Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits

Black Hat 2020 session discusses how high-wattage connected devices like dishwashers and heating systems can be recruited into botnets and used to manipulate energy markets. Continue reading Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits

Apache Struts & SonicWall’s GMS exploits key targets of Mirai & Gafgyt IoT malware

By Waqas
Security researchers at Palo Alto Networks’ Unit 42 have discovered modified versions of the notorious Mirai and Gafgyt Internet of Things (IoT) malware. The malware have the capability of targeting flaws that affect Apache Struts and SonicWal… Continue reading Apache Struts & SonicWall’s GMS exploits key targets of Mirai & Gafgyt IoT malware

Who is Anna-Senpai, the Mirai Worm Author?

On September 22, 2016, this site was forced offline for nearly four days after it was hit with “Mirai,” a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks. Roughly a week after that assault, the individual(s) who launched that attack — using the name “Anna Senpai” — released the source code for Mirai, spawning dozens of copycat attack armies online.

After months of digging, KrebsOnSecurity is now confident to have uncovered Anna Senpai’s real-life identity, and the identity of at least one co-conspirator who helped to write and modify the malware. Continue reading Who is Anna-Senpai, the Mirai Worm Author?

Regulation May Be Best Answer to IoT Insecurity

Technologists, including Bruce Schneier, testifying before a House committee today on IoT security said that regulation could be the only answer to solving existing vulnerabilities. Continue reading Regulation May Be Best Answer to IoT Insecurity

IoT Botnets Are The New Normal of DDoS Attacks

DVR’s, IP-enabled cameras, home cable equipment and many other IOT connected devices are that latest in potent DDoS tools available to attackers. Continue reading IoT Botnets Are The New Normal of DDoS Attacks

KrebsOnSecurity Hit With Record DDoS

On Tuesday evening, KrebsOnSecurity.com was the target of an extremely large and unusual distributed denial-of-service (DDoS) attack designed to knock the site offline. The attack did not succeed thanks to the hard work of the engineers at Akamai, the company that protects my site from such digital sieges. But according to Akamai, it was nearly double the size of the largest attack they’ve seen previously, and was among the biggest assaults the Internet has ever witnessed. Continue reading KrebsOnSecurity Hit With Record DDoS

Threatpost News Wrap, September 2, 2016

Mike Mimoso, Tom Spring, and Chris Brook discuss the news of the week, including the MedSec/Muddy Waters story, how the Angler EK was traced back to the Lurk Gang, Fairware hitting Linux servers, and the Bashlite IoT malware. Continue reading Threatpost News Wrap, September 2, 2016