Category Archives: CenturyLink

Here’s the latest evidence that security burnout is very real

Posted on by

As businesses scramble to avoid data breaches and reconsider where the chief information security officer fits into the corporate structure, the uncertainty is having a measurable effect on the mental health of the people who protect the networks. The pressure is real, according to a survey published Thursday by Osterman Research and the domain name vendor Nominet. Thirty-two percent of security practitioners say they believe they would either lose their job or receive an official warning in the event of a data breach. Ninety-one percent reported moderate or high stress, with a quarter saying the job has affected their mental or physical health. Burnout is so common among security professionals that some executives are considering ways to ease the pressure on their teams. Chris Betz, the chief security officer at telecommunications company CenturyLink, told CyberScoop this week he tries to avoid contacting staffers after they’ve left the office. If Betz notices a task that […]

The post Here’s the latest evidence that security burnout is very real appeared first on CyberScoop.

Continue reading Here’s the latest evidence that security burnout is very real

CenturyLink sounds the alarm about TheMoon botnet, a versatile tool for fraud

Posted on by

Botnets have been a staple of malicious cyber activity for years because they can be cheap and facilitate cyberattacks at scale. Now, new research highlights how versatile hordes of infected computers can be in catering to hackers’ needs, from advertisement fraud to brute-force attacks. Researchers at communications provider CenturyLink said Thursday they spent a year tracking a botnet dubbed TheMoon, which can be repurposed by hackers for a range of malicious services. CenturyLink’s team found an iteration of TheMoon that uses infected microprocessor-based devices as proxy servers that can be sold to other attackers. In one case, researchers said they watched a video-ad fraudster use a proxy service to send requests to 19,000 different URLs from one server in the span of six hours. The ease with which TheMoon enables fraud should have companies on alert. “We have reason to believe the botnet actor has sold this proxy botnet as a service to other […]

The post CenturyLink sounds the alarm about TheMoon botnet, a versatile tool for fraud appeared first on CyberScoop.

Continue reading CenturyLink sounds the alarm about TheMoon botnet, a versatile tool for fraud

‘Mylobot’ botnet now downloading second-stage malware meant to siphon data

Posted on by

A global botnet has been set up to spread malware that is now able to siphon data, according to a report from CenturyLink Threat Research Labs. CenturyLink first encountered the Mylobot botnet by looking at IPs that were interacting with its network. In the research, CenturyLink observed DNS searches emerging from a distinct group of IPs. Researchers determined that the DNS lookups for domains were likely generated by an algorithm. The domains found in the isolated IPs were made up of seven randomly-chosen letters followed by the identifiers .ru, .net and .com. The report stated that the Mylobot malware typically generates 60,372 DNS queries that stem from 1,404 domains and 43 subdomains. Researchers found that Mylobot has the ability to appear inactive for 14 days before attempting to contact its command-and-control network, according to CenturyLink’s report. Since June, Mylobot has been observed downloading Khalesi, malware used to siphon data, as a second-stage attack for […]

The post ‘Mylobot’ botnet now downloading second-stage malware meant to siphon data appeared first on Cyberscoop.

Continue reading ‘Mylobot’ botnet now downloading second-stage malware meant to siphon data

DHS partnership with service providers gives high-risk industries more visibility of cyberthreats

Posted on by

Staying ahead of malicious actors is challenging, but organizations can take advantage of advanced threat intelligence through partnerships the Department of Homeland Security created with accredited communications service providers. A new report explains that critical infrastructure operators, businesses and government agencies can gain unique access to threat signatures, network traffic patterns and emerging cyberthreats by working with Enhanced Cybersecurity Services (ECS) providers that have unique access to DHS’s wealth of threat intelligence. The tech brief, produced by CyberScoop and underwritten by CenturyLink, highlights how the DHS-ECS partnership can provide top executives in industry and government powerful insights gleaned from active monitoring both by DHS and global network carriers like CenturyLink. A global communications provider like CenturyLink monitors about 114 billion NetFlow sessions and 1.3 billion security events per day, the report says. By combining real-time insights from that volume of network activity with DHS’s cyberthreat intelligence, ECS providers are able […]

The post DHS partnership with service providers gives high-risk industries more visibility of cyberthreats appeared first on Cyberscoop.

Continue reading DHS partnership with service providers gives high-risk industries more visibility of cyberthreats