Build Your Own Botnet: BYOB

BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the sophisticated malware that infects millions of devices every year and spawns modern botnets, in order to improve their ability ...

Massive Malspam Campaign Finds a New Vector for FlawedAmmyy RAT

A widespread spam campaign from the well-known financial criminal group TA505 is spreading the FlawedAmmyy RAT using a brand-new vector: Weaponized PDFs containing malicious SettingContent-ms files. The SettingContent-ms file format was introduced in Windows 10; it allows a user to create...

D-Link, Dasan Routers Under Attack In Yet Another Assault

Unpatched D-Link and Dasan GPON router vulnerabilities are being targeted by hackers attempting to build a botnet army, according to research published Friday by eSentire Threat Intelligence. Researchers observed on Thursday a massive uptick in exploit attempts from over 3,000 different source IP...

Drupal, Phishing and A New Cryptomining Botnet

It’s a well-known fact that security solutions must quickly adapt to new attack methods. There are several ways to achieve this goal, regularly applying security patches and updates, relying on threat intelligence and more. At Imperva, we use pattern anomaly detection as one of the tools to...

A WordPress SPAMbot Wants You to Bet on the 2018 FIFA World Cup

Our researchers recently picked up on a spike in SPAM activity directed at sites powered by WordPress, which, naturally, led them to take a closer look. Turns out the attack was launched by a botnet and implemented in the form of comment SPAM - meaningless, generic text generated from a template...

Department of Commerce Report on the Botnet Threat

Last month, the US Department of Commerce released a report on the threat of botnets and what to do about it. I note that it explicitly said that the IoT makes the threat worse, and that the solutions are largely economic. The Departments determined that the opportunities and challenges in workin...

Threat Roundup for June 22-29

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 22 and June 29. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristic...

Why VPNFilter is like a Moonlight Maze

On May 25, the FBI issued a public service announcement asking every Internet ready American to reboot their routers. The PSA specifically warned small and home office owners that they are particularly vulnerable to “foreign cyber actors” A.K.A. spies that are using malware called VPNFilter to...

Meet MyloBot malware turning Windows devices into Botnet

By Waqas The IT security researchers at deep learning cybersecurity firm Deep This is a post from HackRead.com Read the original post: Meet MyloBot malware turning Windows devices into Botnet...

Axis cameras there are security flaws, three of the vulnerabilities can be taken over-vulnerability warning-the black bar safety net

Network security company VDOO researchers recently discovered several vulnerabilities affect the Axis nearly 400 security cameras. From the network security company VDOO researchers on IOT devices conducted a study and found that the axis company manufacturing the camera of the presence of seven...

Mylobot Botnet Emerges with Rare Level of Complexity

An unusual botnet dubbed Mylobot has emerged, percolating up from the Dark Web – and displaying a never-before-seen level of complexity in terms of the sheer breadth of its various tools, especially evasion techniques. According to an analysis posted on Tuesday by Tom Nipravsky, a security...

When It Comes To IoT Security, Liability Is Muddled

BOSTON—From hacked connected cars to power grids, the implications of IoT security issues seem to be getting graver – yet when it comes to pointing fingers for security troubles, many times victims don’t even know where to start. IoT experts said at the Security of Things Forum today said that a...

Indonesian Hacker Group Cashes In On Blockbuster Movie Titles

When breaking the law isn't a barrier, there’s always a way to make a quick buck. We see it every day, and this time from an Indonesian cybercrime campaign infecting vulnerable websites by luring their visitors to a network of scam websites using blockbuster movies. The attack part I: Recruiting...

Axis Cameras Riddled With Vulnerabilities Enabling “Full Control”

A slew of vulnerabilities in Axis cameras could enable an attacker to access camera video streams, control the camera, add it to a botnet or render it useless. Researchers at VDOO, who disclosed the vulns on Monday, recommended that customers update immediately after finding that more than 400 Ax...

Foscam Issues Patches For Vulnerabilities in IP Cameras

Foscam is urging customers to update their security cameras after researchers found three vulnerabilities in that could enable a bad actor to gain root access knowing only the camera’s IP address. The vulnerability trifecta includes an arbitrary file-deletion bug, a shell command-injection flaw a...

Creative Spam Thinks Outside the Macro with .IQY Attachments

The Necurs botnet is driving a fresh spam campaign that uses Excel Web Query .IQY file attachments to skim under the antivirus radar. If successful, the attack ultimately delivers the remote access trojan RAT known as FlawedAmmyy. This is the third wave in an offensive that started in late May. T...

Destructive and MiTM Capabilities of VPNFilter Malware Revealed

It turns out that the threat of the massive VPNFilter botnet malware that was discovered late last month is beyond what we initially thought. Security researchers from Cisco's Talos cyber intelligence have today uncovered more details about VPNFilter malware, an advanced piece of IoT botnet malwa...

Destructive and MiTM Capabilities of VPNFilter Malware Revealed

It turns out that the threat of the massive VPNFilter botnet malware that was discovered late last month is beyond what we initially thought. Security researchers from Cisco's Talos cyber intelligence have today uncovered more details about VPNFilter malware, an advanced piece of IoT botnet malwa...

Drupalgeddon 2.0 Still Haunting 115K+ Sites

More than 115,000 sites are still vulnerable to a highly critical Drupal bug – even though a patch was released three months ago. When it was first revealed, the bug, which has been dubbed Drupalgeddon 2.0, impacted an estimated 1+ million sites running Drupal – including major U.S. educational...

IoT Botnets Found Using Default Credentials for C&C Server Databases

Not following cybersecurity best practices could not only cost online users but also cost cybercriminals. Yes, sometimes hackers don't take best security measures to keep their infrastructure safe. A variant of IoT botnet, called Owari , that relies on default or weak credentials to hack insecure...