DNS, Internet and IoT - Cyber Security Informer

MikroTik botnet relies on DNS misconfiguration to spread malware

Security Affairs

JANUARY 16, 2025

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware.

DNS

DNS Malware Firmware Authentication

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets very complex for normal people very quickly.

IoT

IoT Firmware Risk Encryption

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

MARCH 28, 2019

Related: IoT botnets now available for economical DDoS blasts. The author of Mirai used a sledgehammer to kill a fly: the DDoS bombardment was so large that it also wiped out Dyn , a UK-based internet performance vendor. Today, the potential for so-called DNS reflective attacks has become pervasive. A10 Networks’ report found 6.3

DDOS

DDOS IoT DNS Internet

IoT Inspector Tool from Princeton

Schneier on Security

MAY 1, 2018

Researchers at Princeton University have released IoT Inspector , a tool that analyzes the security and privacy of IoT devices by examining the data they send across the Internet. They've already used the tool to study a bunch of different IoT devices. QuickDDNS is a Dynamic DNS service provider operated by Dahua.

IoT

IoT Manufacturing Encryption DNS

Here’s how anyone with $20 can hire an IoT botnet to blast out a week-long DDoS attack

The Last Watchdog

AUGUST 27, 2018

Distributed denial of service (DDoS) attacks continue to erupt all across the Internet showing not the faintest hint of leveling off, much less declining, any time soon. Related video: How DDoS attacks leverage the Internet’s DNA. This is borne out by Akamai Technologies’ Summer 2018 Internet Security/Web Attack Report.

DDOS

DDOS IoT Digital transformation Internet

A DNS flaw impacts a library used by millions of IoT devices

Security Affairs

MAY 3, 2022

A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products.

DNS

DNS IoT Hacking Cybersecurity

Unfixed vulnerability in popular library puts IoT products at risk

Malwarebytes

MAY 4, 2022

Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform DNS poisoning attacks against a target device. DNS poisoning. In a typical home setup, there is: A modem provided by your Internet Service Provider (ISP) which is your connection to the outside world.

IoT

IoT DNS Risk Internet

DNSSEC: The Secret Weapon Against DNS Attacks

Security Boulevard

NOVEMBER 9, 2021

The domain name system (DNS) is known as the phone book of the internet, quickly connecting users from their devices to their desired content. The post DNSSEC: The Secret Weapon Against DNS Attacks appeared first on Security Boulevard. In April 2021, a troubling report indicated that an.

DNS

DNS Internet Internet IoT

New TCP/IP Vulnerabilities Expose IoT, OT Systems

eSecurity Planet

JANUARY 6, 2021

Forescout Research Labs last month released a 14-page white paper and a 47-page research report detailing 33 vulnerabilities affecting millions of Internet of Things (IoT), Operational Technology (OT), and IT devices. The four TCP/IP protocol layers are the link layer, internet layer , transport layer, and application layer.

IoT

IoT DNS Internet Internet

HomePwn: Swiss Army Knife for Penetration Testing of IoT Devices

Hacker's King

NOVEMBER 2, 2024

You probably know about Netcat a Swiss Army Knife for networking pen-testing tool for hackers and cybersecurity experts, but what if you get something like that for Internet Of Things (IoT) devices to test their security before an actual hacker does. Specific modules for the technology to be audited.

Penetration Testing

Penetration Testing IoT Technology DNS

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only been growing ever since. Telnet, the overwhelmingly popular unencrypted IoT text protocol, is the main target of brute-forcing.

IoT

IoT DDOS Passwords Malware

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. Pierluigi Paganini.

IoT

IoT Firmware Advertising DNS

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.”

Internet

Internet Internet DNS Telecommunications

DNS hijacking campaigns target Gmail, Netflix, and PayPal users

Security Affairs

APRIL 6, 2019

Security experts at Bad Packets uncovered a DNS hijacking campaign that is targeting the users of popular online services, including Gmail, Netflix, and PayPal. Hackers compromised consumer routers and modified the DNS settings to redirect users to fake websites designed to trick victims into providing their login credentials.

