Security News > 2020 > October

A new Mirai-based botnet is targeting zero-day vulnerabilities in Tenda routers, according to researchers at 360 Netlab, a unit of Chinese cybersecurity company Qihoo 360. In order to circumvent detection of typical traffic generated by Mirai botnets, Ttint uses the WSS protocol for communication with the command and control server, and also uses encryption.

The Confidential Computing Consortium, formed under The Linux Foundation, could revolutionize the way companies share data. Tom Merritt lists five things to know about Confidential Computing.

The Confidential Computing Consortium, formed under The Linux Foundation, could revolutionize the way companies share data. Tom Merritt lists five things to know about Confidential Computing.

Cybercriminals are increasingly turning to a legitimate, Pastebin-like web service for downloading malware - such as AgentTesla and LimeRAT - in spear-phishing attacks. More malware and ransomware families are starting to utilize another service, with the domain Paste.

Kaspersky observed several dozen victims who received components from the MosaicRegressor framework between 2017 and 2019 - all of whom had ties to North Korea. "UEFI firmware makes for a perfect mechanism of persistent malware storage," Kaspersky researchers explained.

Consider a world where cyber-attackers are using AI to refine, control and scale up their attacks. There is no need to stretch your imagination: sophisticated hackers are using AI techniques today to manage botnets, mount attacks, and cover up their traces, as well as to help them understand the context they're operating in, and, naturally, increase profitability.

Abstract: Risk-based Authentication is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones, users have to provide additional authentication factors such as a verification code.

As the UK heads into a troubling second wave of coronavirus cases, those in contact with thousands of people who just tested positive for COVID-19 in England went about their lives for up to a week unaware they had rubbed shoulders with a carrier. The under-reporting was widely reported to be down to the use of Microsoft's Excel spreadsheet program in transferring test results from labs to the health service to total up.

Two former Tenda router zero-days are anchoring the spread of a Mirai-based botnet called Ttint. For one, on the RAT front, researchers said that it implements 12 remote access functions, that combine with custom command-and-control server commands to carry out tasks like setting up a Socket5 proxy for router devices, tampering with router DNS, setting iptables and executing custom system commands.

A newly released "Vaccine" can prevent certain ransomware families from erasing shadow copies to prevent data recovery. Dubbed "Raccine" and released by security researchers Florian Roth and Ollie Whitehouse, the vaccine targets ransomware families that leverage vssadmin.