Tag: Threats
Applications are the lifeblood of our enterprises. Not many organizations can survive in a pencil and paper world. They are all dependent on IT with applications doing the heavy lifting of arranging, tracking, processing, communicating, and calculating daily business. But applications are no longer singular programs running on one computer, they are huge collections of…
Read MoreF5 researchers recently noticed a new campaign exploiting a vulnerability in Microsoft Internet Information Services (IIS) 6.0 servers (CVE–2017–7269) in order to mine Electroneum crypto-currency. Last year, ESET security researchers reported that the same IIS vulnerability was abused to mine Monero, and install malware to launch targeted attacks against organizations by the notorious “Lazarus” group.…
Read MorePrivacy today isn’t just about staying away from prying eyes. The very act of communicating across the Internet with open, non-confidential protocols invites exposure to multiple threat types. Source link lol
Read MoreIt’s a sad state of Internet affairs when the US government must publish a US-CERT Alert about Russia targeting US entities through negligent network infrastructure misconfigurations.1 In Alert TA18-106A, US-CERT discloses that since 2015, the US government, in partnership with the UK, has been receiving data from numerous sources that “large numbers” of enterprise-class and…
Read MoreThe rise of poorly secured Internet of Things (IoT) devices has made it possible for attackers to gain access to targets of interest. Nation-states, spies, mercenaries, and others don’t need to dress up as repairmen to plant bugs in rooms anymore; they can just hack into a room that has vulnerable IoT devices. In May,…
Read MoreFigure 16: QA Injection alert, “Page Injected!” Conclusion Panda’s expansion beyond traditional banking targets is following the trend we noticed during the 2017 holiday season.5 This is the first campaign we have seen targeting cryptocurrency sites, but it’s a move that makes sense, given the popularity of cryptocurrency. This act of simultaneous campaigns targeting several…
Read MoreExecutive Summary Like coral reefs teeming with a variety of life, web applications are “colony creatures.” They consist of a multitude of independent components, running in separate environments with different operational requirements and supporting infrastructure (both in the cloud and on premises) glued together across networks. In this report, we examine that series of interacting…
Read MoreMost don’t, according to BuiltWith, a site that tracks the technologies websites use. Based on its latest data, a paltry .2% of sites on the Internet include CSP headers. Digging further, 8.4% of the Quantcast Top 10,000 have used CSP headers. Which sounds better until you do the math. That’s only 840 sites. By…
Read MorePotential Attacks and Impact We stumbled upon the issues with cellular IoT devices during our “Hunt for IoT” research of devices that were infected by Mirai. Attackers know how to exploit these systems and are actively monitoring them. Sierra Wireless, one of the largest manufacturers of cellular IoT devices, issued a public statement describing how…
Read MoreAttack Destination Ports The following ports in order of prevalence were targeted in the Singapore attacks: 5060 — clear text Session Initiation Protocol (SIP) 23 — Telnet remote management 1433 — Microsoft SQL Server database 81 — Alternate web server port for host-to-host communication 7547 — TCP port used by ISPs to remotely manage…
Read More