DNS

DNS Advertising Internet Internet

NAME:WRECK, a potential IoT trainwreck

Malwarebytes

APRIL 13, 2021

A set of vulnerabilities has been found in the way a number of popular TCP/IP stacks handle DNS requests. Yes, the researchers found 9 DNS-related vulnerabilities that have the potential to allow attackers to take targeted devices offline or to gain control over them. Basically, you could say DNS is the phonebook of the internet.

IoT

IoT DNS Internet Internet

NAME:WRECK DNS Bugs: What You Need to Know

Security Boulevard

MAY 10, 2021

For most internet users, there’s not much of a perceivable difference between the domain name they want to visit and the server that the domain queries. That’s because the Domain Name System (DNS) protocol does a good job of seamlessly routing users to different IP addresses that are all associated with a single domain name. […]… Read More.

DNS

DNS Internet Internet IoT

Inside Mirai the infamous IoT Botnet: A Retrospective Analysis

Elie

DECEMBER 2, 2017

This post provides a retrospective analysis of Mirai — the infamous Internet-of-Things botnet that took down major websites via massive distributed denial-of-service using hundreds of thousands of compromised Internet-Of-Things devices. At its peak, Mirai enslaved over 600,000 vulnerable IoT devices, according to our measurements.

IoT

IoT DDOS Internet Internet

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. The experts demonstrated the remote management of the Twinkly lights carrying out the DNS rebinding attack technique. Pierluigi Paganini. SecurityAffairs – SDUSD , data breach).

IoT

IoT Hacking DNS Authentication

M2M protocols can be abused to attack IoT and IIoT systems

Security Affairs

DECEMBER 4, 2018

Security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. attackers abuse M2M protocols to target IoT and IIoT devices. According to a study conducted by experts from Trend Micro and the Polytechnic University of Milan.

IoT

IoT Internet Internet Advertising

DNS Vulnerabilities Expose Millions of Internet-Connected Devices to Attack

Dark Reading

APRIL 13, 2021

Researchers uncover a fresh set of nine vulnerabilities in four TCP/IP stacks that are widely used in everything from powerful servers and firewalls to consumer IoT products.

DNS

DNS Internet Internet IoT

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. The IoT malware ran only on systems with an x86 architecture. Securi ty Affairs – Chalubo, IoT botnet). ” reads the analysis from Sophos Labs.

IoT

IoT DDOS Malware Architecture

A 3-Tiered Approach to Securing Your Home Network

Daniel Miessler

MAY 8, 2020

A lot of people are thinking about the security of their home network right now, and as one of the project leaders on the OWASP Internet of Things Security Project , I wanted to provide three levels of security you can do at home. Next come your social media accounts, and then any accounts that control IoT systems in your house.

Passwords

Passwords DNS Accountability IoT

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

Since Linux is deployed on many IoT (Internet of Things) devices and cloud infrastructures, we are likely to see DDoS (distributed denial-of-system) attacks from botnets that have compromised such devices. Security IoT devices. If you have an IoT device at home, know there are ways to secure it. Stay safe!

Malware

Malware IoT DDOS DNS

The Importance Of Secure DNS In Enterprise Security Strategy

Security Boulevard

JUNE 13, 2024

In today’s hyper-connected world, with the proliferation of applications and devices, has transformed the way we interact with the internet. From the rise in applications across cloud and containers, connected IoT devices to cloud services and mobile apps, the demand for secure and reliable connectivity is imperative.

DNS

DNS IoT Mobile Internet

Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date

Security Affairs

NOVEMBER 15, 2021

The attack was launched by a Mirai botnet variant composed of 15,000 bots, it combined DNS amplification attacks and UDP floods. The botnet included Internet of Things (IoT) devices and GitLab instances. “This was a multi-vector attack combining DNS amplification attacks and UDP floods.

DDOS

DDOS DNS IoT Internet

Why Governments Worldwide Recommend Protective DNS

Security Boulevard

AUGUST 7, 2024

HYAS Protect protective DNS uses advanced data analytics to proactively block cyber threats, a feature unavailable in legacy systems relying on static DNS filtering. AV-TEST , one of the cybersecurity industry’s most trusted evaluators, rates HYAS as the most effective protective DNS solution on the market. What Is HYAS Protect?

