2014, Internet and IoT - Cyber Security Informer

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

SEPTEMBER 21, 2020

House of Representatives passed the IoT Cybersecurity Improvement Act, a bill that aims at improving the security of IoT devices. House of Representatives last week passed the IoT Cybersecurity Improvement Act, a bill designed to improve the security of IoT devices. Mark Warner (D-Va.) Pierluigi Paganini.

IoT

IoT Cybersecurity Advertising Government

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. IoT is a complicated concept.

IoT

IoT Cybersecurity Manufacturing Internet

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. Pierluigi Paganini.

IoT

IoT Firmware DNS Advertising

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

How to hack IoT & RF Devices with BürtleinaBoard. Few months ago I have presented #FocacciaBoard : a similar multipurpose breakout board that uses the famous FT232H to handle multiple protocols commonly found in (I)IoT devices (i.e. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Hacking Firmware Advertising

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. ” reads the report published by IBM. ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

EU to Force IoT, Wireless Device Makers to Improve Security

eSecurity Planet

NOVEMBER 1, 2021

The European Union is poised to place more demands on manufacturers to design greater security into their wireless and Internet of Things (IoT) devices. has made some strides on IoT security at the federal level; it remains to be seen if the EU initiative will spur the U.S. IoT market growth. IoT Security Neglected.

Wireless

Wireless IoT Manufacturing Mobile

New Shodan Monitor service allows tracking Internet-Exposed devices

Security Affairs

MARCH 28, 2019

Shodan IoT search engine announced the launch of a new service called Shodan Monitor designed to help organizations to maintain track of systems connected to the Internet. Shodan Monitor is a precious tool for organizations that can determine their surface of attack assessing their Internet-exposed systems. Pierluigi Paganini.

Internet

Internet Internet IoT Advertising

Kaiji, a new Linux malware targets IoT devices in the wild

Security Affairs

MAY 5, 2020

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks.

IoT

IoT Malware DDOS Advertising

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. The list appears to be the result of an Internet scan for devices using default credentials or easy-to-guess passwords. 33000+ telnet credentials of IoT devices exposed on pastebin.

IoT

IoT DDOS InfoSec Internet

The Growing Presence (and Security Risks) of IoT

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

As most of us know, IoT devices are on the rise in enterprise networks. According to McKinsey & Company , the proportion of organizations that use IoT products has grown from 13 percent in 2014 to 25 percent today. The issue is that these tens of billions of new devices will likely amplify the inherent security risks of IoT.

IoT

IoT Risk Energy and Utilities Healthcare

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Do the increased attacks mean the industry is becoming accustomed to IoT cyber attacks? Insights from VDOO’s leadership.

IoT

IoT Manufacturing Internet Internet

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022.

IoT

IoT DDOS Encryption Malware

TheMoon bot infected 40,000 devices in January and February

Security Affairs

MARCH 26, 2024

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The Black Lotus Labs team at Lumen Technologies uncovered an updated version of “ TheMoon ” bot targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices.

IoT

IoT Cybercrime Internet Internet

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? Pierluigi Paganini.

Manufacturing

Manufacturing IoT Malware Cryptocurrency

FreeRTOS flaws expose millions of IoT devices to cyber attacks

Security Affairs

OCTOBER 22, 2018

Researchers found that one of the most popular Internet of Things real-time operating system, FreeRTOS, is affected by serious vulnerabilities. Researchers at Zimperium’s zLabs team have found that one of the most popular Internet of Things real-time operating system, FreeRTOS , is affected by serious vulnerabilities. Information Leak.

IoT

IoT Cyber Attacks Internet Internet

A hacker has taken over at least 29 IoT botnets

Security Affairs

MAY 5, 2019

Hacker “Subby” brute-forces the backends of 29 IoT botnets that were using weak or default credentials. A hacker that goes online with the moniker ‘Subby’ took over 29 IoT botnets in the past few week s with brute-force attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Advertising Hacking Passwords

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Researchers at AT&T discovered a new BotenaGo botnet that is using thirty three exploits to target millions of routers and IoT devices. BotenaGo is a new botnet discovered by researchers at AT&T that leverages thirty three exploits to target millions of routers and IoT devices. v001 / 3.40(ULM.0)b31 Pierluigi Paganini.

