2014, DNS, IoT and Passwords - Cyber Security Informer

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). Security IoT devices. If you have an IoT device at home, know there are ways to secure it. If you plan to get an IoT device soon, buy from a well-known brand. Stay safe!

Malware

Malware DDOS IoT DNS

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” Pierluigi Paganini.

IoT

IoT Hacking DNS Authentication

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. The IoT malware ran only on systems with an x86 architecture. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Architecture Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. According to our estimate, CoAP can reach up to 32 times (32x) amplification factor, which is roughly between the amplification power of DNS and SSDP.”.

DDOS

DDOS IoT Internet Internet

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Security Affairs

OCTOBER 1, 2018

Attackers have already hijacked over 100,000 home routers, the malicious code allows to modify DNS settings to hijack the traffic and redirect users to phishing websites. GhostDNS reminds us of the infamous DNSChanger malware that made the headlines for its ability to change DNS settings on the infected device. Pierluigi Paganini.

DNS

DNS Malware Firmware Phishing

The hacker behind Matrix.org hack offers advice to improve security

Security Affairs

APRIL 12, 2019

Matrix is an open network for secure, decentralized real-time communication that is also used for instant messaging, IoT communications, and VoIP or WebRTC signaling. The intruder had access to the production databases, potentially giving them access to unencrypted message data, password hashes and access tokens.

Hacking

Hacking DNS Passwords Data breaches

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. “ Malware then guesses routers’ passwords , which new research from Avast shows are often weak. ” states the analysis published by Avast.

DNS

DNS Passwords Advertising Banking

Security Affairs newsletter Round 230

Security Affairs

SEPTEMBER 8, 2019

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers. Some Zyxel devices can be hacked via DNS requests. Creator of multiple IoT botnets, including Satori, pleaded guilty. Over 600k GPS trackers left exposed online with a default password of ‘123456. Crooks stole €1.5 Pierluigi Paganini.

IoT

IoT Data breaches DNS Advertising

Dozens of Linksys router models leak data useful for hackers

Security Affairs

MAY 18, 2019

The expert used the Binary Edge IoT search engine to find vulnerable devices, earlier this week he discovered 25,617 routers that were leaking a total of 756,565 unique MAC addresses. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless IoT DNS Advertising

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. The flaw affects the procedure for changing expired passwords, the backdoor could be exploited by a remote attacker to execute malicious commands with root privileges on the machine running vulnerable Webmin. ” reads the analysis.

DDOS

DDOS System Administration Advertising DNS

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Anyway I was testing this suite when I happened to randomly strike two keys -- I think it was control and B -- and up popped the password manager, displaying all my test passwords in the clear. Thing was, the manager required its own password, which I had not entered; remember, I had hit only two keys. This was a software flaw.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Anyway I was testing this suite when I happened to randomly strike two keys -- I think it was control and B -- and up popped the password manager, displaying all my test passwords in the clear. Thing was, the manager required its own password, which I had not entered; remember, I had hit only two keys. This was a software flaw.

Software

Software Passwords Internet Internet

The Hacker Mind Podcast: Scanning the Internet

ForAllSecure

NOVEMBER 2, 2021

But to find that information back in 2014, he had to scan the Internet, the entire internet and that was a very noisy process. Behind that is a sequence of numbers resolved by your DNS and that sequence of numbers is the site's IP address. But so we don't try to authenticate with default passwords. And so there are about 3.7

Internet

Internet Internet Malware Authentication

Key Takeaway from the Colonial Pipeline Attack

Cisco Security

MAY 24, 2021

Average fuel prices rose to their highest since 2014 and President Joe Biden declared a state of emergency to allow additional transport of fuel by road to alleviate shortages. Enforce security at the DNS layer. To learn more about how you can secure your IoT/OT infrastructure, visit our IoT Security page or contact us.

Firewall

Firewall IoT DNS Cyber Attacks

Cyber Security Informer

Massive increase in XorDDoS Linux malware in last six months

Hacking the Twinkly IoT Christmas lights

Webinars

Trending Sources

Chalubo, a new IoT botnet emerges in the threat landscape

Webinars

FBI warns cyber actors abusing protocols as new DDoS attack vectors

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

The hacker behind Matrix.org hack offers advice to improve security

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs newsletter Round 230

Dozens of Linksys router models leak data useful for hackers

Roboto, a new P2P botnet targets Linux Webmin servers

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

The Hacker Mind Podcast: Scanning the Internet

Key Takeaway from the Colonial Pipeline Attack

Stay Connected