In the News

Information Security Buzz Logo

43% Of Security & IT Leaders View IoT Security As Afterthought, 50% Say IoT Attacks Not A Threat (Trend Micro Survey)

July 30, 2018
In response to a new Trend Micro survey, which found among other things that only half of IT and security decision-makers believe IoT-related attacks are a threat to their organizations, and that 43% view IoT security as an afterthought, an expert with Corero Network Security offers commentary.
Read article
Information Security Buzz Logo

HNS Bot Adds Exploits To Hit Home Automation Systems & Devices

July 27, 2018
New Fortinet findings show that the P2P Hide ‘N Seek (HNS) botnet now also includes exploits to target home automation systems and devices, noting: “Hide ‘N Seek authors recently included an exploit for a HomeMatic Zentrale CCU2 remote code execution vulnerability, the malicious code allows the botnet to target devices in smart homes controller by the HomeMatic central unit.”
Read article
Journal of Cyber Policy

Hide ‘N Seek: From Home Routers to Smart Home Insecurities

July 26, 2018
In this report we will take a look at HNS evolution and how it was able to add exploits on a regular basis over the past several months without making headlines
Read article
Teiss Logo

Russian hackers infiltrated U.S. electric utilities' control rooms last year

July 25, 2018
The U.S. Department of Homeland Security has revealed that a group of Russian hackers successfully infiltrated the industrial control system of an electric generation firm last year while they were targeting hundreds of energy and non-energy companies in the country.
Read article

Amazon Invited DDoS Attack On Prime Day

July 24, 2018
Amazon had a dodgy hour during Prime Day when their website was unresponsive and it looks like it potentially cost them around $75 million in lost sales. It was pretty much an Amazon invited DDOS (distributed denial of service) attack.
Read article

A Botnet consisting of 18,000 Routers Created In Under 24 Hours By a Hacker

July 24, 2018
A Hacker has claimed he has created a botnet in under 24 hours compromising of 18,000 Huawei routers. The hacker goes by the Pseudonym “Anarchy” has claims that he created the botnet using an old router vulnerability.
Read article
Journal of Cyber Policy

NEWS & COMMENT: RUSSIAN HACKERS PENETRATED NETWORKS OF U.S. ELECTRIC UTILITIES

July 24, 2018
Russian hackers gained access to the networks of U.S. electric utilities last year, which could have allowed them to cause blackouts, according to federal government officials, who said the campaign is likely continuing, The Wall Street Journal reported on Monday.
Read article
Green Tech Media Logo

Russian Hackers Breach US Utility Networks via Trusted Vendors

July 24, 2018
Hackers were able to access confidential information, such as the equipment being used and how utility networks are configured.
Read article

Downtime On Prime Day (Est. $75mil In Lost Sales, Comparable To Self Invited DDoS Attack)

July 20, 2018
In response to the latest reports on the Amazon’s downtime during this week’s Prime Day including estimates that the outage potentially resulted in ~$75 million in lost sales and was comparable to a self-invited DDOS) attack, Corero Network Security offers comments.
Read article

Malware author ‘Anarchy’ builds 18,000-strong Huawei router botnet

July 20, 2018
A malware author who goes by the alias “Anarchy” has built an army of 18,000 botnets in a single day by hacking Huawei routers using a single exploit.
Read article

Unpatched Dahua DVRs pose security issue

July 20, 2018
Despite numerous warnings from cybersecurity experts in recent years about the importance of patching IP-enabled physical security equipment against known vulnerabilities, it seems that message still hasn’t taken hold in some corners of the industry.
Read article

Tens Of Thousands Of Dahua DVR Pws Cached In IOT Search Engine, Allowing Easy Botnet Herding For DDoS

July 19, 2018
An expert in IoT security offers perspective on findings by (published on Twitter) by Ankit Anubhav, Principal Researcher at NewSky Security, that login passwords for tens of thousands of Dahua DVR devices have been cached and indexed inside search results returned by IoT search engine ZoomEye. Related: CVE-2013-6117.
Read article

Checkpoint Cyber Attack Trends Mid-Year Report 2018

July 19, 2018
Following are main findings of latest CheckPoint Cyber Attack Trends: Mid-Year Report 2018:
Read article

Vendor admits election systems included remote software

July 19, 2018
A vendor admitted to compromising its election system security by installing remote access software on systems over the span of six years, but claims to have stopped the practice.
Read article

Ankit Anubhav on Twitter

July 19, 2018
A new low has been achieved in the ease of hacking IoT devices. One does not even need to connect to the Dahua devices to get the credentials (thread) (1/n) #iot #infosec.
Read article

Series Of DDoS Attacks Aimed At Blizzard

July 17, 2018
Blizzard Entertainment, a gaming company with such offerings as Overwatch, Heroes of the Storm, World of Warcraft, was plagued last weekend by a series of Denial-of-Service attacks that caused lag time for some players and prevented others from logging in.
Read article

DDoS Attacks Get Bigger, Smarter and More Diverse

July 17, 2018
DDoS attacks are relentless. New techniques, new targets and a new class of attackers continue to reinvigorate one of the internet’s oldest nemeses.
Read article

Critical infrastructure remains insecure

July 16, 2018
Organisations can no longer afford to leave their systems unprotected from increasingly advanced cyber threats.
Read article

New Protocol Promises to Improve Wi-Fi Security — Eventually

July 16, 2018
A new wireless protocol promises to improve Wi-Fi security significantly, but the changes won’t be immediate.
Read article

Multiple Attack Leave Backdoors Open To Cheap Remote Desktop Protocol Attacks, According To New McAfee Findings

July 13, 2018
McAfee has just released its new Advanced Threat Report, which finds that Organizations Leave Backdoors Open to Cheap Remote Desktop Protocol Attacks. An expert with Corero offers thoughts and perspective.
Read article

Security Threats Put SCADA On Thin Ice

July 12, 2018
Opening up these systems to the Internet has exponentially increased threats from hackers and malware.
Read article

HNS Evolves from IoT to Cross-Platform Botnet

July 10, 2018
The famous Hide ‘N Seek botnet, first discovered in January this year, has expanded from infecting Internet of Things (IoT) devices and is now also targeting cross-platform database solutions as well. Sean Newman, Director at Corero Network Security commented below.
Read article

UK On Brink Of Russian Cyber Attack With Fears Putin Will Hit Britain As Soon As World Cup

July 8, 2018
Earlier this morning, news broke that British spies are on high alert for President Putin to launch another targeted assault on UK infrastructure — or even order a fresh assassination attempt.
Read article

Infosec community welcomes bank sector focus on cyber resilience

July 6, 2018
The information security community has welcomed regulators’ call on the banking industry to demonstrate their capability to respond to cyber attacks because it highlights the importance of cyber resilience for all businesses.
Read article

DDoS attacks are still a danger, even during the lull period

July 4, 2018
Distributed Denial of Service (DDoS) attacks – where attackers seek to take down a website or application by flooding it with requests – may well be old, but they never go away.
Read article