Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
December 7, 2017 4:06 AM
|
According to security researchers, a new IoT botnet has quietly hijacked more than 100,000 routers, readying them for paralysing distributed denial-of-service attacks against websites.
The botnet, which some researchers have dubbed “Satori” (a name given to supernatural mind-reading monsters in Japanese folklore), has increased its activity in recent days – propagating very quickly via a zero-day remote code execution vulnerability in Huawei Home Gateway or Huawei’s Echolife Home Gateway devices, and an already documented vulnerability in Realtek routers.
The exploitation of vulnerabilities allows the botnet to infect routers even when they have been secured with strong passwords.
Through the attack, an army of hundreds of thousands of routers are thought to have been commandeered into the botnet. Some commentators have even suggested that over 280,000 IP addresses have been compromised by the attack in just 12 hours.
Like the Reaper IoT botnet before it, Satori is built on the foundations of the notorious Mirai botnet which knocked major websites offline last year, and whose source code was released onto the internet. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Satori+botnet https://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet https://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet&tag=Mirai+Botnet
|
Scooped by
Gust MEES
October 24, 2017 9:43 AM
|
|
Scooped by
Gust MEES
May 11, 2017 9:29 AM
|
|
Scooped by
Gust MEES
April 10, 2017 11:34 AM
|
In its 2017 malware forecast, SophosLabs warned that attackers would increasingly target devices connected to the Internet of Things (IoT) – everything from webcams to internet-connecting household appliances. Late last week, we saw another example of how the trend is playing out.
Security vendor Radware warned that malware called BrickerBot is in the wild, designed to brick IoT devices by damaging their storage capability and scrambling kernel parameters. The company detected two versions of the malware in its honeypot servers – BrickerBot.1 and BrickerBot.2. The first attacks were detected March 20, targeting Linux-based IoT devices running the BusyBox toolkit. The honeypot recorded 1,895 PDoS (Permanent Denial of Service) attempts by BrickerBot from several locations around the world over four days.
To block the attack, Radware recommended users:
Change the device’s factory default credentials. Disable Telnet access to the device. Network Behavioral Analysis can detect anomalies in traffic and combine with automatic signature generation for protection. User/Entity behavioral analysis (UEBA) to spot granular anomalies in traffic early. An IPS should block Telnet default credentials or reset telnet connections. Use a signature to detect the provided command sequences. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things
|
Scooped by
Gust MEES
March 14, 2017 1:24 PM
|
|
Scooped by
Gust MEES
February 14, 2017 5:17 AM
|
|
Scooped by
Gust MEES
January 24, 2017 10:28 AM
|
|
Scooped by
Gust MEES
November 29, 2016 11:31 AM
|
|
Scooped by
Gust MEES
November 7, 2016 7:54 AM
|
|
Scooped by
Gust MEES
November 3, 2016 2:05 PM
|
One of the largest distributed denial-of-service attacks happened this week and almost nobody noticed.
Since the cyberattack on Dyn two weeks ago, the internet has been on edge, fearing another massive attack that would throw millions off the face of the web. The attack was said to be upwards of 1.1 Tbps -- more than double the attack a few weeks earlier on security reporter Brian Krebs' website, which was about 620 Gbps in size, said to be one of the largest at the time. The attack was made possible by the Mirai botnet, an open-source botnet that anyone can use, which harnesses the power of insecure Internet of Things devices.
This week, another Mirai botnet, known as Botnet 14, began targeting a small, little-known African country, sending it almost entirely offline each time.
Security researcher Kevin Beaumont, who was one of the first to notice the attacks and wrote about what he found, said that the attack was one of the largest capacity botnets ever seen. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Mirai+Botnet http://www.scoop.it/t/securite-pc-et-internet/?tag=wearables https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/ http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/ http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars
|
Scooped by
Gust MEES
October 25, 2016 3:48 AM
|
Der Bot im Babyfon24. Oktober 2016 | Am Freitag vergangener Woche waren die Webseiten von Internetriesen wie Amazon, Twitter, PayPal oder Netflix über Stunden nur schwierig zu erreichen. Grund war eine digitale Attacke auf den Internetdienstleister Dyn. Dessen Aufgabe ist, die Domain-Namen wie amazon.com in die dazugehörigen IP-Adressen zu übersetzen. Mit einer sogenannten DDoS-Attacke, also dem massenhaften wiederholten Anfragen des Dienstes, wurde dieser derart überlastet, dass er unter der Last zusammenbrach und in der Folge die Webseiten seiner Kunden nicht erreichbar waren. Derartige Angriffe werden in der Regel mit Hilfe von sogenannten Botnetzen durchgeführt. Diese bestehen üblicherweise aus zahlreichen internetfähigen Geräten wie Computer, Smartphones oder Tablets, die mit Schadsoftware infiziert sind und durch diese - vom Nutzer unbemerkt - fremdgesteuert werden können. Neu an diesem Angriff ist, dass er mit einem Botnetz durchgeführt wurde, das zu großen Teilen aus mit dem Internet verbundenen Haushaltsgeräten (IoT-Geräte) besteht. Das sogenannte Mirai-Botnetz hat dabei auf Grund der großen Anzahl der Geräte eine Bandbreite erreicht, die weit über die bisher bekannter Botnetze hinausgeht. Die Netzwerkkameras, Babyfone oder Kühlschränke, die bereits zum Botnetz gehören, scannen offenbar selbstständig das Internet nach weiteren Geräten, um sie mit Schadsoftware zu infizieren und dem Botnetz hinzuzufügen. Das Mirai-Botnetz wächst also stetig weiter. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things
|
Scooped by
Gust MEES
October 24, 2016 12:27 PM
|
|
Scooped by
Gust MEES
October 14, 2016 10:59 AM
|
|
|
Scooped by
Gust MEES
December 6, 2017 9:31 PM
|
A new massive IoT (Internet of Things) botnet dubbed Satori has emerged, which security researchers fear, can launch crippling attacks at any time. The botnet has reportedly already infected over 280,000 IP addresses in just 12 hours, enslaving hundreds of thousands of home routers by exploiting a recently discovered zero-day vulnerability.
