2014, Encryption and IoT - Cyber Security Informer

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. Pierluigi Paganini.

IoT

IoT Firmware DNS Advertising

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. Most of the attacks targeted non-standard ports and experts observed a spike in the number of encrypted malware. million encrypted malware attacks, +27% over the previous year. .”

IoT

IoT Encryption Malware Advertising

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. Improper encryption. Vicious insider.

IoT

IoT Cybersecurity Manufacturing Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022.

IoT

IoT DDOS Encryption Malware

The Growing Presence (and Security Risks) of IoT

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

As most of us know, IoT devices are on the rise in enterprise networks. According to McKinsey & Company , the proportion of organizations that use IoT products has grown from 13 percent in 2014 to 25 percent today. The issue is that these tens of billions of new devices will likely amplify the inherent security risks of IoT.

IoT

IoT Risk Energy and Utilities Healthcare

Kaiji, a new Linux malware targets IoT devices in the wild

Security Affairs

MAY 5, 2020

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks.

IoT

IoT Malware DDOS Advertising

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. “The attackers encrypt both the main bot component and its corresponding Lua script using the ChaCha stream cipher.” Pierluigi Paganini.

IoT

IoT DDOS Architecture Malware

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” Pierluigi Paganini.

IoT

IoT Hacking DNS Authentication

Adiantum will bring encryption on Android devices without cryptographic acceleration

Security Affairs

FEBRUARY 10, 2019

Google announced Adiantum, a new encryption method devised to protect Android devices without cryptographic acceleration. Google announced Adiantum , a new encryption method devised to protect Android devices without cryptographic acceleration. This hash is then used to generate a nonce for the ChaCha encryption.

Encryption

Encryption Mobile Advertising IoT

Torii botnet, probably the most sophisticated IoT botnet of ever

Security Affairs

SEPTEMBER 29, 2018

Avast spotted a new IoT botnet, tracked as Torii, that appears much more sophisticated and stealth of the numerous Mirai variants previously analyzed. Security researchers spotted a new IoT botnet, tracked as Torii, that appears much more sophisticated and stealth of the numerous Mirai variants previously analyzed. Pierluigi Paganini.

IoT

IoT Architecture Advertising DDOS

Exclusive: MalwareMustDie analyzes a new IoT malware dubbed Linux/ AirDropBot

Security Affairs

SEPTEMBER 30, 2019

After 2 years of waiting, MalwareMustDie returns with an excellent page of malware analysis of a new IoT malware: Linux/AirDropBot. The beginning of the story: another IoT malware in the wild? Coming to the core topic: IoT botnet threat and their ecosystem.

IoT

IoT Malware Internet Internet

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Security Affairs

FEBRUARY 26, 2020

The vulnerability could have a severe impact on the IT sector, the flawed chips are used in over a billion devices, including routers, smartphones, tablets, laptops, and IoT gadgets. This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication.”

Encryption

Encryption Wireless Manufacturing Advertising

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Security Affairs

AUGUST 8, 2020

The attacker could exploit the Kr00k issue even when it is not connected to the victim’s wireless network, the vulnerability works against vulnerable devices using WPA2-Personal or WPA2-Enterprise protocols, with AES-CCMP encryption. Experts found a similar issue affecting MediaTek Wi-Fi chips that don’t use encryption at all.

Wireless

Wireless Encryption Manufacturing Advertising

Security Affairs newsletter Round 286

Security Affairs

OCTOBER 18, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

VPN

VPN Surveillance Advertising Ransomware

The Mystery of Fbot

Security Affairs

JANUARY 21, 2020

In a few days back, the MalwareMustDie team’s security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This article explains what we have learned about the Fbot traced back from the year of 2014. Pierluigi Paganini.

DDOS

DDOS IoT Malware Advertising

New Miori botnet has a unique protocol for C2 communication

Security Affairs

JULY 12, 2019

The Miori bot targets IoT devices having SSH and Telnet services exposed online and that are poorly secured. Current version leverages a text-based protocol and implements protection that drops the connection if a specific string is not provided, it also supports encrypted commands. SecurityAffairs – Miori Botney, IoT).

IoT

IoT DDOS Encryption Malware

A new development shows a potential shift to using Mirai to target enterprises

Security Affairs

MARCH 18, 2019

PaloAlto Networks researchers discovered a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. Researchers at PaloAlto Networks spotted a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. SecurityAffairs – Mirai, IoT). Pierluigi Paganini.

IoT

IoT Wireless DDOS Advertising

Mirai and Gafgyt target Apache Struts and SonicWall to hit enterprises

Security Affairs

SEPTEMBER 10, 2018

Security experts with Unit 42 at Palo Alto Networks have discovered new variants of the Mirai and Gafgyt IoT malware targeting enterprises. “These developments suggest these IOT botnets are increasingly targeting enterprise devices with outdated versions.” Securi ty Affairs – IoT botnet, Mirai). Pierluigi Paganini.

IoT

IoT Advertising Malware Data breaches

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Change the default username and passwords for all network devices, especially IoT devices. Pierluigi Paganini. SecurityAffairs – hacking, FBI).

