In this 67th episode of The Security Ledger Podcast, we talk with Bob Rudis of the firm Rapid7 about KRACK, a security hole that affects most wi-fi hotspots. Also: Or Katz of Akamai talks about that company’s work analyzing fast-flux botnets, which have become like AirBnB for cyber criminals looking for a place to host malicious networks. Finally: Tim Jarrett of Veracode tells us how a single security hole in an open source library found its way into millions of applications.
Security Ledger Editor in Chief Paul Roberts talks about the recently discovered KRACK security hole in Wi-Fi Protect Access with Bob Rudis of Rapid7. Bob has some simple ideas to protect yourself from KRACK attacks. Also: Or Katz of Akamai discusses that firm’s research into fast flux botnets, which morph and evolve to evade detection. Finally, Tim Jarrett of CA-Veracode talks about research in Apache Commons Collections, a common and vulnerable open source library that is used in millions of applications.
Research from the firm Akamai finds cyber criminals are marrying vulnerable home routers to sophisticated “fast flux” command and control tools to create long-lived, cyber criminal infrastructure.
In-brief: Managed DNS firm Dyn, a victim of the Mirai botnet, got its revenge: taking part in a coordinated takedown of WireX, a botnet of compromised Android devices, according to an announcement Monday.
In-brief: a botnet of 120,000 cameras that takes its orders from servers based in Iran uses a long-ago disclosed security vulnerability in camera software to spread. The flaw affects over 1,000 different models of cameras, Trend Micro reports.