DNS

DNS Government Cyber threats IoT

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

Security Affairs

APRIL 24, 2020

The Hoaxcalls IoT botnet expanded the list of targeted devices and has added new distributed denial of service (DDoS) capabilities. The botnet was initially designed to launch DDoS attacks using UDP, DNS and HEX floods. SecurityAffairs – Hoaxcalls, IoT botnet). Both vulnerabilities have been rated as critical severity (i.e

DDOS

DDOS IoT Advertising DNS

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Security Affairs

OCTOBER 1, 2018

Attackers have already hijacked over 100,000 home routers, the malicious code allows to modify DNS settings to hijack the traffic and redirect users to phishing websites. GhostDNS reminds us of the infamous DNSChanger malware that made the headlines for its ability to change DNS settings on the infected device.

DNS

DNS Malware Firmware Phishing

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Change the default username and passwords for all network devices, especially IoT devices.

DDOS

DDOS IoT Internet Internet

A Reactive Cybersecurity Strategy Is No Strategy at All

CyberSecurity Insiders

MAY 18, 2022

But what are your options for proactive protection when the notion of a walled-in network has been shattered by the proliferation of new IoT devices, growth of cloud services, and new hybrid work from home models? So why aren’t more organizations taking advantage of protective DNS? The issue likely comes down to awareness.

DNS

DNS Cybersecurity CISO Social Engineering

Research Uncovers Massive Number of IoT and IIoT Vulnerabilities

SecureWorld News

JUNE 17, 2020

New research from Israeli security firm JSOF recently found vulnerabilities in millions of critical Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices in a range of fields and industries. Iot and IIoT security risks. Iot and IIoT security risk mitigation.

IoT

IoT Energy and Utilities Internet Internet

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Now researchers from Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT have monitored a new evolution of the threat that extent the list of targets. .

IoT

IoT DNS Manufacturing Firmware

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security Affairs

JULY 30, 2019

It is quite easy to find Wind River VxWorks in IoT devices, including webcam, network appliances, VOIP phones, and printers. Even a device that is reaching outbound to the internet could be attacked and taken over. In this scenario, an attacker inside a network can compromise connected IoT devices powered with VxWorks.

Risk

Risk IoT Firewall DNS

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

In early 2019, researchers spotted a new TrickBot backdoor framework dubbed Anchor that was using the anchor_dns tool for abusing the DNS protocol for C2 communications. TrickBot is a popular banking Trojan that has been around since October 2016, its authors have continuously upgraded it by implementing new features.

Healthcare

Healthcare Ransomware Cybercrime Advertising

MY TAKE: RSAC 2024’s big takeaway: rules-based security is out; contextual security is taking over

The Last Watchdog

MAY 13, 2024

This has resulted in the intensifying of companies’ reliance on cloud services delivered at via smartphones, web browsers and IoT devices. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. Add to this the wild card of GenAI/LLM.

Artificial Intelligence

Artificial Intelligence Technology Accountability DNS

Q&A: Accedian’s Michael Rezek on using ‘Network Traffic Analysis’ to defend hybrid networks

The Last Watchdog

MARCH 26, 2020

So I may have a frontend web-tier server in one location, a backend database server in another location and application-tier server in yet another location, all hitting DNS servers. One of the benefits of 5G and IoT, for instance, is hyper connectivity. And applications, themselves, are being delivered in a complex, multi-tier fashion.

IoT

IoT Encryption DNS Firewall

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. In some cases the router is reconfigured to use rogue DNS servers, which redirect victims to phishing pages that closely look like real online banking sites.

DNS

DNS Passwords Advertising Banking

TrickBot operators employ Linux variants in attacks after recent takedown

Security Affairs

OCTOBER 28, 2020

Microsoft announced to have taken down 62 of the original 69 TrickBot C&C servers, seven servers that could not be brought down last week were Internet of Things (IoT) devices. At the end of 2019, researchers spotted a new TrickBot backdoor framework dubbed Anchor that was using the DNS protocol for C2 communications.

DNS

DNS Banking Advertising Malware

Exploring OSINT Tools: How Ethical Hackers Gather Intelligence

Hacker's King

OCTOBER 12, 2024

OSINT allows hackers to leverage data from the internet, social media, databases, and other open channels to uncover potential vulnerabilities. Maltego works by using "transforms" to extract data from a range of online sources such as DNS records, whois databases, social media, and web pages. Why Use Maltego? Why Use Shodan?

