In-brief: A security researcher searching the Internet for insecure data archives stumbled upon an information gold mine: 5 Terabytes of unsecured back ups belonging to one of the globe’s biggest and longest running spam e-mail operations.
Spam
Adobe Flash Zero-Day Used in Attacks on Diplomats
In-brief: Trend Micro warned about targeted attacks on diplomatic missions that take advantage of a previously undiscovered hole in Adobe Flash.
Vigilante botnet highlights woeful state of embedded device security
A mysterious piece of software, dubbed Wifatch, has been infecting tens of thousands of Linux-based home routers and, according to experts at Symantec, attempts to secure them from attack. But Wifatch’s benevolent intentions shouldn’t obscure its malicious actions, or the security problems that it takes advantage of. The malicious software runs on vulnerable, Linux-based home routers. There, it removes other malware infections, disables vulnerable services like Telnet and even prompts users to update their administrator user name and password to prevent compromise, according to a post on Symantec’s blog. But the malware is still spreading between vulnerable systems without the owners consent and could easily be pressed into service distributing spam or malicious software, experts note. According to Symantec, Wifatch is likely spreading between infected devices by targeting exposed Telnet interfaces and using brute force password attacks to gain access to the devices. Tens of thousands of devices may have been infected […]
The Real Story Behind Cheating Stories? Blackhat SEO
In-brief: A highly ranked web application for sharing tales of infidelity is the beneficiary of a sophisticated, global campaign of malicious search engine optimization (SEO), according to Akamai Principal Security Researcher Or Katz. (Read more stories by Or here.)
Third World Problem: Bot Herders Target Home Routers In Developing Nations
In-brief: A new global botnet is built on lightly secured home broadband routers in developing nations, according to a report from the firm Incapsula.
