As reported by several news organizations, several major consumer-facing organizations – including Uber, Fitbit, 1Password and OKCupid – were impacted by a ‘memory leak’ vulerability suffered by Cloudflare – a content delivery network and Internet security services provider. IT security experts from Prevoty and CipherCloud commented below. Kunal Anand, CTO and Co-Founder at Prevoty: “I’ve been following this very closely since it started percolating through various channels. Some folks are calling this “CloudBleed” – the high level story is that there was a software bug that caused sensitive information to be leaked. Unlike typical sensitive information disclosure, this one is a little different…
ISBuzz Team
Following the news that Necurs, the world’s largest spam botnet with nearly 5 million infected bots, of which one million active each day, has added a new module that can be used for launching DDoS attacks. Ben Herzberg, Security Research Group Manager at Imperva Incapsula commented below. Ben Herzberg, Security Research Group Manager at Imperva Incapsula: “It is interesting that Necurs added a DDoS feature, but I wouldn’t be too alarmed. Currently, IoT devices are easy prey for DDoS BotNets. At Imperva, we are seeing attempts to use IoT BotNets for things such as credential stuffing and other automated attacks, not just…
Krebs on Security recently reported on the suppression of a particularly insidious breach at Altair Technologies, but an even bigger story may be the impressive efficiency of this attack. Jeff Hill, Director, Product Management at Prevalent, Inc commented below. Jeff Hill, Director, Product Management at Prevalent, Inc: “Ironically, Altair’s awkward attempt to cover up or otherwise downplay the significance of their breach successfully masks both the serious nature of the episode, and the brilliance of this attack vector. The attackers successfully penetrated a single organization, and then navigated to the update server, an ingenious technique to propagate malware to dozens of high-profile…
Security researchers have found a security lapse at Stewart International Airport that exposed server backups to the Internet for more than a year. The backups contained sensitive information including one file with a list of usernames and passwords for various devices and systems, allowing full access to the airport’s internal network. The drive was installed by a third-party IT contractor. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “After uncovering an exposed backup system, it is often a good idea to review historical traffic patterns headed to the Internet from the server at risk. This allows…
A new module has been added to Necurs, the world’s largest spam botnet, and can be used for launching DDoS attacks. The news comes from security researchers who believe the capability was added almost six months ago, and despite a Necurs yet to be attributed to a DDoS attack, if it did decide to use its bots for such an attack, the scale would be larger than anything we have seen before. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS IB commented below. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS IB: “When observing the common motivations for DDoS attacks,…
A Nuix study of DEFCON pen testers shows that the usual security controls are of little use against a determined intruder. Lamar Bailey, Sr. Director, Security R&D at Tripwire points out the weaknesses of the research. Lamar Bailey, Sr. Director, Security R&D at Tripwire: “Pentesters are a valuable resource to evaluate the security stance of an application, system, or network. However, it is worth noting that this survey only asked people who are paid to break into systems and get hired based on how good they are, so of course they are going to brag and probably stretch the truth some. All their engagements are under…
ESET research finds Android users were the target of new banking malware with screen locking capabilities, which was disguised as a weather forecast app on Google Play. ESET researchers discovered new variant of botnet-forming Android banking malware, detected by ESET asTrojan.Android/Spy.Banker.HU, based on source code made public a couple of months ago. Their investigation leads to a running C&C server and looks under the lid of an active Android botnet. The new Android banking malware ESET recently discovered on Google Play was spotted in the wild again, now improved and targeting more banks. Further investigation of this resurfacing threat has uncovered its…
A new report released by Kaspersky found that almost half of all phishing attacks registered by its lab were targeting victims’ money with phishing pages which looked exactly like legitimate banking services. Robert Capps, VP of Business Development at NuData Security commented below. Robert Capps, VP of Business Development at NuData Security: “It’s not much of a surprise that Phishing is still a valid concern for cyber security professionals. The Internet is awash in stolen consumer data ripe for malicious use providing fertile soil in which fraudsters can grow innovative attacks using purloined black-market data. Victims of stolen data are…
Google researchers have managed achieve a collision attack for SHA-1, creating two PDF files with the same signature. The weakness of SHA-1 has been known about for some time but this demonstrates that the algorithm’s use for security-sensitive functions should be discontinued as soon as possible. There are more details on Google’s blog here. IT security experts from Venafi and Rapid7 commented below. Kevin Bocek, Chief Cybersecurity Strategist at Venafi: “Google’s announcement just confirms what we already know – SHA-1 is simply not secure. This is no longer science fiction. Unfortunately, despite the dangers, organisations are just not reacting. The time to eradicate…
As with most depictions of mechanical folk in science fiction, robots on the internet can be good or evil, helping the various functions of the web along or working to bring it down. According to security firm Incapsula, the proportion of both good and bad bots to humans on the internet grew in 2016, with robotic users constituting 51.8% of all traffic online. As that number increases, bots’ fame or notoriety grows and they start to become part of the public consciousness. For instance, a bot called Mirai shut down part of the internet in 2016. Even if a user is…
