GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities

GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities

by Trend Micro IoT Reputation Service Team and Trend Micro Smart Home Network Team In April, we discussed our findings on increased activity originating from China targeting network devices in Brazil that mimicked the Mirai botnet’s scanning technique. We recently found similar Mirai-like scanning activity from Mexico. The difference in these attacks, however, is that…
Operators of Counter Antivirus Service Scan4You Convicted

Operators of Counter Antivirus Service Scan4You Convicted

In May 2017, one of the biggest facilitators of cybercrime, Scan4You, went offline after the two main suspects, Ruslans Bondars and Jurijs Martisevs, were arrested in Latvia and extradited to the U.S. by the Federal Bureau of Investigation (FBI). In May 2018, the case against the Scan4You’s operators concluded in a Virginia federal courtroom. The…
Operators of Counter Antivirus Service Scan4You Sentenced

Operators of Counter Antivirus Service Scan4You Sentenced

In May 2017, one of the biggest facilitators of cybercrime, Scan4You, went offline after the two main suspects, Ruslans Bondars and Jurijs Martisevs, were arrested in Latvia and extradited to the U.S. by the Federal Bureau of Investigation (FBI). In May 2018, the case against the Scan4You’s operators concluded in a Virginia federal courtroom. The…
Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability

Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability

By Hubert Lin We observed a large spike in the number of devices scanning the internet for port 7001/TCP since April 27, 2018. Our analysis found that it’s increased activity was caused by cybercriminals engaging in cryptomining via exploiting CVE-2017-10271. The flaw is a patched Oracle WebLogic WLS-WSAT vulnerability that can allow remote attackers to execute…
New Phishing Scam uses AES Encryption and Goes After Apple IDs

New Phishing Scam uses AES Encryption and Goes After Apple IDs

by Jindrich Karasek Recent data breaches and privacy scares, along with the upcoming General Data Protection Regulation (GDPR) from the European Union, have triggered a change in the way companies handle their users’ data. As a result, many of them have been sending emails asking their users to update their profiles or proactively strengthen security.…
Microsoft Patch Tuesday for May Includes Updates for Actively-Exploited Vulnerabilities

Microsoft Patch Tuesday for May Includes Updates for Actively-Exploited Vulnerabilities

For May 2018, Microsoft’s monthly release of security updates — also known as Patch Tuesday — addressed a number of vulnerabilities, most notably two vulnerabilities that were already actively exploited in attacks. One of these vulnerabilities is CVE-2018-8174, which is a remote code execution flaw in the way the VBScript engine handles objects in memory.…
Maikspy Spyware Poses as Adult Game, Targets Windows and Android Users

Maikspy Spyware Poses as Adult Game, Targets Windows and Android Users

By Ecular Xu and Grey Guo We discovered a malware family called Maikspy — a multi-platform spyware that can steal users’ private data. The spyware targets Windows and Android users, and first posed as an adult game named after a popular U.S.-based adult film actress. Maikspy, which is an alias that combines the name of…
Device Vulnerabilities in the Connected Home: Uncovering Remote Code Execution and More

Device Vulnerabilities in the Connected Home: Uncovering Remote Code Execution and More

by Dove Chiu, Kenney Lu, and Tim Yeh (Threats Analysts) If there is anything to be learned from the massive attacks that have been seen on connected devices, it is that the internet of things (IoT) is riddled with vulnerabilities. We have seen this time and again with how botnets are created from system weaknesses…

Device Vulnerabilities in the Connected Home: Uncovering Remote Code Execution and More

by Dove Chiu, Kenney Lu, and Tim Yeh (Threats Analysts) If there is anything to be learned from the massive attacks that have been seen on connected devices, it is that the internet of things (IoT) is riddled with vulnerabilities. We have seen this time and again with how botnets are created from system weaknesses…
Device Vulnerabilities in the Connected Home: Uncovering Remote Code Execution and More

Device Vulnerabilities in the Connected Home: Uncovering Remote Code Execution and More

by Dove Chiu, Kenney Lu, and Tim Yeh (Threats Analysts) If there is anything to be learned from the massive attacks that have been seen on connected devices, it is that the internet of things (IoT) is riddled with vulnerabilities. We have seen this time and again with how botnets are created from system weaknesses…

