Security News

As detailed in its "Q3 2020 Threat Landscape Report," Nuspire discovered more than 3.6 million malware events over the third quarter, an increase of 128% from the second quarter. More than 43,000 malware variants were seen each day, with almost 1,200 unique ones found for the entire quarter.

Muhstik is a botnet that leverages known web application exploits to compromise IoT devices, such as routers, to mine cryptocurrency. Although Muhstik botnet has been around for at least 2018, in December 2019, Palo Alto Networks had identified a new variant of the botnet attacking and taking over Tomato routers.

Kasada, provider of the only online traffic integrity solution that accurately detects and defends against bot attacks, announced the introduction of Kasada API, which protects an organization's web and mobile APIs from automated botnet attacks and targeted fraud. "By delivering Kasada API, we are providing our customers with a holistic line of defense that not only mitigates current attacks but also deters future ones."

A newly discovered worm and botnet named Gitpaste-12 lives on GitHub and also uses Pastebin to host malicious code. The advanced malware comes equipped with reverse shell and crypto-mining capabilities and exploits over 12 known vulnerabilities, therefore the moniker.

Brovko was tasked with sifting through the logs of these botnets for internet banking credentials vacuumed by the malware, which were subsequently used by fellow conspirators to steal millions of dollars from Americans' accounts in fraudulent transfers. "Where his computer code could not effectively parse the data, Brovko supplemented his computer-automated efforts with manual searches of the data," his indictment [PDF] noted.

"For over a decade, Brovko participated in a scheme to gain access to Americans' personal and financial information, causing more than $100 million in intended loss," said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department's Criminal Division, in a statement issued Monday. In October, a new variant of the InterPlanetary Storm botnet was discovered, which comes with fresh detection-evasion tactics and now targets Mac and Android devices.

An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "Dozens of known vulnerabilities" to target widely-used content management systems. The cybersecurity firm's six-month-long investigation into the botnet reveals a complex operation managed by one command-and-control server and more than 60 surrogate servers that communicate with the bots to send new targets, allowing it to expand the size of the botnet via brute force attacks and installation of backdoors.

In this episode, we investigate a smartwatch for kids with a creepy set of functions, discuss Microsoft's short-lived takedown of Trickbot, explain how to avoid the Windows "Ping of Death" bug, and find the source of mysterious beeping from every computer in the office. WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.

The TrickBot botnet appears to have resumed normal operations days after Microsoft announced that it managed to take it down using legal means. On October 12, Microsoft and several partners announced that they were able to disrupt the TrickBot infrastructure by legally disabling IP addresses, making servers inaccessible and suspending services employed by the botnet.

Researchers are warning of a recent dramatic uptick in the activity of the Lemon Duck cryptocurrency-mining botnet, which targets victims' computer resources to mine the Monero virtual currency. Researchers warn that Lemon Duck is "One of the more complex" mining botnets, with several interesting tricks up its sleeve.