Architecture, Information Security and Internet

CTO of Center for Internet Security Expounds on Transforming InfoSec

SecureWorld News

NOVEMBER 9, 2022

We have so much change happening and we can drive it to happen in a more positive way to reduce the resource needs for organizations and actually scale security for businesses of all sizes.". Or is that just too much of a reach?

InfoSec

InfoSec Internet Internet Encryption

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

The second architectural flaw is related subscriber credentials that are checked on S-GW (SGSN) equipment by default. phone number) of a real subscriber and impersonate him to access the Internet. “On all tested networks, it was possible to use mobile Internet at the expense of both other subscribers and the operator.”

Mobile

Mobile Internet Internet Wireless

DEF CON 31 – Panel: Internet Censorship What Governments Have in Store for You

Security Boulevard

NOVEMBER 14, 2023

Permalink The post DEF CON 31 – Panel: Internet Censorship What Governments Have in Store for You appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Internet

Internet Internet Government Architecture

New NKAbuse malware abuses NKN decentralized P2P network protocol

Security Affairs

DECEMBER 15, 2023

The malicious code can target various architectures, it supports both flooder and backdoor capabilities. The primary target of NKAbuse is Linux desktops, however, it can target MISP and ARM architecture. The protocol enables secure and low-cost data transfer. ” reads the report published by Kaspersky.

Malware

Malware Architecture Technology DDOS

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

Researchers at Lumen’s Black Lotus Labs discovered a new malware family, named Cuttlefish, which targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data from internet traffic. The binary analyzed by the researchers is compiled for all major architectures used by SOHO operating systems.

Malware

Malware DNS Authentication Telecommunications

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. Effective implementation improves data throughput, system reliability, and overall security for any organization. or segregated as cloud or network attached storage (NAS).

Architecture

Architecture Network Security Firewall Risk

Firms with exposed IoT have a higher concentration of other security problems

SC Magazine

JANUARY 29, 2021

For example, companies with exposed IoT are more than 50% more likely to have email security issues, according to a new report and blog post from the Cyentia Institute and RiskRecon. But what does that correlation mean for chief information security officers? Let’s say you had a printer operating on the internet.

IoT

IoT Internet Internet CISO

NASA identified 1,785 cyber incidents in 2020

Security Affairs

MAY 27, 2021

“The cyber threat to NASA’s computer networks from internet-based intrusions is expanding in scope and frequency, and the success of these intrusions demonstrates the increasingly complex nature of cybersecurity challenges facing the Agency. . Pervasive weaknesses exist in NASA IT internal controls and risk management practices. •

Information Security

Information Security Cyber Attacks Mobile Architecture

Google Responds to Warrants for “About” Searches

Schneier on Security

OCTOBER 13, 2020

“We vigorously protect the privacy of our users while supporting the important work of law enforcement,” Google’s director of law enforcement and information security Richard Salgado told us. We have knowingly and willingly built the architecture of a police state, just so companies can show us ads.

Surveillance

Surveillance Wireless Accountability Architecture

DDoS attacks leverages Plex media server

SC Magazine

FEBRUARY 4, 2021

Indeed, what should be evaluated among chief information security officers “is the security posture of the home environment ,” said Roland Dobbins, Netscout principal engineer, who authored the report. “That includes the broadband internet access router.

DDOS

DDOS Media Engineering Architecture

New Go-based botnet Zerobot exploits dozens of flaws

Security Affairs

DECEMBER 7, 2022

Researchers discovered a new Go-based botnet called Zerobot that exploits two dozen security vulnerabilities IoT devices. Fortinet FortiGuard Labs researchers have discovered a new Go-based botnet called Zerobot that spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications.

IoT

IoT Architecture Internet Internet

The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

Security Affairs

AUGUST 5, 2022

It allows threat actors to target multiple architectures without requiring technical skills. “The platform currently supports Windows, Linux and Python-based payloads, allowing adversaries to target multiple architectures without requiring significant development resources.”