Latest article

FBI seizes VPNFilter botnet domain that infected 500,000 routers

FBI seizes VPNFilter botnet domain that infected 500,000 routers

By Waqas It is believed that the botnet was run by infamous This is a post from HackRead.com Read the original post: FBI seizes VPNFilter botnet domain that infected 500,000 routers
Malicious Edge and Chrome Extension Used to Deliver Backdoor

Malicious Edge and Chrome Extension Used to Deliver Backdoor

by Jaromir Horejsi, Joseph C. Chen, and Loseway Lu We noticed a series of testing submissions in VirusTotal that apparently came from the same group of malware developers in Moldova, at least based on the filenames and the submissions’ source. It appears they are working on a new malware that — based on how they…
BrandPost: SharePoint: Key Benefits and Migration Tips

BrandPost: SharePoint: Key Benefits and Migration Tips

Your staff works remotely, moves from one client location to another, and uses various devices to get work done. To ensure that your staff can access the necessary content when and where they need it the most, many organizations adopt a Cloud-based content management solution, like SharePoint. When using SharePoint, the content your staff needs…
Pornhub launches VPNhub – a free and unlimited VPN service

Pornhub launches VPNhub – a free and unlimited VPN service

PornHub wants you to keep your porn viewing activities private, and it is ready to help you out with its all-new VPN service. Yes, you heard that right. Adult entertainment giant PornHub has launched its very own VPN service today with "free and unlimited bandwidth" to help you keep prying eyes away from your browsing…
Someone hacked California’s live congressional debate to run gay porn

Someone hacked California’s live congressional debate to run gay porn

By Carolina “Looks like we got hacked again, we’ll try to fix This is a post from HackRead.com Read the original post: Someone hacked California’s live congressional debate to run gay porn
Confucius Update: New Tools and Techniques, Further Connections with Patchwork

Confucius Update: New Tools and Techniques, Further Connections with Patchwork

by Daniel Lunghi and Jaromir Horejsi Back in February, we noted the similarities between the Patchwork and Confucius groups and found that, in addition to the similarities in their malware code, both groups primarily went after targets in South Asia. During the months that followed in which we tracked Confucius’ activities, we found that they…
New VPNFilter malware targets at least 500K networking devices worldwide

New VPNFilter malware targets at least 500K networking devices worldwide

For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use.
BrandPost: CIO Interview with Amy Tong, Director and CIO of the California Department of Technology

BrandPost: CIO Interview with Amy Tong, Director and CIO of the California Department of...

California recently surpassed the U.K. and now ranks as the fifth largest economy in the world. Managing the people and technology driving that growth is an equally massive challenge. CIO Amy Tong has been leading the charge since June of 2016, and she shared her thoughts on what’s working and where the state is heading.What…
Researchers unearth a huge botnet army of 500,000 hacked routers

Researchers unearth a huge botnet army of 500,000 hacked routers

More than half a million routers and storage devices in dozens of countries have been infected with a piece of highly sophisticated IoT botnet malware, likely designed by Russia-baked state-sponsored group. Cisco's Talos cyber intelligence unit have discovered an advanced piece of IoT botnet malware, dubbed VPNFilter, that has been designed with versatile capabilities to…
You are not alone; The Pirate Bay is down around the world

You are not alone; The Pirate Bay is down around the world

By Waqas Another day, another irritating situation for The Pirate Bay fans. This is a post from HackRead.com Read the original post: You are not alone; The Pirate Bay is down around the world
BrandPost: Cybersecurity 101: Your End-Users are the First Line of Defense

BrandPost: Cybersecurity 101: Your End-Users are the First Line of Defense

Phishing is one of the main cybersecurity risks that organizations of any size face, and it’s a major way in which an organization can become compromised. However, many organizations still don’t have a cybersecurity plan despite the growing threats that they are facing every day.Many organizations’ corporate cultures truly lack the security basics of working…
New Spectre (Variant 4) CPU Flaw Discovered—Intel, ARM, AMD Affected

New Spectre (Variant 4) CPU Flaw Discovered—Intel, ARM, AMD Affected

Security researchers from Microsoft and Google have discovered a fourth variant of the data-leaking Meltdown-Spectre security flaws impacting modern CPUs in millions of computers, including those marketed by Apple. Variant 4 comes weeks after German computer magazine Heise reported about a set of eight Spectre-class vulnerabilities in Intel CPUs and a small number of ARM…