Satori, which reportedly means "awakening" in Japanese, is actually the infamous Mirai botnet's successor. Since Mirai's authors made the botnet's source code public last year, cybercriminals have been pushing out new variants of Mirai. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet http://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet&tag=Mirai+Botnet
|
Scooped by
Gust MEES
October 23, 2017 1:26 PM
|
|
Scooped by
Gust MEES
April 26, 2017 4:42 AM
|
INTERNET OF THINGS: Bricker Bot soll 2 Millionen IoT-Geräte zerstört haben Wie weit darf der Kampf gegen unsichere IoT-Geräte gehen? Diese Frage wird spätestens seit Aufkommen der Bricker-Bot-Software diskutiert. Der mutmaßliche Entwickler sagt: Ich habe 2 Millionen unsichere Geräte aus dem Netz entfernt.
Der Kampf gegen unsichere IoT-Geräte im Netz geht weiter: Sicherheitsforscher haben in den vergangenen Tagen erneut Aktivitäten des sogenannten Bricker Bots beobachtet - eine umstrittene Software, die unsicher konfigurierte Internet-of-Things-Geräte im Netz aufspürt und unschädlich machen soll, damit diese nicht in Botnetzen wie Mirai eingesetzt werden können.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=Amnesia&tag=BrickerBot
|
Scooped by
Gust MEES
April 7, 2017 11:33 AM
|
Researchers have uncovered a rash of ongoing attacks designed to damage routers and other Internet-connected appliances so badly that they become effectively inoperable.
PDoS attack bots (short for "permanent denial-of-service") scan the Internet for Linux-based routers, bridges, or similar Internet-connected devices that require only factory-default passwords to grant remote administrator access. Once the bots find a vulnerable target, they run a series of highly debilitating commands that wipe all the files stored on the device, corrupt the device's storage, and sever its Internet connection. Given the cost and time required to repair the damage, the device is effectively destroyed, or bricked, from the perspective of the typical consumer.
Over a four-day span last month, researchers from security firm Radware detected roughly 2,250 PDoS attempts on devices they made available in a specially constructed honeypot. The attacks came from two separate botnets—dubbed BrickerBot.1 and BrickerBot.2—with nodes for the first located all around the world. BrickerBot.1 eventually went silent, but even now the more destructive BrickerBot.2 attempts a log-on to one of the Radware-operated honeypot devices roughly once every two hours. The bots brick real-world devices that have the telnet protocol enabled and are protected by default passwords, with no clear sign to the owner of what happened or why. Learn more / En savoir plus / Mehr erfahren:
|
Scooped by
Gust MEES
March 14, 2017 12:48 PM
|
|
Scooped by
Gust MEES
February 10, 2017 3:30 PM
|
The Trojan tries to authenticate over different protocols with factory default credentials and, if successful, deploys the Mirai bot. Attackers have started to use Windows and Android malware to hack into embedded devices, dispelling the widely held belief that if such devices are not directly exposed to the Internet they're less vulnerable. This new Trojan found by Doctor Web, dubbed Trojan.Mirai.1, shows that attackers can also use compromised computers to target IoT devices that are not directly accessible from the internet. Infected smartphones can be used in a similar way. Researchers from Kaspersky Lab have already found an Android app designed to perform brute-force password guessing attacks against routers over the local network.
|
Scooped by
Gust MEES
November 29, 2016 11:43 AM
|
|
Scooped by
Gust MEES
November 29, 2016 9:45 AM
|
|
Scooped by
Gust MEES
November 4, 2016 10:17 AM
|
|
Scooped by
Gust MEES
October 27, 2016 5:13 PM
|
Are the Days of “Booter” Services Numbered?
It may soon become easier for Internet service providers to anticipate and block certain types of online assaults launched by Web-based attack-for-hire services known as “booter” or “stresser” services, new research released today suggests.
The findings come from researchers in Germany who’ve been studying patterns that emerge when miscreants attempt to mass-scan the entire Internet looking for systems useful for launching these digital sieges — known as “distributed denial-of-service” or DDoS attacks. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things
|
Scooped by
Gust MEES
October 24, 2016 12:58 PM
|
|
Scooped by
Gust MEES
October 17, 2016 10:28 AM
|
|
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Satori+botnet
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet&tag=Mirai+Botnet