One of the hackers who amassed a new massive army of zombie internet-connected devices that can launch disruptive cyberattacks—even by mistake—now claims to have taken control of 3.2 million home routers, taking advantage of a flaw that allowed anyone to connect to them.
Read the full article on Motherboard
Sony has released firmware updates that remove a remotely exploitable backdoor account from 80 models of IP and security cameras. Because attackers can exploit the backdoor account via a well-crafted HTTP request, if left unpatched, the vulnerability can open the door for abuse, with crooks taking over Sony surveillance cameras and adding them to a Mirai-like botnet that can be used for relaying malicious traffic or launching DDoS attacks.
Read more on Bleeping Computer
These days, all you need to do is type “botnet,” “hacking,” “DDoS,” “CVV2,” or any other cybercrime-related term into the search bar on most social media platforms, and you will find a plethora of fraud activity occurring in plain sight. As reported earlier this year by RSA, social media has become a breeding ground for cybercrime-related activity, attracting fraudsters from around the world who take advantage of these platforms because they are free, easy-to-use, and offer a global reach.
Full article via RSA
It was only last week that Experian released a white paper on what it sees as data breach risks for 2017. Perhaps ironically, then, it was only days later when a dark web vendor claimed to have Experian’s database for sale.
Full article via DataBreaches.net
ESET researchers have discovered a new exploit kit spreading via malicious ads on a number of reputable news websites, each with millions of visitors daily. Since at least the beginning of October 2016, the bad guys have been targeting users of Internet Explorer and scanning their computers for vulnerabilities in Flash Player. Exploiting these flaws in the code, they have been attempting to download and execute various types of malware.
Read the full article on We Live Security
A former Expedia IT professional admitted on Monday to illegally trading on secrets he discovered by hacking his own company’s senior executives. Jonathan Ly stole passwords and infiltrated devices of Expedia’s (EXPE) chief financial officer and head of investor relations, allowing him to make a series of “highly profitable” trades in stock options that scored him $331,000, according to prosecutors.
Read more on CNN
Imagine a computing platform that would have no single point of failure and would be resilient to the cyberattacks that are making the headlines these days. This is the promise behind blockchain, the distributed ledger that underlies cryptocurrencies like Bitcoin and Ethereum and challenges the traditional server/client paradigm.
Read the full article on TechCrunch
A powerful new botnet is being blamed for massive and sustained DDoS attacks that security researchers at CloudFlare compare to Mirai when it comes to intensity and scope.
Read the full article on Threat Post
The Russian state-controlled bank VTB confirmed that its websites had been targeted by a cyber attack. The VTB is the second largest bank in the country.
Read more on Security Affairs