Botnet

Insecure IoT devices could be banned and destroyed if they fail to meet UK security standards

IoT devices could be banned from sale and destroyed if they fail to meet basic security standards, according to proposals put forward by the UK Government.

Read more in my article on the Bitdefender BOX blog.

Man sentenced, two others charged, in connection with Satori IoT botnet

Even after being charged, Kenneth Schuchman continued to create and operate a DDoS botnet, and communicate with his co-conspirators.

Read more in my article on the Hot for Security blog.

Your “smart” household appliance might have a short lifespan

Are you itching for an internet fridge? Hankering for a smart washing machine? Thirsting for an IoT-enabled thermostat?

Well, think twice before you make a potentially costly mistake when deciding what appliance you will be next be purchasing for your home.

Read more in my article on the Bitdefender BOX blog.

Smashing Security podcast #181: Anti-cybercrime ads, tricky tracing, and a 5G Bioshield

Police are hoping to stop kids becoming cybercriminals by bombarding them with Google Ads, phishers rub their hands in glee at the NHS track and trace service, and just how does a nano-layer of quantum holographic catalyzer technology make a USB stick cost hundreds of pounds?

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast.

Could this be the world’s most harmless IoT botnet?

When researchers investigate suspected malware on an IoT device they normally expect to find a cryptominer to earn a hacker digital cash or perhaps botnet code to launch DDoS attacks against websites.

But that wasn’t the case with the Cereals botnet.

Read more in my article on the Bitdefender BOX blog.

Kaiji – a new strain of IoT malware seizing control and launching DDoS attacks

Kaiji, a new botnet campaign, created from scratch rather than resting on the shoulders of those that went before it, is infecting Linux-based servers and IoT devices with the intention of launching distributed denial-of-service (DDoS) attacks.

Read more in my article on the Bitdefender BOX blog.

Smashing Security podcast #154: A buttock of biometrics

The UK’s Labour Party kicks off its election campaign with claims that it has suffered a sophisticated cyber-attack, Apple’s credit card is accused of being sexist, and what is Google up to with Project Nightingale?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.

IoT botnet launched massive 13-day DDoS attack against streaming service

Can you put your hand on your heart and say the web application your company has built would be able to handle 292,000 requests per second, from 402,000 different IP addresses?

Read more in my article on the Bitdefender BOX blog.

Bayrob malware gang convicted of infecting over 400,000 computers worldwide, stealing millions through online auction fraud

A US court has convicted two Romanian hackers belonging to the Bayrob malware gang after they infected over 400,000 computers around the world, and stole millions of dollars.

Read more in my article on the Hot for Security blog.

Hacker arrested for wave of fake bomb and shooting threats against schools

FBI agents have arrested a 20-year-old man alleged to have been part of a hacking gang which not only launched distributed denial-of-service (DDoS) attacks, but also launched a wave of chilling bomb and shooting threats against thousands of schools in the United States and United Kingdom.

Read more in my article on the Tripwire State of Security blog.

User of the world’s biggest DDoS-for-hire website? Police say they’re coming after you

When police shut down the notorious DDoS-for-hire website webstresser.org last year and arrested its administrators, a clear message was sent to the site’s 151,000 users: you’re next.

Read more in my article on the Hot for Security blog.

Smashing Security podcast #111: When rivals hack, and ‘extreme’ baby monitors

Why a business spat resulted in Liberia falling off the internet, how the US Government shutdown is impacting website security, and the perplexing world of extreme IoT devices.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Zoë Rose.

Germany proposes security guidelines for routers, but not everybody is happy

The German government has published draft guidelines on how it believes broadband routers should be secured. But some people think more could be done.

Read more in my article on the Bitdefender Box blog.

Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw

Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months.

Read more in my article on the Tripwire State of Security blog.

California’s ban on weak default passwords isn’t going to fix IoT security

Getting rid of hardcoded default passwords is not enough. There is a long way to go before we can feel confident that IoT devices have become significantly safer.

Read more in my article on the Bitdefender BOX blog.

The makers of the Mirai IoT-hijacking botnet are sentenced

Three men who operated and controlled the notorious Mirai botnet in October 2016 have been sentenced to five years of probation.

Read more in my article on the Tripwire State of Security blog.