IoT

IoT Firmware Malware Wireless

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

Attackers could leverage a compromised identifier to use mobile Internet at the legitimate user’s expense and carry out fraud and impersonation, Attackers can also hijack user session data containing relevant identifiers (e.g., phone number) of a real subscriber and impersonate him to access the Internet. Pierluigi Paganini.

Mobile

Mobile Internet Internet Wireless

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Security Affairs

AUGUST 31, 2019

Researchers from WootCloud Labs have uncovered a new IoT botnet named Ares that is targeting Android-based devices. Experts from WootCloud Labs have spotted a new IoT botnet tracked as Ares that is targeting Android-based devices that have a debug port exposed online. IoT #malware branches seen in ???????? .

IoT

IoT Passwords Advertising Malware

Creator of multiple IoT botnets, including Satori, pleaded guilty

Security Affairs

SEPTEMBER 4, 2019

Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet , including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets. Pierluigi Paganini.

IoT

IoT DDOS Internet Internet

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). Security IoT devices. If you have an IoT device at home, know there are ways to secure it. If you plan to get an IoT device soon, buy from a well-known brand.

Malware

Malware IoT DDOS DNS

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The researchers revealed that one of his honeypots was hit by this IoT malware that targets Intel machines running Linux. “This one seems to target enterprise systems.”

IoT

IoT Cryptocurrency Malware System Administration

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Silex is not the first IoT malware with this behavior, back in 2017 BrickerBot bricked millions of devices worldwide. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Malware Advertising Firmware

Torii botnet, probably the most sophisticated IoT botnet of ever

Security Affairs

SEPTEMBER 29, 2018

Avast spotted a new IoT botnet, tracked as Torii, that appears much more sophisticated and stealth of the numerous Mirai variants previously analyzed. Security researchers spotted a new IoT botnet, tracked as Torii, that appears much more sophisticated and stealth of the numerous Mirai variants previously analyzed. Pierluigi Paganini.

IoT

IoT Architecture Advertising DDOS

M2M protocols can be abused to attack IoT and IIoT systems

Security Affairs

DECEMBER 4, 2018

Security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. attackers abuse M2M protocols to target IoT and IIoT devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Internet Internet Advertising

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. What is infecting IoT devices and how? The researchers set up a honeypot to collect data on infected IoT devices, the way threat actors infect IoT devices and what families of malware are involved.

IoT

IoT Passwords Malware Advertising

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways appeared first on Security Affairs. Pierluigi Paganini.

IoT

IoT DDOS Authentication Firmware

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

A security researcher disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack systems without any user interaction. Kunz and his colleagues were able to brute-force the IoT radio in just 10 minutes and achieve root access with full privileges. . Pierluigi Paganini.

IoT

IoT Hacking Firmware Advertising

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM Russia-linked APT group is compromising common IoT devices to gain access to several corporate networks. Researchers at Microsoft observed the Russia-linked APT group STRONTIUM abusing IoT devices to gain access to several corporate networks. ” IoT risk must be taken seriously. ” continues Microsoft.

IoT

IoT Hacking Advertising Government

Gucci IOT Bot Discovered Targeting European Region

Security Affairs

OCTOBER 1, 2019

Security Labs discovered a new IOT bot named “GUCCI”. It seems like the IOT botnet is named after an Italian luxury brand of fashion and leather goods. The IOT threat detection engine picked the infection IP has shown below hosting number of bins for different architectures. Figure 4: Gucci Bot – Source of Distribution.

IoT

IoT Advertising Engineering Architecture

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. The IoT malware ran only on systems with an x86 architecture. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Architecture Malware

Hacking the hackers – IOT botnet author adds his own backdoor on top of a ZTE router backdoor

Security Affairs

NOVEMBER 12, 2018

The author of an IoT botnet is distributing a backdoor script for ZTE routers that also includes his own backdoor to hack script kiddies. A weaponized IoT exploit script is being used by script kiddies, making use of a vendor backdoor account to hack the ZTE routers. Backdooring rival IoT botnet operator can have several purposes.

IoT

IoT Hacking Advertising Accountability

Shellbot Botnet Targets IoT devices and Linux servers

Security Affairs

NOVEMBER 5, 2018

“The group distributes the bot by exploiting a common command injection vulnerability on internet of things (IoT) devices and Linux servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT

IoT Advertising DDOS Malware

Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

Security Affairs

APRIL 26, 2019

Experts discovered security flaws in the iLnkP2P peer-to-peer (P2P) system that exposes millions of IoT devices to remote attacks. The iLnkP2P system allows users to remotely connect to their IoT devices using a mobile phone or a PC. Potentially affected IoT devices include cameras and smart doorbells. Pierluigi Paganini.

