2014, DNS, Hacking and IoT - Cyber Security Informer

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. SecurityAffairs – hacking, Ttint botnet).

IoT

IoT Firmware DNS Advertising

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. The experts demonstrated the remote management of the Twinkly lights carrying out the DNS rebinding attack technique. Pierluigi Paganini. SecurityAffairs – SDUSD , data breach).

IoT

IoT Hacking DNS Authentication

DNS hijacking campaigns target Gmail, Netflix, and PayPal users

Security Affairs

APRIL 6, 2019

Security experts at Bad Packets uncovered a DNS hijacking campaign that is targeting the users of popular online services, including Gmail, Netflix, and PayPal. Hackers compromised consumer routers and modified the DNS settings to redirect users to fake websites designed to trick victims into providing their login credentials.

DNS

DNS Advertising Internet Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

The hacker behind Matrix.org hack offers advice to improve security

Security Affairs

APRIL 12, 2019

The hacker that hacked and defaced Matrix.org decided to disclose the security issues discovered during the attack and offers advice. This week, the hacker behind the hack of Matrix.org decided to disclose the vulnerabilities discovered during the attack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking DNS Passwords Data breaches

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. The IoT malware ran only on systems with an x86 architecture. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Architecture Malware

M2M protocols can be abused to attack IoT and IIoT systems

Security Affairs

DECEMBER 4, 2018

Security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. attackers abuse M2M protocols to target IoT and IIoT devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT

IoT Internet Internet Advertising

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

In early 2019, researchers spotted a new TrickBot backdoor framework dubbed Anchor that was using the anchor_dns tool for abusing the DNS protocol for C2 communications. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Healthcare

Healthcare Ransomware Cybercrime Advertising

TrickBot operators employ Linux variants in attacks after recent takedown

Security Affairs

OCTOBER 28, 2020

Microsoft announced to have taken down 62 of the original 69 TrickBot C&C servers, seven servers that could not be brought down last week were Internet of Things (IoT) devices. At the end of 2019, researchers spotted a new TrickBot backdoor framework dubbed Anchor that was using the DNS protocol for C2 communications.

DNS

DNS Banking Advertising IoT

Security Affairs newsletter Round 230

Security Affairs

SEPTEMBER 8, 2019

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers. USBAnywhere BMC flaws expose Supermicro servers to hack. Some Zyxel devices can be hacked via DNS requests. Creator of multiple IoT botnets, including Satori, pleaded guilty. Crooks stole €1.5 million from German bank OLB cloning EMV cards.

IoT

IoT Data breaches DNS Advertising

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Security Affairs

OCTOBER 1, 2018

Security experts from Qihoo 360 NetLab have uncovered an ongoing hacking campaign that leverages the GhostDNS malware. Attackers have already hijacked over 100,000 home routers, the malicious code allows to modify DNS settings to hijack the traffic and redirect users to phishing websites. Security Affairs – GhostDNS, IoT ).

DNS

DNS Malware Firmware Phishing

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. According to our estimate, CoAP can reach up to 32 times (32x) amplification factor, which is roughly between the amplification power of DNS and SSDP.”.

DDOS

DDOS IoT Internet Internet

Dozens of Linksys router models leak data useful for hackers

Security Affairs

MAY 18, 2019

The expert used the Binary Edge IoT search engine to find vulnerable devices, earlier this week he discovered 25,617 routers that were leaking a total of 756,565 unique MAC addresses. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless IoT DNS Advertising

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. In some cases the router is reconfigured to use rogue DNS servers, which redirect victims to phishing pages that closely look like real online banking sites.

DNS

DNS Passwords Advertising Banking

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security Affairs

JULY 30, 2019

It is quite easy to find Wind River VxWorks in IoT devices, including webcam, network appliances, VOIP phones, and printers. An attacker can intercept the TCP connection in different ways, for example using DNS changer malware, targeting DNS servers and carrying out Man-in-The-Middle attacks.

Risk

Risk IoT Firewall DNS

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. What makes the Roboto botnet a singular bot is its P2P structure that is rare for IoT DDoS bots, other botnets with a similar capability are the Hajime and Hide’N ‘ Seek botnets. ” reads the analysis.

