IoT

Pierluigi Paganini January 25, 2018
New HNS botnet has already compromised more than 20,000 IoT devices

A new botnet called Hide ‘N Seek (HNS botnet) appeared in the threat landscape, the malware is rapidly spreading infecting unsecured IoT devices, mainly IP cameras. The HNS botnet was first spotted on January 10th by malware researchers from Bitdefender, then it disappeared for a few days, and it has risen over the weekend. The number of infected systems […]

Pierluigi Paganini January 24, 2018
Satori’s threat actors are behind the new Masuta botnet that is targeting routers in the wild

Masuta botnet targets routers using default credentials, one of the versions analyzed dubbed “PureMasuta” relies on the old network administration EDB 38722 D-Link exploit. Security experts at NewSky’s believe the operators of the recently discovered Satori botnet are launching a new massive hacking campaign against routers to infect and recruit them in the botnet. “We analyzed two variants of an IoT botnet […]

Pierluigi Paganini January 14, 2018
Mirai Okiru botnet targets for first time ever in the history ARC-based IoT devices

Researcher @unixfreaxjp spotted the first time ever in the history of computer engineering a Linux malware designed to infect ARC CPU, this new Linux ELF malware was dubbed MIRAI OKIRU. In August 2016 the researcher @unixfreaxjp from @MalwareMustDie team first spotted the dreaded Mirai botnet, now the same researcher is announcing a new big earthquake in the malware […]

Pierluigi Paganini January 01, 2018
Hackers can remotely control thousands of Sonos and Bose speakers

Security experts at Trend Micro have demonstrated that certain models of Sonos and Bose speakers are affected by vulnerabilities that could allow attackers to hijack them. Hackers can trigger the flaws to access the speakers and use them to play spooky sounds or to issue Alexa commands. Only specific models of the two companies are […]

Pierluigi Paganini December 25, 2017
Experts discovered a flaw in GoAhead that affects hundreds of thousands IoT devices

Experts from Elttam discovered a flaw in GoAhead tiny web server that affects hundreds of thousands IoT devices, it could be exploited to remotely execute malicious code on affected devices. A vulnerability in the GoAhead tiny web server package, tracked as CVE-2017-17562, affects hundreds of thousands of IoT devices. The GoAhead solution is widely adopted by tech giants, including Comcast, […]

Pierluigi Paganini December 23, 2017
Satori is the latest Mirai botnet variant that is targeting Huawei HG532 home routers

Satori botnet, Mirai variant, is responsible for hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers. The Mirai botnet makes the headlines once again, a new variant dubbed Satori is responsible for hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers. The activity […]

Pierluigi Paganini December 19, 2017
Networked Printers are Some of the Oldest IoT Devices, and over 1,000 Lexmark Printers Are Vulnerable Today

Experts at NewSky Security scanned the Internet and discovered that “out of 1,475 unique IPs, 1,123 Lexmark printers had no security.” We think of Internet of Things (IoT) as all the “new” devices added to networks like webcams, Internet-connected toys, smarthome devices, etc. But we have been connecting unattended things to networks for a very long […]

Pierluigi Paganini December 14, 2017
US DoJ charges 3 Men with developing and running the Mirai Botnet

The US DoJ announced plea agreements for Paras Jha, Josiah White, and Dalton Norman, 21 for creating and operating the dreaded Mirai botnet. US authorities charge three men with developing and running the dreaded Mirai botnet that was involved in several massive DDoS attacks. According to documents released by the US Department of Justice (DOJ), the […]

Pierluigi Paganini December 09, 2017
Linux.ProxyM IoT Botnet now used to launch hacking attacks against websites

A new IoT botnet leveraging the Linux.ProxyM malware is currently being used by crooks in a campaign attempting to hack websites. Security experts at Doctor Web discovered a new IoT botnet leveraging the Linux.ProxyM malware that is currently being used in a campaign attempting to hack websites. Experts first analyzed the Linux.ProxyM in July, it was used to create a proxy […]

Pierluigi Paganini November 26, 2017
A new Mirai variant is rapidly spreading, around 100,000 IPs running the scans in the past 60 hours

A new Mirai variant is rapidly spreading, experts observed around 100K IPs running the scans in the past 60 hours searching for flawed ZyXEL PK5001Z routers. According to Li Fengpei, a security researcher with Qihoo 360 Netlab, the publication of the proof-of-concept (PoC) exploit code in a public vulnerabilities database is the root cause of the […]