech public radio says Huawei Czech Unit secretly collected data

Security Affairs

JULY 22, 2019

In November 2018, the Wall Street Journal reported that the US Government was urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures. The Chinese firm was already excluded by several countries from building their 5G internet networks. Pierluigi Paganini.

Manufacturing

Manufacturing Internet Internet Advertising

Trend Micro observed notable malware activity associated with the Momentum Botnet

Security Affairs

DECEMBER 18, 2019

The Momentum bot targets various Linux platforms running upon multiple CPU architectures, including ARM, MIPS, Intel, and Motorola 68020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware DDOS Advertising DNS

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

The Last Watchdog

DECEMBER 8, 2020

Related: The shared burden of securing the Internet of Things. Company networks must support endless permutations of users and apps, both on-premises and in the Internet cloud. SD-WAN arose in 2014 as a way to use software to manage traffic moving across large networks, especially to-and-from geographically dispersed branches.

Firewall

Firewall Digital transformation Internet Internet

New Mirai botnet hides C2 server in the Tor network to prevent takedowns

Security Affairs

AUGUST 1, 2019

Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks aimed at Internet of Things (IoT) devices. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Architecture

Architecture IoT Malware Advertising

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

” The expert explained that the XMR cryptominer was optimized for Intel x86 (both 32bit or 64bit architecture) and Intel 686 processors. Cashdollar explained that threat actors started scanning the Internet for Intel systems that would accept files over SSH port 22 to maximize their efforts. Pierluigi Paganini.

IoT

IoT Cryptocurrency Malware System Administration

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

” Recently, experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Architecture

Architecture Cryptocurrency Malware Advertising

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes the alert. Pierluigi Paganini.

VPN

VPN Government Authentication Advertising

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

Security Affairs

JANUARY 13, 2020

Since November 2018, the US Government has invited its allies to exclude Chinese equipment from critical infrastructure and 5G architectures over security concerns. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Telecommunications

Telecommunications Government Advertising Architecture

A new development shows a potential shift to using Mirai to target enterprises

Security Affairs

MARCH 18, 2019

Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks aimed at Internet of Things (IoT) devices. A variant discovered last year was leveraging an open-source project to target multiple architectures, including ARM, MIPS, PowerPC, and x86. Pierluigi Paganini.

IoT

IoT Wireless DDOS Advertising

NEW TECH: Alcide introduces a “microservices firewall” as a dynamic ‘IaaS’ market takes shape

The Last Watchdog

APRIL 23, 2019

Then on June 7, 2014, Google released Kubernetes – Greek for helmsman – to the open source software community. Tech vendors and their enterprise customers want to leverage distributed architectures and multiple cloud platforms to the hilt. And this must happen with complexity going through roof. Talk more soon.

Marketing

Marketing Firewall Architecture Software

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

“Since early September, SophosLabs has been monitoring an increasingly prolific attack targeting Internet-facing SSH servers on Linux-based systems that has been dropping a newly-discovered family of denial-of-service bots we’re calling Chalubo.” The IoT malware ran only on systems with an x86 architecture.

IoT

IoT DDOS Malware Architecture

Taiwanese vendor QNAP issues advisory on Zerologon flaw

Security Affairs

OCTOBER 22, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, QNap).

Authentication

Authentication Advertising Architecture Cybercrime

New Bill prohibits intelligence sharing with countries using Huawei 5G equipment

Security Affairs

JANUARY 12, 2020

Since November 2018, the US Government has invited its allies to exclude Chinese equipment from critical infrastructure and 5G architectures over security concerns. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Telecommunications

Telecommunications Advertising Architecture Government

Dark Nexus, a new IoT botnet that targets a broad range of devices

Security Affairs

APRIL 8, 2020

“For example, payloads are compiled for 12 different CPU architectures and dynamically delivered based on the victim’s configuration.” The experts discovered at customized payloads for at least 12 different CPU architectures. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Architecture Advertising

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

The list of targeted applications includes cryptocurrency apps for major currencies (Electrum, Ethereum, Exodus, Jaxx, and Monero), popular browsers (Google Chrome, Mozilla Firefox, Microsoft Edge, Internet Explorer, Opera, Vivaldi, Waterfox, SeaMonkey, UC Browser) and email client like Thunderbird, Outlook, and Foxmail. Pierluigi Paganini.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

XDSpy APT remained undetected since at least 2011

Security Affairs

OCTOBER 2, 2020

Experts observed the threat actor exploiting a remote code issue in Internet Explorer tracked as CVE-2020-0968 that was addressed by Microsoft with the release of Patch Tuesday security updates for April 2020. “At Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Government Advertising Phishing

DanaBot banking Trojan evolves and now targets European countries

Security Affairs

SEPTEMBER 22, 2018

Sniffer plug-in – injects malicious scripts into a victim’s browser, usually while visiting internet banking sites. “The new features introduced in these latest campaigns indicate the attackers behind DanaBot continue to make use of the malware’s modular architecture to increase their reach and success rate.

Banking

Banking Advertising Architecture Firewall

Code Execution and DoS flaw addressed in QEMU

Security Affairs

AUGUST 27, 2019

Slirp is a program that emulates a PPP, SLIP, or CSLIP connection to the Internet via a shell account. Some context on the impact and the security architecture of QEMU : 1. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Architecture Internet Internet

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

Security Affairs

JUNE 15, 2021

A new variant of the Mirai botnet, tracked as Moobot, was spotted scanning the Internet for vulnerable Tenda routers. Researchers from AT&T Alien Lab have spotted a new variant of the Mirai botnet, tracked asu Moobot, which was scanning the Internet for the CVE-2020-10987 remote code-execution (RCE) issue in Tenda routers.