DDOS

DDOS System Administration Advertising DNS

Threat Trends: Firewall

Cisco Security

OCTOBER 19, 2021

Much of this traffic is comprised of suspicious DNS queries, which point to known or likely Command and Control sites. DNS BIND information disclosure attempts were also commonly encountered. In the Credential Access tactic, credential dumping attacks appear to be targeting routers and IoT devices such as CCTV cameras.

Firewall

Firewall Authentication DNS Accountability

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

Security Affairs

APRIL 24, 2020

The Hoaxcalls IoT botnet expanded the list of targeted devices and has added new distributed denial of service (DDoS) capabilities. The botnet was initially designed to launch DDoS attacks using UDP, DNS and HEX floods. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. score of 9.8 Pierluigi Paganini.

DDOS

DDOS IoT Advertising DNS

Ripple20 flaws in Treck TCP/IP stack potentially expose hundreds of millions of devices to hack

Security Affairs

JUNE 16, 2020

Serious security vulnerabilities in the Treck TCP/IP stack dubbed Ripple20 expose millions of IoT devices worldwide to cyber attacks, researchers warn. A remote attacker could exploit the flaw by sending specially crafted IP packets or DNS requests to the vulnerable devices. SecurityAffairs – Ripple20, hacking).

Hacking

Hacking IoT Advertising DNS

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

Security Affairs

FEBRUARY 23, 2019

A user reported that its D-Link DNS-320 device was infected by malicious code. The D-Link DNS-320 model is no more available for sale, one of the members of the forum explained that the firmware of its NAS was never updated and its device was exposed to WAN through ports 8080, FTP port 21, and a range of ports for port forwarding.

Ransomware

Ransomware DNS Firmware Encryption

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

It’s about challenging our expectations about people who hack for a living. Vamosi: In the fall of 2014, Shellshock was publicly disclosed. Our story now skips ahead twenty years to 2014. In the summer of 2014, particularly after Heartbled, people began to once again look at open source software with some dedication.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

It’s about challenging our expectations about people who hack for a living. Vamosi: In the fall of 2014, Shellshock was publicly disclosed. Our story now skips ahead twenty years to 2014. In the summer of 2014, particularly after Heartbled, people began to once again look at open source software with some dedication.

Software

Software Passwords Internet Internet

Key Takeaway from the Colonial Pipeline Attack

Cisco Security

MAY 24, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) confirmed that DarkSide, a Russian cybercriminal hacking group that targets victims using ransomware and extortion was behind the Colonial Pipeline attack. Enforce security at the DNS layer. What happened?

Firewall

Firewall IoT DNS Cyber Attacks

The Hacker Mind Podcast: Scanning the Internet

ForAllSecure

NOVEMBER 2, 2021

It's about challenging our expectations about the people who hack for a living. But to find that information back in 2014, he had to scan the Internet, the entire internet and that was a very noisy process. Behind that is a sequence of numbers resolved by your DNS and that sequence of numbers is the site's IP address.

Internet

Internet Internet Malware Authentication

The Hacker Mind Podcast: EP 69 Self-Healing Operating Systems

ForAllSecure

APRIL 19, 2023

I first met Dan when he was literally saving the world; okay, at least saving the internet as we know it today by disclosing to the major ISPs in the world a flaw he’d found in the Domain Name System or DNS. It’s about challenging our expectations about people who hack for a living. I hope you stick around.

Software

Software Backups Computers and Electronics Technology

Cyber Security Informer

New Ttint IoT botnet exploits two zero-days in Tenda routers

Hacking the Twinkly IoT Christmas lights

Webinars

Trending Sources

DNS hijacking campaigns target Gmail, Netflix, and PayPal users

Webinars

The hacker behind Matrix.org hack offers advice to improve security

Chalubo, a new IoT botnet emerges in the threat landscape

M2M protocols can be abused to attack IoT and IIoT systems

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

TrickBot operators employ Linux variants in attacks after recent takedown

Security Affairs newsletter Round 230

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Dozens of Linksys router models leak data useful for hackers

For nearly a year, Brazilian users have been targeted with router attacks

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Roboto, a new P2P botnet targets Linux Webmin servers

Threat Trends: Firewall

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

Ripple20 flaws in Treck TCP/IP stack potentially expose hundreds of millions of devices to hack

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

Key Takeaway from the Colonial Pipeline Attack

The Hacker Mind Podcast: Scanning the Internet

The Hacker Mind Podcast: EP 69 Self-Healing Operating Systems

Stay Connected