Flaws expose DVB-T2 set-top boxes to botnet & ransomware attacks

By Sudais Asif Two popular DVD top-set boxes are vulnerable to both botnet and ransomware attacks. This is a post from HackRead.com Read the original post: Flaws expose DVB-T2 set-top boxes to botnet & ransomware attacks...

Revamped Qbot Trojan Packs New Punch: Hijacks Email Threads

Attacks attributed to the Qbot trojan, known as the “Swiss Army knife” of malware, are on the uptick with a reported 100,000 recent infections, according to researchers. Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has shifted tactics again and adopted a bevy ...

Rethinking IoT/OT Security to Mitigate Cyberthreats

We live in an exciting time. We’re in the midst of the fourth industrial revolution—first steam, followed by electricity, then computers, and, now, the Internet of Things. A few years ago, IoT seemed like a futuristic concept that was on the distant horizon. The idea that your fridge would be...

A New Botnet Is Covertly Targeting Millions of Servers

FritzFrog has been used to try and infiltrate government agencies, banks, telecom companies, and universities across the US and Europe...

FritzFrog Botnet Attacks Millions of SSH Servers

A peer-to-peer P2 botnet called FritzFrog has hopped onto the scene, and researchers said it has been actively breaching SSH servers since January. SSH servers are pieces of software found in routers and IoT devices, among other machines, and they use the secure shell protocol to accept connectio...

A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide

Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer P2P botnet written in Golang that has been actively targeting SSH servers since January 2020. Called "FritzFrog ," the modular, multi-threaded and file-less botnet has breached more than 500 servers ...

A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide

Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer P2P botnet written in Golang that has been actively targeting SSH servers since January 2020. Called "FritzFrog," the modular, multi-threaded and file-less botnet has breached more than 500 servers t...

Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits

Researchers are warning that a new class of botnets could be marshaled and used to manipulate energy markets via zombie armies of power-hungry connected devices such as air conditioners, heaters, dryers and digital thermostats. A coordinated attack could cause an energy stock index to predictably...

Prometei botnet and its quest for Monero

By Vanja Svajcer. NEWS SUMMARYWe are used to ransomware attacks and big-game hunting making the headlines, but there are still methods adversaries use to monetize their efforts in less intrusive ways.Cisco Talos recently discovered a cryptocurrency-mining botnet attack we're calling "Prometei"...

Hackers Could Use IoT Botnets to Manipulate Energy Markets

With access to just 50,000 high-wattage smart devices, attackers could make a bundle off of causing minor fluctuations...

This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how Trend Micro found an IoT Mirai botnet downloader that can be added to new malware variants to scan for exposed Big-IP boxes f...

Doki Backdoor Infiltrates Docker Servers in the Cloud

A fresh Linux backdoor called Doki is infesting Docker servers in the cloud, researchers warn, employing a brand-new technique: Using a blockchain wallet for generating command-and-control C2 domain names. Doki however is meant to provide a persistent capability for code-execution on an infected...

Baldr Botnet Panel Shell Upload Exploit

This module exploits an arbitrary file upload vulnerability within the Baldr stealer malware control panel when uploading victim log files which are uploaded as ZIP files. Attackers can turn this vulnerability into an RCE by first registering a new bot to the panel and then uploading a ZIP file...

Baldr Botnet Panel Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Baldr Botnet Panel Shell Upload Exploit', 'Description' = %q This module exploits a arbitrary file upload vulnerability within the Baldr stealer...

Hacker disrupts Emotet botnet operation by replacing payload with GIFs

By Deeba Ahmed Emotet is one of the most commonly used botnets nowadays... This is a post from HackRead.com Read the original post: Hacker disrupts Emotet botnet operation by replacing payload with GIFs...

Undetectable Linux Malware Targeting Docker Servers With Exposed APIs

Cybersecurity researchers today uncovered a completely undetectable Linux malware that exploits undocumented techniques to stay under the radar and targets publicly accessible Docker servers hosted with popular cloud platforms, including AWS, Azure, and Alibaba Cloud. Docker is a popular...

Russia Tested a Space Weapon Last Week

Twitter hack details, a botnet vigilante, and more of the week's top security news...

TAU Threat Discovery: Cryptocurrency Clipper Malware Evolves

Clipper malware is designed to steal cryptocurrency from victims by replacing wallet addresses in the victim’s clipboard with wallet addresses that belong to the attacker. This stealthy technique is designed to silently trick the victim when making what appears to be a legitimate cryptocurrency...

Cryptojacking botnet Prometei uses NSA exploit to steal data, mine Monero

By Waqas Prometei botnet targets Windows devices. Cisco Talos' threat intelligence team published a report revealing startling details of how cybercriminals are continually reinventing the way they can monetize their malicious tools and techniques. Reportedly, Cisco Talos researchers discovered a...

Threat Source newsletter for July 23, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. While ransomware attacks continue to hog all the headlines, cryptocurrency miners are still running the background, sapping computing power from unsuspecting victims. We have what we believe is the first documentation of a new...