Malware

Malware Internet Internet DDOS

Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders

Security Affairs

JUNE 18, 2019

The extender operates on the MIPS architecture, like many routers, the zero-day flaw can be triggered. TP-Link’s Wi-Fi extenders operate on MIPS architecture and the vulnerability can be triggered by sending a malformed HTTP request. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Architecture

Architecture Advertising Firmware IoT

Nine 2019 Cybersecurity Predictions

Security Affairs

JANUARY 8, 2019

The Internet of Things is a remarkable benchmark in human technological advancement. In 2014, the personal records of some 40 million Target shoppers, including names and credit card numbers, were stolen by hackers. Their way in was through the company’s internet-connected HVAC system. Pierluigi Paganini.

Cybersecurity

Cybersecurity Small Business Internet Internet

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. Attacks that infect a high volume of devices with a direct internet interface (i.e., Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Manufacturing Internet Internet

Tor Browser for Android is available through the Play Store

Security Affairs

MAY 23, 2019

.” Tor is free and open-source software that allows anonymous communication, it directs Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays. With this architecture, it allows hiding user’s IP address. Pierluigi Paganini.

Advertising

Advertising Internet Internet Mobile

10KBLAZE exploits could affect 9 out of 10 SAP installs of more than 50k customers

Security Affairs

MAY 2, 2019

In April, the two researchers Dmitry Chastuhin and Mathieu Geli presented at the OPCDE cybersecurity conference in Dubai security issues related to SAP configuration and architecture. Researchers also found many SAP systems exposed on the internet that could be hit by remote, unauthenticated attackers.

Cyber Attacks

Cyber Attacks Advertising Architecture Risk

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. LFI CVE-2018-16763 Fuel CMS 1.4.1

Malware

Malware DDOS IoT Cybercrime

A new Cross-Platform Mirai Variant appeared in the wild

Security Affairs

AUGUST 24, 2018

Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks aimed at Internet of Things (IoT) devices. The new variant could be easily used to target multiple architectures, including ARM, MIPS, PowerPC, and x86. ” reads the analysis published by Symantec. continues Symantec.

Architecture

Architecture IoT Malware Advertising

It's End of Life for ASafaWeb

Troy Hunt

NOVEMBER 5, 2018

Internet Explorer is no longer the dominant browser ( Chrome was in 3rd place back then ). From development and architecture to security. Their site is still up and functional, but their Twitter account hasn't been active for 2 and a half years now and the last blog post they wrote was in 2014. From Sydney to the Gold Coast.

Technology

Technology Architecture Marketing Internet

Mozilla offers rewards for Bypassing Firefox Exploit Mitigations

Security Affairs

AUGUST 21, 2020

We do not allow attacker-controlled JavaScript to run in the Parent Process – whether delivered from the internet or provided from a compromised content process. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Architecture Hacking Engineering

FBI along with security firms dismantled 3ve Ad Fraud Operation

Security Affairs

NOVEMBER 28, 2018

The name 3ve is derived from a set of three distinct sub-operations using unique measures to avoid detection, and each of them was built around different architectures with different components. 3ve has been active since at least 2014 and experts observed a peak in its activity in 2017. 2—The KOVTER Malware Scheme. Pierluigi Paganini.

Advertising

Advertising Mobile Malware Architecture

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Trending Sources

Experts spotted a new Mirai variant that targets new processors

New HEH botnet wipes devices potentially bricking them

US Government is asking allies to ban Huawei equipment

US officials claim Huawei Equipment has secret backdoor for spying

Massive increase in XorDDoS Linux malware in last six months

FreeRTOS flaws expose millions of IoT devices to cyber attacks

Czech cyber-security agency warns over Huawei, ZTE security threat

Mozi Botnet is responsible for most of the IoT Traffic

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Enemybot, a new DDoS botnet appears in the threat landscape

Torii botnet, probably the most sophisticated IoT botnet of ever

Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw

Chinese APT Tropic Trooper target air-gapped military Networks in Asia

Czech public radio says Huawei Czech Unit secretly collected data

Trend Micro observed notable malware activity associated with the Momentum Botnet

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

New Mirai botnet hides C2 server in the Tor network to prevent takedowns

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

WatchBog cryptomining botnet now uses Pastebin for C2

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

A new development shows a potential shift to using Mirai to target enterprises

NEW TECH: Alcide introduces a “microservices firewall” as a dynamic ‘IaaS’ market takes shape

Chalubo, a new IoT botnet emerges in the threat landscape

Taiwanese vendor QNAP issues advisory on Zerologon flaw

New Bill prohibits intelligence sharing with countries using Huawei 5G equipment

Dark Nexus, a new IoT botnet that targets a broad range of devices

Raccoon Malware, a success case in the cybercrime ecosystem

XDSpy APT remained undetected since at least 2011

DanaBot banking Trojan evolves and now targets European countries

Code Execution and DoS flaw addressed in QEMU

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders

Nine 2019 Cybersecurity Predictions

5 IoT Security Predictions for 2019

Tor Browser for Android is available through the Play Store

10KBLAZE exploits could affect 9 out of 10 SAP installs of more than 50k customers

EnemyBot malware adds new exploits to target CMS servers and Android devices

A new Cross-Platform Mirai Variant appeared in the wild

It's End of Life for ASafaWeb

Mozilla offers rewards for Bypassing Firefox Exploit Mitigations

FBI along with security firms dismantled 3ve Ad Fraud Operation

Stay Connected