2019, DNS, Firewall and Information Security

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

MAY 1, 2024

The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophisticated DNS activities since 2019 to bypass traditional security measures and probe networks worldwide.

DNS

DNS Firewall DDOS Hacking

Cyber Defense Magazine – September 2019 has arrived. Enjoy it!

Security Affairs

SEPTEMBER 4, 2019

Cyber Defense Magazine September 2019 Edition has arrived. In addition, we’re shooting for 7x24x365 uptime as we continue to scale with improved Web App Firewalls, Content Deliver Networks (CDNs) around the Globe, Faster and More Secure DNS and CyberDefenseMagazineBackup.com up and running as an array of live mirror sites.

DNS

DNS Advertising Firewall Mobile

Cyber Defense Magazine – August 2019 has arrived. Enjoy it!

Security Affairs

AUGUST 1, 2019

Cyber Defense Magazine August 2019 Edition has arrived. In addition, we’re shooting for 7x24x365 uptime as we continue to scale with improved Web App Firewalls, Content Deliver Networks (CDNs) around the Globe, Faster and More Secure DNS and CyberDefenseMagazineBackup.com up and running as an array of live mirror sites.

DNS

DNS Advertising Firewall Mobile

Cyber Defense Magazine – July 2019 has arrived. Enjoy it!

Security Affairs

JULY 1, 2019

Cyber Defense Magazine July 2019 Edition has arrived. Cyber Defense Magazine July 2019 Edition has arrived. Tips, tricks, ideas, secrets and insider information on the best practices in cybersecurity. The post Cyber Defense Magazine – July 2019 has arrived. appeared first on Security Affairs.

DNS

DNS Advertising Firewall Mobile

Black Hat USA 2021 Network Operations Center

Cisco Security

AUGUST 12, 2021

This requires a robust connection to the Internet (Lumen and Gigamon), firewall protection (Palo Alto Networks), segmented wireless network (Commscope Ruckus) and network full packet capture & forensics and SIEM (RSA NetWitness); with Cisco providing cloud-based security and intelligence support. From Russia With Love. urlscan.io.

DNS

DNS Firewall Phishing Mobile

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

The experts are monitoring the Mirai-based botnet since November 2019 and observed it exploiting two Tenda router 0-day vulnerabilities to spread a Remote Access Trojan (RAT). ” When the botnet was first detected in 2019, experts noticed it was exploiting the Tenda zero-day flaw tracked as CVE-2020-10987.

IoT

IoT Firmware DNS Advertising

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security Affairs

JULY 30, 2019

A remote attacker can exploit the flaws to bypass networking and security devices powered with the OS. “As an example of this scenario, consider how such an attack can take over the SonicWall firewall, which runs on the impacted VxWorks OS.” ” Scenario 2 – Attacking from Outside the Network Bypassing Security.

Risk

Risk IoT Firewall DNS

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Data breaches

Data breaches DNS Advertising Engineering

PurpleFox botnet variant uses WebSockets for more secure C2 communication

Security Affairs

OCTOBER 20, 2021

The package also sets two registry values under the key “HKLMSYSTEMCurrentControlSetControlSession Manager” and runs a.vbs script that creates a Windows firewall rule to block incoming connections on ports 135, 139, and 445. . The final backdoor is a DLL file protected by the VMProtect.

Encryption

Encryption DNS Architecture Firewall

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Data breaches

Data breaches DNS Advertising Engineering

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. The campaign was uncovered by CrowdStrike by investigating a series of security incidents in multiple countries, the security firm added that the threat actors show an in-depth knowledge of telecommunications network architectures.

Telecommunications

Telecommunications Mobile Hacking Architecture

Black Hat USA 2022 Continued: Innovation in the NOC

Cisco Security

AUGUST 29, 2022

25+ Years of Black Hat (and some DNS stats), by Alejo Calaoagan. Cisco is a Premium Partner of the Black Hat NOC , and is the Official Wired & Wireless Network Equipment, Mobile Device Management, DNS (Domain Name Service) and Malware Analysis Provider of Black Hat. Meraki syslogs into NetWitness SIEM and Palo Alto Firewall.

DNS

DNS Wireless Malware Firewall

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. lazydocker : A simple terminal UI for both docker and docker-compose : [link] pic.twitter.com/HsK17rzg8m — Binni Shah (@binitamshah) July 1, 2019. Street @jaysonstreet.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

As of now, the information security industry is at the outset of implementing SBOM for software products. Whether it’s a VPN , firewall , or remote access server, unauthorized entry via network gateways is a problem. Also Read: How to Prevent DNS Attacks. Supply Chain Attacks.

Software

Software Firmware DNS VPN

Black Hat USA 2023 NOC: Network Assurance

Cisco Security

AUGUST 28, 2023

XDR (eXtended Detection and Response) Integrations At Black Hat USA 2023, Cisco Secure was the official Mobile Device Management, DNS (Domain Name Service) and Malware Analysis Provider. For example, an IP tried AndroxGh0st Scanning Traffic against the Registration server, blocked by Palo Alto Networks firewall.

Wireless

Wireless DNS Mobile Technology

Black Hat USA 2022: Creating Hacker Summer Camp

Cisco Security

AUGUST 29, 2022

Cisco Meraki already donated 45 access points (APs), seven MS switches, and two Meraki MX security and SD-WAN appliances to Black Hat, for regional conferences. Lesson 4: Extreme security by default where you can control the end point. Umbrella DNS : Christian Clasen and Alejo Calaoagan. Do not compromise when dealing with PPI.

Engineering

Engineering Wireless Malware DNS

Cyber Security Informer

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Cyber Defense Magazine – September 2019 has arrived. Enjoy it!

Trending Sources

Cyber Defense Magazine – August 2019 has arrived. Enjoy it!

Cyber Defense Magazine – July 2019 has arrived. Enjoy it!

Black Hat USA 2021 Network Operations Center

New Ttint IoT botnet exploits two zero-days in Tenda routers

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

PurpleFox botnet variant uses WebSockets for more secure C2 communication

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

China-linked LightBasin group accessed calling records from telcos worldwide

Black Hat USA 2022 Continued: Innovation in the NOC

Top Cybersecurity Accounts to Follow on Twitter

The Biggest Lessons about Vulnerabilities at RSAC 2021

Black Hat USA 2023 NOC: Network Assurance

Black Hat USA 2022: Creating Hacker Summer Camp

Stay Connected