Architecture

Architecture DDOS Internet Internet

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. In the current version, each node cannot send control command to its peers.

Architecture

Architecture IoT Malware Advertising

Cloud Compliance Frameworks: Ensuring Data Security and Regulatory Adherence in the Digital Age

Centraleyes

MARCH 11, 2024

Enter cloud compliance frameworks—the mission control centers of the digital age—providing the necessary guidelines and protocols to avert crises and navigate the complexities of data security. What are Cloud Architecture Frameworks? It ensures that organizations establish a secure perimeter in the Azure cloud.

Architecture

Architecture Government Encryption Risk

New P2PInfect bot targets routers and IoT devices

Security Affairs

DECEMBER 4, 2023

Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botnet that targets routers, IoT devices, and other embedded devices. This variant has been compiled for the Microprocessor without Interlocked Pipelined Stages (MIPS) architecture. ” The new bot targets devices embedded with 32-bit MIPS processor.

IoT

IoT Architecture Malware Hacking

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

The Last Watchdog

MAY 19, 2022

As every computer security professional knows, if anything is on the Internet, it’s subject to increasingly sophisticated attacks. percent of CMS users worry about the security of their CMS—while 46.4 percent actually had a CMS security issue affect their content.

Data breaches

Data breaches Encryption Mobile Technology

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

DECEMBER 18, 2021

Devices running no longer supported firmware will not receive security updates in the future with the result that they will be more exposed to cyber-attacks. For this reason, it is essential to disconnect these devices from the internet, disable remote access, and use a strong, unique password.

Firmware

Firmware Architecture Internet Internet

Czech cyber-security agency warns over Huawei, ZTE security threat

Security Affairs

DECEMBER 18, 2018

. “The main issue is a legal and political environment of the People’s Republic of China, where (the) aforementioned companies primarily operate,” reads a statement issued by the Czech National Cyber and Information Security Agency. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Manufacturing

Manufacturing Internet Internet Advertising

New Go-written GobRAT RAT targets Linux Routers in Japan

Security Affairs

MAY 29, 2023

The Loader Script includes multiple functions, such as disabling Firewall, downloading GobRAT for the target machine’s architecture, creating Start Script and making it persistent, creating and running the Daemon Script, and registering a SSH public key in /root/.ssh/authorized_keys. ssh/authorized_keys.

Architecture

Architecture Malware Firewall Hacking

What do cybersecurity experts predict in 2022?

CyberSecurity Insiders

DECEMBER 24, 2021

As long-time information security professionals and (ISC)² Community Champions, we have experienced the way cybersecurity employees engage and work with one another continue to adapt in response to changes in the workplace and world at large. We suggest that all cybersecurity professionals be informed on these topics as they evolve.

Cybersecurity

Cybersecurity Ransomware VPN Architecture

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

More than a third (39%) used the microservice architecture. Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST. Most of the web applications were owned by companies based in Russia, China and the Middle East.

Passwords

Passwords Authentication Architecture Risk

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

The researchers warned that as of May 19, there were at least 42,000 instances of Zyxel devices on the public internet. Internet-wide sweeps seen by over 700 of our IKEv2 aware honeypot sensors, since May 26th. In June, researchers from Rapid7 also confirmed that they are tracking reports of ongoing exploitation of CVE-2023-28771.

DDOS

DDOS Firmware VPN Firewall

45,654 VMware ESXi servers reached End of Life on Oct. 15

Security Affairs

OCTOBER 17, 2022

IT Asset Management software provider Lansweeper has scanned the Internet for VMware ESXi servers and found over 45,000 instances that have reached end-of-life (EOL). There will be no architectural, performance improvements, or feature additions. Security patches are limited to one roll-up per year.”

Architecture

Architecture Cybercrime Software Internet

AT&T Cybersecurity’s managed SASE service wins CyberSecurity Breakthrough award

CyberSecurity Insiders

NOVEMBER 8, 2021

As organizations strive for excellence in digital transformation and face the realities of an accelerated push to remote work, they’ve been called to rethink their networking and cybersecurity architecture. SASE helps future-proof cybersecurity architecture by decoupling security control from the data center.

