For two years, criminals stole sensitive information using malware hidden in individual pixels of ad banners

5-tgssh

Eset's report on Stegano, a newly discovered exploit kit, reveals an insanely clever, paranoid, and devastatingly effective technique used by criminals to infect their victims' computers by hiding malicious code in plain sight on websites that accepted their innocuous-seeming banner ads. Read the rest

Two hackers are selling DDoS attacks from 400,000 IoT devices infected with the Mirai worm

mirai-spam-censored

The Mirai worm -- first seen attacking security journalist Brian Krebs with 620gbps floods, then taking down Level 3, Dyn and other hardened, well-provisioned internet giants, then spreading to every developed nation on Earth (and being used to take down some of those less-developed nations) despite being revealed as clumsy and amateurish (a situation remedied shortly after by hybridizing it with another IoT worm) -- is now bigger than ever, and you can rent time on it to punish journalists, knock countries offline, or take down chunks of the core internet. Read the rest

Alex Halderman: we will never know if the Wisconsin vote was hacked unless we check now

1-khvsad6hdo01hrt2lkef6w

Alex Halderman has clarified his earlier remarks about the integrity of the Wisconsin election: in a nutshell: voting machine security sucks, hackers played an unprecedented role in this election; there are statistical irregularities in the votes recorded on software-based touchscreen machines and the votes registered with paper ballots counted by optical scanners, so why the hell wouldn't we check into this? Read the rest

Office Depot techs accused of faking malware infections to meet sales targets

050-056c026d-1c66-4d42-9fae-a8

Seattle's KIRO TV made undercover visits to Office Depot stores in Washington state and Oregon and asked the technicians working in the store's "PC Health Check" to evaluate a working, uninfected PC; four out of six times, Office Depot technicians diagnosed nonexistent virus activity and prescribed $200 worth of service to get rid of it. Read the rest

A lightbulb worm could take over every smart light in a city in minutes

animation-2

Researchers from Dalhousie University (Canada) and the Weizmann Institute of Science (Israel) have published a working paper detailing a proof-of-concept attack on smart lightbulbs that allows them to wirelessly take over the bulbs from up to 400m, write a new operating system to them, and then cause the infected bulbs to spread the attack to all the vulnerable bulbs in reach, until an entire city is infected. Read the rest

Internet of Things botnet threatens to knock the entire country of Liberia offline

un-liberia-png

The various Mirai botnets, which use "clumsy, amateurish code to take over even more clumsy and amateurish CCTVs, routers, PVRs and other Internet of Things devices, have been responsible for some eye-popping attacks this season: first there was the 620Gbps attack on journalist Brian Krebs (in retaliation for his coverage of a couple of petty Israeli crooks); then there was the infrastructure attack that took out Level 3, Netflix, Twitter, Dyn, and many more of the internet's best-defended services. Read the rest

A fake HP printer that's actual an office-camouflaged cellular eavesdropping device

securityprinter

Julian Oliver is a playful and media-savvy security researcher; previously, he documented hidden cell-phone towers in bad disguises and produced a hand-grenade shaped "transparency device" that spied on everything going on in the room. Read the rest

New, fast-spreading IoT botnet hybridizes two less-effective strains to achieve quick dominance

8001

Linux/IRCTelnet is a new strain of Internet of Things malware that borrows its password-guessing routines from Mirai, the malware that helped take down Paypal, Netflix and Twitter, and adds them to the scanning routines from a newer IoT bot called Bashlight. Read the rest

China electronics maker will recall some devices sold in U.S. after massive IoT hack

000892a2-800

A China-based maker of surveillance cameras said Monday it will recall some products sold in the United States after a massive "Internet of Things" malware attack took down a major DNS provider in a massive DDOS attack. The stunningly broad attack brought much internet activity to a halt last Friday.

Read the rest

The clumsy, amateurish IoT botnet has now infected devices in virtually all of the world's countries

1476217504747570

Mirai, the clumsily written Internet of Things virus that harnessed so many devices in an attack on journalist Brian Krebs that it overloaded Akamai, has now spread to devices in either 164 or 177 countries -- that is, pretty much everywhere with reliable electricity and internet access.

Imperva, a company that provides protection to websites against Distributed Denial of Service (DDoS) attacks, is among the ones who have been busy investigating Mirai. According to their tally, the botnet made of Mirai-infected devices has reached a total of 164 countries. A pseudonymous researcher that goes by the name MalwareTech has also been mapping Mirai, and according to his tally, the total is even higher, at 177 countries.

Internet of Things Malware Has Apparently Reached Almost All Countries on Earth [Lorenzo Franceschi-Bicchierai/Motherboard] Read the rest

The malware that's pwning the Internet of Things is terrifyingly amateurish

1475518873610753

Following the release of the sourcecode for the Mirai botnet, which was used to harness DVRs, surveillance cameras and other Internet of Things things into one of the most powerful denial-of-service attacks the internet has ever seen, analysts have gone over its sourcecode and found that the devastatingly effective malware was strictly amateur-hour, a stark commentary on the even worse security in the millions and millions of IoT devices we've welcomed into our homes. Read the rest

Martin Shkreli offers a bailout to ailing 4chan

050-056c026d-1c66-4d42-9fae-a8

Meme factory/Anonymous birthplace/alt-right breeding ground 4chan is facing challenges similar to those plaguing all ad-supported sites, but as with all things channish, 4chan's problems have their own unique and grotesque wrinkles. Read the rest

The democratization of censorship: when anyone can kill as site as effectively as a government can

idaho-l-0010_teton_dam_flood

On the eve of the Stuxnet attacks, half a decade ago, I found myself discussing what it all meant with William Gibson (I'd just interviewed him on stage in London), and I said, "I think the most significant thing about any of these sophisticated, government-backed attacks is that they will eventually turn into a cheap and easy weapon that technically unskilled people can deploy for petty grievances." We haven't quite got there yet with Stuxnet, but there's a whole class of "advanced persistent threat" techniques that are now in the hands of fringey criminals who deploy them at the smallest provocation. Read the rest

The DoJ is using a boring procedure to secure the right to unleash malware on the internet

Screen-Shot-2016-06-21-at-4.48.28-PM

The upcoming Rule 41 modifications to US Criminal Justice procedure underway at the Department of Justice will let the FBI hack computers in secret, with impunity, using dangerous tools that are off-limits to independent scrutiny -- all without Congressional approval and all at a moment at which America needs its law-enforcement community to be strengthening the nation's computers, not hoarding and weaponizing defects that put us all at risk. Read the rest

Watch: leaked demo of malware offered to spying governments

1473189548637815

Someone captured and leaked a live presentation by an RCS sales tech, demonstrating his company's cyber-weapon for spying on dissidents, criminals, and whomever else the customer wanted to infect. Read the rest

Snowden explains the Shadow Brokers/Equation Group/NSA hack

050 056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1187

The news that a group of anonymous hackers claimed to have stolen some of the NSA's most secret, valuable weaponized vulnerabilities and were auctioning them off for bitcoin triggered an epic tweetstorm from Edward Snowden, who sets out his hypothesis for how the exploits were captured and what relation that has to the revelations he made when he blew the whistle on illegal NSA spying in 2013. Read the rest

Return of Dieselgate: 3 more hidden programs found in VW Audi/Porsche firmware

2008-2010_Porsche_Cayenne_S_--_03-21-2012

The German newspaper Bild am Sonntag says that US investigators have discovered three more hidden cheat apps in a Volkswagen product line: these ones were discovered in 3-liter Audi diesels. Read the rest

More posts