BitDefender has identified a new fast-spreading IoT botnet called Hide and Seek that has the potential to perform information theft for espionage or extortion.
Research from the firm Akamai finds cyber criminals are marrying vulnerable home routers to sophisticated “fast flux” command and control tools to create long-lived, cyber criminal infrastructure.
In-brief: Managed DNS firm Dyn, a victim of the Mirai botnet, got its revenge: taking part in a coordinated takedown of WireX, a botnet of compromised Android devices, according to an announcement Monday.
Recently, the Akamai Threat Research Team unveiled a unique distributed brute force attack campaign targeting nearly five hundred WordPress applications. What’s interesting about this campaign? It clearly demonstrates how Web attackers are becoming more sophisticated, attempting to evade security controls – specifically Web Application Firewalls (WAFs) and rate control protections. A Short Primer to Brute-Force Attacks Brute force Web attackers attempt to gain privileged access to a Web application by sending a very large set of login attempts, within a short period of time. Using volumetric single source of attack is easily mitigated by blacklisting. Today’s brute force attacks are typically characterized by volumetric attacks coming from distributed IPs. In this way, if the attacker’s source IP is detected, they can still continue with the attack campaign by switching a source IP. As part of this cat-and-mouse evolution, WAFs are enhanced with several rate control measures that detect and block […]
One of the more interesting stories to come out this week is from Brian Krebs over at Krebsonsecurity.com. Writing on Friday, Krebs used his prodigious knowledge of the cyber underground to profile “GoodGoogle,” one of a growing number of specialized online fraud services that helps e-commerce firms target competitors by gaming Google’s AdWords feature. As you probably know, AdWords are one of Google’s biggest sources of revenue. They allow companies with products or services to sell to “bid” on words or phrases (like “Internet of Things”). Users who search on those terms will see hyperlinked ads to the right of their search results that link to a site of the advertiser’s choosing. Advertisers pay a premium to own popular (and lucrative) keywords – more than $40 per click for keywords like “loan,” “insurance,” “mortgage” or “attorney” depending on the word and time of day. Typically, advertisers set a certain daily budget […]