Cybersecurity week Round-Up (2018, Week 4) -Let’s try to summarize the most important event occurred last week in 3 minutes.
The threats that most of all characterized this week are IoT botnets and malvertising.
Security experts at NewSky’s believe the operators of the recently discovered Satori botnet are launching a new massive hacking campaign against routers to infect and recruit them in the botnet dubbed Masuta. The Masuta botnet targets routers using default credentials, one of the versions analyzed dubbed “PureMasuta” relies on the old network administration EDB 38722 D-Link exploit.
A new botnet called Hide ‘N Seek (HNS botnet) appeared in the threat landscape, the malware is rapidly spreading infecting unsecured IoT devices, mainly IP cameras. The number of infected systems grew up from 12 at the time of the discovery up to over 20,000 bots.
Malware experts at CSE Cybsec uncovered a massive malvertising campaign dubbed EvilTraffic leveraging tens of thousands compromised websites. Crooks exploited some CMS vulnerabilities to upload and execute arbitrary PHP pages used to generate revenues via advertising.
The problems with Meltdown and Spectre security patches continue, Intel recommended to stop deploying the current versions of Spectre/Meltdown patches, while the Linux father Linus Torvalds defined the Spectre updates “utter garbage.”
Bell Canada suffers a data breach for the second time in less than a year.
Maersk chair revealed its company reinstalled 45,000 PCs and 4,000 Servers after NotPetya Attack.
The week ended with a clamorous incident, the Japan-based digital exchange Coincheck was hacked, hackers stole worth half a billion US dollars of NEM currency. The incident had a significant effect on the value of the most popular crypto currencies.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.