Cybersecurity

Cybersecurity Digital transformation Architecture Technology

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. The IT giant is tracking this cluster of threat activity as DEV-1061. The bot is saved using the filename “zero.”.

IoT

IoT DDOS Malware Firmware

Czech public radio says Huawei Czech Unit secretly collected data

Security Affairs

JULY 22, 2019

In December 2018, the Czech National Cyber and Information Security Agency warned against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. The Chinese firm was already excluded by several countries from building their 5G internet networks.

Manufacturing

Manufacturing Internet Internet Advertising

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet leverages a robust architecture based on a combination of third-party services, P2P, and Command & Control servers. This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices.

Architecture

Architecture DDOS Advertising Firmware

Golang-Based Botnet GoBruteforcer targets web servers

Security Affairs

MARCH 13, 2023

The botnet targets x86, x64 and ARM processor architectures, experts noticed that it relies on an internet relay chat (IRC) bot on the victim server to communicate with the attacker’s server. “Once a host is found, GoBruteforcer tries to get access to the server via brute force.

Passwords

Passwords Malware Architecture Authentication

Updated MATA attacks industrial companies in Eastern Europe

SecureList

OCTOBER 18, 2023

The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows executable malware by downloading files through an internet browser. Next, they were able to access the control panels of two security solutions simultaneously. The last one we named MATA gen.5

Malware

Malware Phishing Internet Internet

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

The Last Watchdog

OCTOBER 19, 2020

For organizations looking to improve their security posture, this is causing confusion and vendor fatigue, especially for companies that don’t have a full time Chief Information Security Officer. The vendors are well-intentioned.

eCommerce

eCommerce Cybersecurity B2B Marketing

Amadey malware spreads via software cracks laced with SmokeLoader

Security Affairs

JULY 25, 2022

Then the malware contacts the C2 and sends system information (i.e. computer name, user name, OS version, architecture type, list of installed anti-malware products) to the operators. Once the malware is installed, it can stay in the system to steal user information and download additional payloads.” Pierluigi Paganini.

Software

Software Malware Cybercrime VPN

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

Security Affairs

JULY 14, 2023

The experts discovered that the malicious code had been compiled for different architectures. On infected a router, the malware enumerates the victim’s SOHO router and sends that information back to a C2 server whose address is embedded in the code.

Malware

Malware Advertising Cybercrime Passwords

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

” Cyclops Blink is nation-state botnet with a modular architecture, it is written in the C language. Experts warn of an increase of IoT attacks on a global scale, making internet routers one of the primary targets.

IoT

IoT Firewall Malware Internet

Security Affairs newsletter Round 380

Security Affairs

AUGUST 20, 2022

CISA added 7 new flaws to its Known Exploited Vulnerabilities Catalog TA558 cybercrime group targets hospitality and travel orgs Russia-linked Cozy Bear uses evasive techniques to target Microsoft 365 users CISA added SAP flaw to its Known Exploited Vulnerabilities Catalog A flaw in Amazon Ring could expose user’s camera recordings Cisco fixes High-Severity (..)

DDOS

DDOS Architecture Malware Cybercrime

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Security Affairs

DECEMBER 17, 2018

In November 2018, the Wall Street Journal reported that the US Government is urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures. Huawei was already excluded by several countries from building their 5G internet networks.

Technology

Technology Internet Internet Advertising

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. Then the script downloads the actual Enemybot binary which is compiled for the target device’s architecture. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

DDOS

DDOS Architecture Malware Cybercrime

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

Director of Information Security, State of Colorado Governor's Office of Information Technology; and Toby Zimmerer, Sr. Protecting the key, both at rest and in use, is part of a larger security strategy in how to implement cryptography into any application. Demand and Delivery Director, Optiv.

Encryption

Encryption Technology Risk Architecture

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

The campaign was uncovered by CrowdStrike by investigating a series of security incidents in multiple countries, the security firm added that the threat actors show an in-depth knowledge of telecommunications network architectures. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

SecureWorld News

JANUARY 4, 2024

This agent gathers data about the user's actions, such as keystrokes, mouse clicks, application usage, and internet activity. The information is sent to a server for analysis. From an information security department's perspective, the more data collected on employee actions, the more effectively potential incidents can be investigated.

Data collection

Data collection Artificial Intelligence Surveillance Risk

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

The seller published multiple ads in multiple hacking forums and also offered access to a sample of the stolen info, including blueprints and PII.

Engineering

Engineering Telecommunications Wireless Data breaches

New Go-based Redigo malware targets Redis servers

Security Affairs

DECEMBER 1, 2022

The attack chain starts with scans for the Redis server exposing port 6379 to the internet, then threat actors attempt to connect and run the following Redis commands: INFO command – this command allows adversaries to receive information about our Redis server. ” reads the analysis published by AquaSec.

Malware

Malware DDOS Architecture Cryptocurrency

Five Eyes agencies warn of attacks on MSPs

Security Affairs

MAY 12, 2022

Improve security of vulnerable devices. Protect internet-facing services Defend against brute force and password spraying Defend against phishing. Manage internal architecture risks and segregate internal networks. Below is the list of recommendations included in the guidance: Prevent initial compromise.

Authentication

Authentication Accountability Architecture Backups

Utopia P2P Messenger Update Brings Most Awaited Features

Hackology

DECEMBER 11, 2023

Are you tired of messaging apps that compromise your privacy and security? With its decentralized and private peer-to-peer architecture , Utopia ensures that your data transmission and storage are free from any central server involvement. Look no further than Utopia P2P Messenger Mobile App!

Mobile

Mobile Encryption Architecture Cryptocurrency

CTO of Center for Internet Security Expounds on Transforming InfoSec

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Trending Sources

DEF CON 31 – Panel: Internet Censorship What Governments Have in Store for You

New NKAbuse malware abuses NKN decentralized P2P network protocol

Updated Kmsdx botnet targets IoT devices

Cuttlefish malware targets enterprise-grade SOHO routers

Network Security Architecture: Best Practices & Tools

Firms with exposed IoT have a higher concentration of other security problems

NASA identified 1,785 cyber incidents in 2020

Google Responds to Warrants for “About” Searches

DDoS attacks leverages Plex media server

New Go-based botnet Zerobot exploits dozens of flaws

The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

New HEH botnet wipes devices potentially bricking them

Cloud Compliance Frameworks: Ensuring Data Security and Regulatory Adherence in the Digital Age

New P2PInfect bot targets routers and IoT devices

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

Western Digital customers have to update their My Cloud devices to latest firmware version

Czech cyber-security agency warns over Huawei, ZTE security threat

New Go-written GobRAT RAT targets Linux Routers in Japan

What do cybersecurity experts predict in 2022?

Top 10 web application vulnerabilities in 2021–2023

Multiple DDoS botnets were observed targeting Zyxel devices

45,654 VMware ESXi servers reached End of Life on Oct. 15

AT&T Cybersecurity’s managed SASE service wins CyberSecurity Breakthrough award

A new Zerobot variant spreads by exploiting Apache flaws

Czech public radio says Huawei Czech Unit secretly collected data

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Golang-Based Botnet GoBruteforcer targets web servers

Updated MATA attacks industrial companies in Eastern Europe

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

Amadey malware spreads via software cracks laced with SmokeLoader

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs newsletter Round 380

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Enemybot, a new DDoS botnet appears in the threat landscape

Quantum Computing: A Looming Threat to Organizations and Nation States

China-linked LightBasin group accessed calling records from telcos worldwide

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

New Go-based Redigo malware targets Redis servers

Five Eyes agencies warn of attacks on MSPs

Utopia P2P Messenger Update Brings Most Awaited Features

Stay Connected