Tag: CVE-2017-17215
Comparing ports targeted in Canada versus the US, Europe, or Australia, Canada was the only region where DNS port 53 and the UPnP port 37215 were on the top 20 targeted port list. The UPnP port relates to Huawei small office home office (SOHO) routers with a Remote Code Execution (RCE) vulnerability (CVE-2017-17215 and Exploit…
Read MorePoor security is another clue that young novices are operating botnets. The Owari authors left their command and control (C&C) MySQL database wide open (port 3306), “protected” with both the username and password of “root.” Control of IoT devices is a highly competitive market, where rivals commonly DDoS each other. In one case, a competing…
Read MoreConclusion This latest Gafgyt campaign shows that the malware is evolving and taking on techniques used by other malware authors. Those interested in building botnets don’t need to go far in order to find source code to create their own. Botnets for service are also common and easy to buy. They are advertised on a…
Read MoreRecent Posts
- Leveraging Wazuh for Zero Trust security
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices
- Hackers Strike at Heart of Italian Government
- The Rise of Ransomware-as-a-Service and Decline of Custom Tool Development | BlackFog
- Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks