Latest News

2020/01/23

New Muhstik Botnet Attacks Target Tomato Routers

A new variant of the Muhstik botnet has appeared, this time with scanner technology that for the first time can brute-force web authentication to attack routers using Tomato open-source firmware, researchers have found.

Researchers at Palo Alto Networks’ Unit 42 discovered the new variant harvesting vulnerable routers and IoT devices in early December, they reported in a blog post Tuesday. Muhstik, showing a wormlike self-propagating capability that can infect Linux servers and IoT devices, has been active since March 2018.
2020/01/22

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices

A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) "smart" devices.

The list, which was published on a popular hacking forum, includes each device's IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet.
2019/12/20

Phishers are using “black SEO” to lure users in to malicious downloads masquerading as the latest Star Wars movie.

Whenever the internet lights up in anticipation of anything, there are fraudsters and scammers waiting in the wings to take advantage of it. This week’s premiere of Star Wars: The Rise of Skywalker is no exception, with cybercriminals eyeing one of the world’s most beloved franchises as rich fodder for phishing attempts.

Researchers at Kaspersky ran a scan of the web this week and have found more than 30 phishing sites and malicious social-media profiles disguised as official movie accounts. The actual number of these kinds of sites, of course, could be much higher
2019/12/20

267M Facebook Users’ Phone Numbers Exposed Online

A database exposing the names, phone numbers and Facebook user IDs of millions of platform users was left unsecured on the web for nearly two weeks before it was removed.

Security researcher Bob Diachenko, who along with Comparitech discovered the unsecured Elasticsearch database, believe it belongs to a cybercriminal organization, as opposed to Facebook. Diachenko went to the internet service provider (ISP) managing the IP address of the server so that the access could be removed.

“A database this big is likely to be used for phishing and spam, particularly via SMS,” according to the Thursday report. “Facebook users should be on the lookout for suspicious text messages. Even if the sender knows your name or some basic information about you, be skeptical of any unsolicited messages.”
2019/12/18

Privilege Escalation Flaws Found in Preinstalled Acer, ASUS Software

Vulnerabilities discovered in Acer and ASUS software preinstalled on most PCs from these companies could lead to privilege escalation and the execution of arbitrary payloads, SafeBreach warns.

The first bug impacts Acer Quick Access, an application that allows users to toggle wireless devices on or off, to modify power-off USB charge settings and network sharing options, and more.

The issue, SafeBreach explains, is that part of the software runs with SYSTEM privileges, and it unsafely attempts to load three missing DLL files. An attacker with administrator privileges can plant malicious versions of these missing files and they would get executed with elevated permissions.