Month: April 2017
Hajime ‘Vigilante Botnet’ Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide
Last week, we reported about a so-called ‘vigilante hacker’ who hacked into at least 10,000 vulnerable ‘Internet of Things’ devices, such as home routers and Internet-connected cameras, using a botnet malware in order to supposedly secure them. Source: Hajime ‘Vigilante Botnet’ Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide
NSA backdoor detected on >55,000 Windows boxes can now be remotely removed
Enlarge (credit: Countercept ) After Microsoft officials dismissed evidence that more than 10,000 Windows machines on the Internet were infected by a highly advanced National Security Agency backdoor , private researchers are stepping in to fill the void. Source: NSA backdoor detected on >55,000 Windows boxes can now be remotely removed
Lazarus Under the Hood – Kaspersky [PDF]
Lazarus Under the Hood – Kaspersky [PDF] :
Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools
Vulnerable unpatched systems expose exploitable SMB networking to world+dog The NSA’s Equation Group hacking tools, leaked last Friday by the Shadow Brokers, have now been used to infect thousands of Windows machines worldwide, we’re told.… Source: Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools
A Surprise Encounter With A Telco Apt [Pdf]
A SURPRISE ENCOUNTER WITH A TELCO APT [PDF] : You know who.
AlessandroZ/BeRoot : BeRoot(s) is a post exploitation tool to check commun Windows misconfigurations to find a way to escalate our privilege. A compiled version is available here . It will be added to the pupy project as a post exploitation module (so it will be executed all in memory without touching the disk).
Exploits: how great is the threat?
How serious, really, is the danger presented by exploits? The recent leak of an exploit toolset allegedly used by the infamous Equation Group suggests it’s time to revisit that question. Several zero-days, as well as a bunch of merely ‘severe’ exploits apparently used in-the-wild were disclosed, and it is not yet clear whether this represents…
Introduction to the NIST CyberSecurity Framework for a Landscape of Cyber Menaces
The implementation of the NIST CyberSecurity Framework is of vital importance for the changes taking place in the landscape of zero-day threats The NIST CyberSecurity Framework is a guide for businesses and enterprises of good practices for information security. Source: Introduction to the NIST CyberSecurity Framewor for a Landscape of Cyber Menaces
netsec/ CLDAP Protocol Allows DDoS Attacks with 70x Amplification Factor
http://ift.tt/2pikfL7 Ref: http://ift.tt/2pgMCMI Date: April 15, 2017 at 01:40AM Author: prinnyerwin
netsec/ Dropping reverse shells via SSH
http://ift.tt/2psPJOT Ref: http://ift.tt/2oFeGIg Date: April 17, 2017 at 10:10AM Author: mrschyte