DDOS

DDOS IoT Internet Internet

Security Affairs newsletter Round 252

Security Affairs

FEBRUARY 23, 2020

Russian govn blocked Tutanota service in Russia to stop encrypted communication. Russian govn blocked Tutanova service in Russia to stop encrypted communication. Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way! Dragos Report: Analysis of ICS flaws disclosed in 2019.

Artificial Intelligence

Artificial Intelligence eCommerce Firmware Hacking

New MATA Multi-platform malware framework linked to NK Lazarus APT

Security Affairs

JULY 23, 2020

The Windows version of MATA is composed of a loader used to load an encrypted next-stage payload and the orchestrator module (“lsass.exe”). MATA is also able to target Linux-based diskless network devices, including such as routers, firewalls, or IoT devices. Pierluigi Paganini.

Malware

Malware Ransomware Advertising Encryption

Experts spotted a new Mirai variant that targets new processors

Security Affairs

APRIL 10, 2019

Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks aimed at Internet of Things (IoT) devices. which allows it to attack a wider range of Internet of Things (IoT) devices, Since the code of the Mirai botnet was leaked online many variants emerged in the threat landscape.

Architecture

Architecture DDOS IoT Internet

Fbot re-emerged, the backstage

Security Affairs

FEBRUARY 26, 2020

In the previous month we covered the mystery behind the Mirai botnet variant dubbed as “Fbot” after the threat’s latest encryption was disclosed by security researcher unixfreaxjp of the MalwareMustDie team. Is it a new trick in IoT infection? Don’t trust me, trust the number” , said the researcher who figured the come-back …”.

IoT

IoT DDOS Malware Advertising

689,272 plaintext records of Amex India customers exposed online

Security Affairs

NOVEMBER 8, 2018

The huge trove of data was discovered by Bob Diachenko from cybersecurity firm Hacken, most of the records were encrypted, but 689,272 records were stored in plaintext. The expert located the database by using IoT search engines such as Shodan and BinaryEdge.io. The archive included 2,332,115 records containing encrypted data (i.e.

Encryption

Encryption Data breaches Advertising Engineering

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Security Affairs

SEPTEMBER 25, 2020

The researchers set up a compromised IoT device that initiates MITM attack using ARP Poisoning, then Forticlient initiates VPN connection. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the warning.

VPN

VPN Hacking IoT Advertising

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

HiSilicon is the largest domestic designer of integrated circuits in China, its chips are used by millions of IoT devices worldwide, including security cameras, DVRs, and NVRs. Client uses it’s pre-shared key and constructs encryption key as concatenation of received random number and PSK. Pierluigi Paganini.

Firmware

Firmware Encryption Advertising Passwords

New Mirai botnet hides C2 server in the Tor network to prevent takedowns

Security Affairs

AUGUST 1, 2019

Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks aimed at Internet of Things (IoT) devices. “While there have been previous reports of other malware having their C&C hidden in Tor, we see this as a possible precedent for other evolving IoT malware families.

Architecture

Architecture IoT Malware Advertising

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

I held this position from 2000 through 2014, during which time Windows emerged as a prime target for both precocious script kiddies and emerging criminal hacking rings. Kapczynski Erin: Could you share your thoughts on the role of artificial intelligence, machine learning and the growth of IoT devices in both cyber defense and cyberattacks?

Cyber threats

Cyber threats Cyber Insurance Cybersecurity Threat Detection

New Emotet variant uses connected devices as proxy C2 servers

Security Affairs

APRIL 29, 2019

“ The experts also noticed that threat actors behind the latest Emotet campaign are actively attempting to compromise IoT devices, including routers, IP cameras, webcams, and recruit them in a first layer of the C2 infrastructure. Like previous versions, it encrypts data with an RSA key and AES, and encoded it in Base 64.

Advertising

Advertising Malware Cybercrime IoT

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

“This incident highlights the necessity of keeping machines inside the firewall perimeter up to date, and serves as a reminder that any IOT device could be abused as a foothold to reach Windows machines.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firewall

Firewall Ransomware Passwords VPN

Telehealth: A New Frontier in Medicine—and Security

SecureList

FEBRUARY 1, 2022

For example, the startup Proteus Digital Health back in 2014 created sensor-enabled pharmaceuticals that received hundreds of millions of dollars in investments. As interest in IoT devices grows, so, too, does interest in MQTT—which is concerning from a security standpoint.

Phishing

Phishing Healthcare IoT Authentication

Experts warn of new campaigns leveraging Mirai and Gafgyt variants

Security Affairs

JULY 23, 2018

Security experts are warning of an intensification of attacks powered by two notorious IoT botnets, Mirai and Gafgyt. The Gafgyt botnet, also known as Bashlite and Lizkebab , first appeared in the wild in 2014 had its source code was leaked in early 2015. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Malware Advertising DDOS

Security Affairs newsletter Round 225 and Important Update

Security Affairs

AUGUST 4, 2019

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Prolific Dark Web dealer of drugs pleads guilty. Pierluigi Paganini.

