Arbor Networks – Page 2 – WindowsTechs.com

Don’t fear the Reaper: Botnet ‘easy to stop,’ says security researcher

Posted on October 27, 2017 by Shaun Waterman

The new Internet of Things botnet variously known as Reaper, IoT_Reaper or IoTroop should be easy to stop if it ever attacks, a security researcher says. Reaper uses fixed, hardcoded domain and internet addresses for its command and control, or C2, servers — meaning they can easily be cut off by service providers, Radware security researcher Pascal Geenens wrote earlier this week. “The control servers, the architecture and the methods of operation of the Reaper botnet have been uncovered and are known,” Geenens wrote. “It uses a fixed domain and IP addresses for its C2 servers, which should make blacklisting or blackholing effective to stop any attacks it might attempt.” Although the hacker that controls the botnet — the “herder” — has proved successful at building it up, the botnet has not yet been used for attacks. But there’s widespread concern nonetheless about how powerful a weapon it could be. The Mirai botnet brought the […]

The post Don’t fear the Reaper: Botnet ‘easy to stop,’ says security researcher appeared first on Cyberscoop.

Continue reading Don’t fear the Reaper: Botnet ‘easy to stop,’ says security researcher→

Fear the Reaper, or Reaper Madness?

Posted on October 27, 2017 by BrianKrebs

Last week we looked at reports from China and Israel about a new “Internet of Things” malware strain called “Reaper” that researchers said infected more than a million organizations by targeting newfound security weaknesses in countless Internet routers, security cameras and digital video recorders (DVRs). Now some botnet experts are calling on people to stop the “Reaper Madness,” saying the actual number of IoT devices infected with Reaper right now is much smaller.

Arbor Networks said it believes the current actual size of the Reaper botnet fluctuates between 10,000 and 20,000 bots total. Arbor notes that this can change any time. Continue reading Fear the Reaper, or Reaper Madness?→

Why a ‘super-Mirai’ attack never happened

Posted on July 24, 2017 by Shaun Waterman

The vast amount of internet-connected devices that fueled the Mirai botnet are only the “tip of the iceberg” when it comes to the denial of service threat from the Internet of Things, according to new research to be presented at the DEF CON security conference later this week. “We estimate up to 95 percent of all IoT devices are deployed behind corporate firewalls,” and not addressable via the public internet, Steinthor Bjarnason, a security engineer with Arbor Networks, told CyberScoop. “They are only locally addressable,” he said, “We are talking about security cameras, light bulbs, thermostats…. Any kind of [connected] device … They are living happily behind those firewalls and life is good.” Mirai — which uses the public web to find and infect IoT devices and weaponize their internet connectivity into massive distributed denial of service attacks — brought the internet briefly to its knees last year. Hundreds of thousands of vulnerable IoT […]

The post Why a ‘super-Mirai’ attack never happened appeared first on Cyberscoop.

Continue reading Why a ‘super-Mirai’ attack never happened→

New Point-of-Sale Malware LockPoS Hitches Ride with FlokiBot

Posted on July 12, 2017 by Tom Spring

Botnets distributing FlokiBot point-of-sale malware are back in business spewing a new malware dubbed LockPoS. Continue reading New Point-of-Sale Malware LockPoS Hitches Ride with FlokiBot→

Forget about the malware, go after the attacker’s tactics, techniques and procedures

Posted on June 22, 2017 by Zeljka Zorz

The cybercriminal’s options for monetizing attacks has never been broader, less complex, or less risky, and attempts to detect intrusions by detecting the malware they use has never been more pointless, a study commissioned by Arbor Networks has revealed. “Nearly everything used by the attacker is now disposable, making most threat data and traditional anti-virus techniques almost useless. Industry sources have found that the vast majority of malware (over 95%) is automatically generated to produce … More → Continue reading Forget about the malware, go after the attacker’s tactics, techniques and procedures→

Industry reactions to the Verizon 2017 Data Breach Investigations Report

Posted on April 28, 2017 by Mirko Zorz

Nearly 2,000 breaches were analyzed in this year’s Verizon 2017 Data Breach Investigations Report and more than 300 were espionage-related. Here are some of the comments Help Net Security received on the report. John Madelin, CEO at Reliance acsn Today’s report highlights that businesses must rethink their protection strategies to guard against cyber attacks. The fact that 88% of breaches identified in the report fall into patterns first identified in 2014 is an illustration of … More → Continue reading Industry reactions to the Verizon 2017 Data Breach Investigations Report→

Self-Proclaimed ‘Nuclear Bot’ Author Weighs U.S. Job Offer

Posted on April 6, 2017 by BrianKrebs

The author of a banking Trojan called Nuclear Bot — a teenager living in France — recently released the source code for his creation just months after the malware began showing up for sale in cybercrime forums. Now the young man’s father is trying to convince him not to act on a job offer in the United States, fearing it may be a trap set by law enforcement agents. Continue reading Self-Proclaimed ‘Nuclear Bot’ Author Weighs U.S. Job Offer→

Self-Proclaimed ‘Nuclear Bot’ Author Weighs U.S. Job Offer

Posted on April 6, 2017 by BrianKrebs

Monitoring scanning activities that could lead to IoT compromises

Posted on February 8, 2017 by Help Net Security

IoT devices are ideal targets for attackers looking to build DDoS botnets because they have limited or non-existent security features. Some IoT devices utilize hard-coded default passwords. Many devices have unnecessary services running that can be exploited, and others have unprotected management interfaces. Most important for DDoS attackers, IoT devices offer high-speed connections that are always on, which allows for a large, predictable amount of attack traffic volume per compromised device. Monitoring login attempts Looking … More → Continue reading Monitoring scanning activities that could lead to IoT compromises→

Innovation and exploitation fuel DDoS attack landscape

Posted on January 25, 2017 by Help Net Security

Arbor Networks released its 12th Annual Worldwide Infrastructure Security Report offering direct insights from network and security professionals at global service providers, cloud/hosting and enterprise organizations. The stakes have changed for network and security teams. The threat landscape has been transformed by the emergence of IoT botnets. As IoT devices proliferate across networks, bringing tremendous benefits to businesses and consumers, attackers are able to weaponize them due to inherent security vulnerabilities. The largest DDoS attack … More → Continue reading Innovation and exploitation fuel DDoS attack landscape→