If you bought a security camera, webcam, baby monitor, smart doorbell, digital video recorder or other IoT device manufactured in China, there is bad news. Security flaws have been discovered that can easily allow an attacker remote access, remote control, and password discovery on affected systems. These devices can also be hijacked to use in a variety exploits including eavesdropping through ...
Cyber-criminals are using a botnet to send phishing emails with the apparent purpose to test a new email attachment type. Over the course of three weeks starting August 10th, this cyber-gang released seven different types of phishing emails to over 3,000 banks around the world. They appear to be testing which of these several approaches is most successful at tricking recipients into opening the email attachment.
The attachment itself is also something different – Microsoft Excel Web Query files that use ...
Continue Reading →
When web bots attack, what websites are the most likely to targets? We discussed automated attacks against websites last month. Here is some new information from Distil Networks about who the main targets have been in the recent past. If your business is included in the following list, you may want to ramp up the security posture of your website and web hosting account.
The industries targeted ...
Continue Reading →Bots are alive, well, and busy on the Internet, making up nearly half of Internet traffic. Bad bots are used by cyber-criminals and cyber attackers to automate harmful exploits and attacks, such as denial of service attacks, crypto-coin mining, data mining, information exfilitration, account hijacking, vulnerability scanning, spamming, and other illegal or illicit activities.
Not all bots are bad. Some of these site visitors are helpful, such as the automated bots from ...
Continue Reading →
Are the toys you are buying for your kids hackable?Can anyone listen in or have a conversation with your kids via an Internet connected toy? Sorry, but the answer is “yes.”
We have been writing for a while about the grievous lack of security on Internet-connected “smart” appliances, web cameras, baby monitors, door locks, thermostats, personal assistants, Wi-Fi, Cable, and DSL routers, and other ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.Tech company Gravity Payments instituted a $70 K minimum wage two years ago. It has long been my personal contention that the drop in real starting wages (against inflation) coupled with crushing ...
Continue Reading →
Cybersecurity researchers at Armis Labs have released information about a new attack vector called BlueBorne. Â This exploit has the potential to put millions of devices running Windows, Linux, Android or iOS operating systems at risk.
This exploit allows attackers to connect over the Bluetooth radio system with having to first pair the two Bluetooth enabled devices. Â Once installed, the attacker has full control of ...
Continue Reading →Is your email address one of the 711 million emails that are being used by the Onliner spam-bot?  I checked my email address at Have I Been Pwned and found it on the list.  You can click through the link and see if yours is on the Onliner list, or part of some other breach.
Onliner is ...
Continue Reading →
WireX is a new botnet that runs on hijacked and compromised Android phones. Â A bot-net is a collection of compromised devices that can be coordinated by the hijacker to work together on a certain task. Â It might be bit-coin mining, or password cracking, or other tasks that require a lot of processing power. Â This bot-net, like last year’s Mirai and ...
A quick Saturday digest of cybersecurity news articles from other sources.If there’s one thing we’ve learned, it’s that any new way of DDoSing will reveal that there are a huge number of undefended devices online.