When It Comes To IoT Security, Liability Is Muddled
The onus behind IoT security has become so muddled that no one knows who to point fingers at. Continue reading When It Comes To IoT Security, Liability Is Muddled
Category Archives: IoT botnet
Security Flaws Allow Attackers to Hijack 400 Axis Camera Models
Axis Communications, one of the largest manufacturers of video surveillance equipment in the world, has fixed critical security flaws that affect some 390 of its network camera models. The vulnerabilities were found by researchers from IoT security fi… Continue reading Security Flaws Allow Attackers to Hijack 400 Axis Camera Models
Axis Cameras Riddled With Vulnerabilities Enabling “Full Control”
The IP cameras have a slew of bugs allowing bad actors to control them, add them to a botnet, or render them useless. Continue reading Axis Cameras Riddled With Vulnerabilities Enabling “Full Control”
Flash Update Fixes Zero-Day Flaw Used in Targeted Attack
Adobe Systems released a security update for Flash Player to fix four vulnerabilities, including one that was discovered in an attack targeting individuals and organizations from the Middle East. Two of the patched vulnerabilities, CVE-2018-4945 and C… Continue reading Flash Update Fixes Zero-Day Flaw Used in Targeted Attack
IoT Botnets Found Using Default Credentials for C&C Server Databases
Not following cybersecurity best practices could not only cost online users but also cost cybercriminals. Yes, sometimes hackers don’t take best security measures to keep their infrastructure safe.
A variant of IoT botnet, called Owari, that relies on… Continue reading IoT Botnets Found Using Default Credentials for C&C Server Databases
VPNFilter Continues to Target Devices in Ukraine
The VPNFilter botnet that compromised more than 500,000 routers and network-attached storage devices from around the world was recently disrupted, but is trying to make a comeback in Ukraine. Researchers from security firms Jask and GreyNoise Intellig… Continue reading VPNFilter Continues to Target Devices in Ukraine
Muhstik Botnet Exploits Highly Critical Drupal Bug
A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Continue reading Muhstik Botnet Exploits Highly Critical Drupal Bug
Memcached Servers Abused For DDoS Attacks
Cloudflare announced recently that they are seeing an increase in amplification attacks using memcached servers, and that this exploit has the potential to be a big problem because memcached is capable of amplifying an attack significantly. This takes DDoS attacks to a new level, but the good news is that the problem is confined to a few thousand misconfigured servers, and the solution is to put the servers behind a tighter firewall and to disable UDP. What’s interesting is how the fundamental workings of the Internet are exploited to create and direct a massive amount of traffic.
We start with …read more
Apple Finally Ships Meltdown Patch for Older MacOS Systems
Apple has released new security patches for its macOS and iOS devices, managing to be both the first and the last of the major OS vendors to fix the serious Meltdown vulnerability. When the Meltdown and Spectre CPU vulnerabilities were first revealed e… Continue reading Apple Finally Ships Meltdown Patch for Older MacOS Systems
Satori IoT Botnet Exploits Zero-Day to Zombify Huawei Routers
Although the original creators of the infamous IoT malware Mirai have already been arrested and sent to jail, the variants of the notorious botnet are still in the game due to the availability of its source code on the Internet.
Hackers have widely us… Continue reading Satori IoT Botnet Exploits Zero-Day to Zombify Huawei Routers