Media

Media Penetration Testing DNS Internet

News alert: Criminal IP and Quad9 collaborate to exchange domain and IP threat intelligence

The Last Watchdog

MAY 13, 2024

This process not only safeguards computers, mobile devices, and IoT systems from a diverse array of threats like malware, phishing, spyware, and botnets, ensuring privacy, but also optimizes performance.

DNS

DNS Cyber threats Engineering Spyware

IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

Security Affairs

DECEMBER 14, 2024

Iran-linked threat actors target IoT and OT/SCADA systems in US and Israeli infrastructure with IOCONTROL malware. Claroty’s Team82 obtained a sample of a custom-built IoT/OT malware called IOCONTROL used by the Iran-linked threat actors to target devices in infrastructure located in Israel and U.S. d/S93InitSystemd.sh.

IoT

IoT Malware DNS Antivirus

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

eSecurity Planet

JANUARY 28, 2022

The DDoS assault used multiple attack vectors for User Datagram Protocol (UDP) reflection, including Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP). IoT Devices Multiply Attacks. Two Other Big DDoS Attacks.

DDOS

DDOS IoT Engineering Internet

Best Distributed Denial of Service (DDoS) Protection Tools

eSecurity Planet

JANUARY 14, 2022

“Since the barrier-to-entry for threat actors is now lower than ever with easily accessible DDoS-for-hire services and IP stressers, compromised IoT devices can and will drive this growth,” said Charles Choe, Senior Product Marketing Manager at Akamai. Protects websites, networks, DNS and individual IPs. Cloudflare.

DDOS

DDOS DNS Firewall Media

Security Affairs newsletter Round 328

Security Affairs

AUGUST 22, 2021

million customers Adobe addresses two critical vulnerabilities in Photoshop Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR Kalay cloud platform flaw exposes millions of IoT devices to hack Fortinet FortiWeb OS Command Injection allows takeover servers remotely 1.9

Data breaches

Data breaches Mobile Ransomware Hacking

MikroTik botnet relies on DNS misconfiguration to spread malware

IoT Unravelled Part 3: Security

Trending Sources

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

IoT Inspector Tool from Princeton

Here’s how anyone with $20 can hire an IoT botnet to blast out a week-long DDoS attack

A DNS flaw impacts a library used by millions of IoT devices

Unfixed vulnerability in popular library puts IoT products at risk

DNSSEC: The Secret Weapon Against DNS Attacks

New TCP/IP Vulnerabilities Expose IoT, OT Systems

HomePwn: Swiss Army Knife for Penetration Testing of IoT Devices

Overview of IoT threats in 2023

New Ttint IoT botnet exploits two zero-days in Tenda routers

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

DNS hijacking campaigns target Gmail, Netflix, and PayPal users

NAME:WRECK, a potential IoT trainwreck

NAME:WRECK DNS Bugs: What You Need to Know

Inside Mirai the infamous IoT Botnet: A Retrospective Analysis

Hacking the Twinkly IoT Christmas lights

M2M protocols can be abused to attack IoT and IIoT systems

DNS Vulnerabilities Expose Millions of Internet-Connected Devices to Attack

Chalubo, a new IoT botnet emerges in the threat landscape

A 3-Tiered Approach to Securing Your Home Network

Massive increase in XorDDoS Linux malware in last six months

The Importance Of Secure DNS In Enterprise Security Strategy

Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date

Why Governments Worldwide Recommend Protective DNS

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

FBI warns cyber actors abusing protocols as new DDoS attack vectors

A Reactive Cybersecurity Strategy Is No Strategy at All

Research Uncovers Massive Number of IoT and IIoT Vulnerabilities

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

MY TAKE: RSAC 2024’s big takeaway: rules-based security is out; contextual security is taking over

Q&A: Accedian’s Michael Rezek on using ‘Network Traffic Analysis’ to defend hybrid networks

For nearly a year, Brazilian users have been targeted with router attacks

TrickBot operators employ Linux variants in attacks after recent takedown

Exploring OSINT Tools: How Ethical Hackers Gather Intelligence

News alert: Criminal IP and Quad9 collaborate to exchange domain and IP threat intelligence

IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

Best Distributed Denial of Service (DDoS) Protection Tools

Security Affairs newsletter Round 328

Stay Connected