Data breaches

Data breaches eCommerce Hacking Malware

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

.” The analysis of the bot revealed that it supports seven functions: reverse shell, self-uninstall, gather process’ network information, gather Bot information, execute system commands, run encrypted files specified in URLs, DDoS attack, etc. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS System Administration Advertising DNS

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

PagerDuty Operations performance 2014 NYSE: PD Auth0 Identity management 2014 Acquired: Okta. Company Sector Year Status Verodin Cybersecurity analytics 2018 Acquired by FireEye Kenna Security Risk management 2018 Acquired by Cisco PhishMe Incident response 2016 Acquired: P.E. Also read : Addressing Remote Desktop Attacks and Security.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Firmware Advertising Manufacturing

Security Affairs newsletter Round 188 – News of the week

Security Affairs

NOVEMBER 11, 2018

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain. Shellbot Botnet Targets IoT devices and Linux servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Banking

Banking Advertising Surveillance Insurance

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Passwords Manufacturing

The hacker behind Matrix.org hack offers advice to improve security

Security Affairs

APRIL 12, 2019

Matrix is an open network for secure, decentralized real-time communication that is also used for instant messaging, IoT communications, and VoIP or WebRTC signaling. Unfortunately, users that have no backups of their encryption keys will be not able to read their previous conversations. Pierluigi Paganini.

Hacking

Hacking DNS Passwords Data breaches

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

Security Affairs

FEBRUARY 23, 2019

It is also possible to decrypt single files paying $19.99, in this case, victims have to send the encrypted file to the operators. This second ransomware made the headlines in 2014 when it infected NAS servers from Synology that ran outdated versions of the DiskStation Manager. No extension added to locked files.

Ransomware

Ransomware DNS Firmware Encryption

Best Enterprise Mobility Management (EMM) Solutions for 2022

eSecurity Planet

MARCH 15, 2022

The company acquired Atlanta-based AirWatch in 2014. Data is encrypted with Azure Transparent Data Encryption (TDE) and never commingled with another customer’s data. BlackBerry UEM securely enables the Internet of Things (IoT) with complete endpoint management and policy control for devices and apps. Key Differentiators.

Mobile

Mobile Technology Risk Marketing

The State of Blockchain Applications in Cybersecurity

eSecurity Planet

JULY 28, 2021

For modern networks, the introduction of new endpoints – be it remote laptops for personnel or client IoT devices – is a roadblock being actively addressed. Since the 1970s, Public Key Infrastructure (PKI) has offered encryption , authentication, bootstrapping, and digital signatures to secure digital communications. Block Armour.

Cybersecurity

Cybersecurity Cryptocurrency Technology Energy and Utilities

MY TAKE: How state-backed cyber ops have placed the world in a constant-state ‘Cyber Pearl Harbor’

The Last Watchdog

JULY 25, 2019

Case in point, in 2014 state-backed North Korean hackers took a break from hacking into banks to steal funds in order to carry out a devastating hack of Sony Pictures. From a security standpoint, the rising prominence of mobile computing, the cloud and IoT translate into new tiers piled on top of an already vast threat landscape.

IoT

IoT Hacking Banking Government

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

If the data connection is not properly encrypted ( spoiler alert: it’s not, we’ve checked! ), anyone who can intercept the connection is able to monitor all data that is exchanged. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Surveillance

Surveillance Hacking Firmware Manufacturing

New Ttint IoT botnet exploits two zero-days in Tenda routers

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Webinars

Trending Sources

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Webinars

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

The Growing Presence (and Security Risks) of IoT

Kaiji, a new Linux malware targets IoT devices in the wild

Chalubo, a new IoT botnet emerges in the threat landscape

Hacking the Twinkly IoT Christmas lights

Adiantum will bring encryption on Android devices without cryptographic acceleration

Torii botnet, probably the most sophisticated IoT botnet of ever

Exclusive: MalwareMustDie analyzes a new IoT malware dubbed Linux/ AirDropBot

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Security Affairs newsletter Round 286

The Mystery of Fbot

New Miori botnet has a unique protocol for C2 communication

A new development shows a potential shift to using Mirai to target enterprises

Mirai and Gafgyt target Apache Struts and SonicWall to hit enterprises

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs newsletter Round 252

New MATA Multi-platform malware framework linked to NK Lazarus APT

Experts spotted a new Mirai variant that targets new processors

Fbot re-emerged, the backstage

689,272 plaintext records of Amex India customers exposed online

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

New Mirai botnet hides C2 server in the Tor network to prevent takedowns

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

New Emotet variant uses connected devices as proxy C2 servers

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Telehealth: A New Frontier in Medicine—and Security

Experts warn of new campaigns leveraging Mirai and Gafgyt variants

Security Affairs newsletter Round 225 and Important Update

Roboto, a new P2P botnet targets Linux Webmin servers

Top VC Firms in Cybersecurity of 2022

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs newsletter Round 188 – News of the week

QNAP urges users to update Malware Remover after QSnatch joint alert

The hacker behind Matrix.org hack offers advice to improve security

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

Best Enterprise Mobility Management (EMM) Solutions for 2022

The State of Blockchain Applications in Cybersecurity

MY TAKE: How state-backed cyber ops have placed the world in a constant-state ‘Cyber Pearl Harbor’

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Stay Connected