IoT

IoT Hacking Manufacturing Advertising

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Kilmer said Faceless has emerged as one of the underground’s most reliable malware-based proxy services, mainly because its proxy network has traditionally included a great many compromised “Internet of Things” devices — such as media sharing servers — that are seldom included on malware or spam block lists.

Malware

Malware Passwords Accountability Advertising

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. ’ ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Hacking DNS Authentication

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

The news is not surprising, unfortunately in many cases IoT devices, including IP cameras, are deployed without proper security measures. As worrying as it may seem, this comes as a clear reminder that when cameras are placed on the internet, they must be properly installed with security in mind. ” continues the article.

IoT

IoT Internet Internet Hacking

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

released June 21, 2014). Similar to the initial two zero-days, the compromised devices could exploit OS command injection vulnerabilities in NTP settings on the affected Internet of Things (IoT) and NVR devices. The vulnerability affects VioStor NVR Versions 5.0.0 and earlier (5.0.0

Firmware

Firmware Wireless DDOS IoT

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. A copy of the passport for Denis Emelyantsev, a.k.a. Denis Kloster, as posted to his Vkontakte page in 2019.

Cybercrime

Cybercrime Advertising IoT Malware

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Security Affairs

JULY 16, 2018

A security researcher discovered that the IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs. The IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs, the discovery was made by security researcher Ankit Anubhav, Principal Researcher at NewSky Security.

IoT

IoT Engineering Passwords Firmware

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers.

IoT

IoT Advertising DDOS Authentication

The 7 Biggest Cybersecurity Scoops from February 2015

SiteLock

AUGUST 27, 2021

Internet Explorer Vulnerability Discovered. Earlier this month, a security researcher discovered a major security flaw in Microsoft’s Internet Explorer browser. The Internet of Things and Cyber Security. Worst Passwords of 2014. You can read why Mark leaked the passwords here on his personal blog. You can read it here.

Passwords

Passwords Cybersecurity Internet Internet

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Architecture

Architecture IoT Malware Advertising

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Change the default username and passwords for all network devices, especially IoT devices. Pierluigi Paganini. SecurityAffairs – hacking, FBI).

DDOS

DDOS IoT Internet Internet

US House Passes IoT Cybersecurity Improvement Act

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Trending Sources

New Ttint IoT botnet exploits two zero-days in Tenda routers

Hacking IoT & RF Devices with BürtleinaBoard

Mozi Botnet is responsible for most of the IoT Traffic

EU to Force IoT, Wireless Device Makers to Improve Security

New Shodan Monitor service allows tracking Internet-Exposed devices

Kaiji, a new Linux malware targets IoT devices in the wild

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

The Growing Presence (and Security Risks) of IoT

5 IoT Security Predictions for 2019

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

TheMoon bot infected 40,000 devices in January and February

IoT devices at major Manufacturers infected with crypto-miner

FreeRTOS flaws expose millions of IoT devices to cyber attacks

A hacker has taken over at least 29 IoT botnets

BotenaGo botnet targets millions of IoT devices using 33 exploits

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Creator of multiple IoT botnets, including Satori, pleaded guilty

Massive increase in XorDDoS Linux malware in last six months

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Silex malware bricks thousands of IoT devices in a few hours

Torii botnet, probably the most sophisticated IoT botnet of ever

M2M protocols can be abused to attack IoT and IIoT systems

Evolution of threat landscape for IoT devices – H1 2018

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Gucci IOT Bot Discovered Targeting European Region

Chalubo, a new IoT botnet emerges in the threat landscape

Hacking the hackers – IOT botnet author adds his own backdoor on top of a ZTE router backdoor

Shellbot Botnet Targets IoT devices and Linux servers

Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

Giving a Face to the Malware Proxy Service ‘Faceless’

Hacking the Twinkly IoT Christmas lights

Hackers claim to have compromised 50,000 home cameras and posted footage online

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Administrator of RSOCKS Proxy Botnet Pleads Guilty

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

New Mirai variant includes exploit for a flaw in Comtrend Routers

The 7 Biggest Cybersecurity Scoops from February 2015

New HEH botnet wipes devices potentially bricking them

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Stay Connected