Information

02 Nov

Who killed Mozi? Finally putting the IoT zombie botnet in its grave

Information

ESET Research How ESET Research found a kill switch that had been used to take down one of the most prolific botnets out there 01 Nov 2023  •  , 3 min. read In August 2023, the notorious Mozi botnet, infamous for exploiting vulnerabilities in hundreds of thousands of IoT devices each year, experienced a sudden and unanticipated nosedive in activity. First observed in India on August 8th, 2023 and a week later in China on…

Read More
01 Nov

Countries at a UK Summit Pledge to Tackle AI’s Potentially ‘Catastrophic’ Risks

Information, News

Delegates from 28 nations, including the U.S. and China, agreed Wednesday to work together to contain the potentially “catastrophic” risks posed by galloping advances in artificial intelligence. The first international AI Safety Summit, held at a former codebreaking spy base near London, focused on cutting-edge “frontier” AI that some scientists warn could pose a risk to humanity’s very existence. British Prime Minister Rishi Sunak said the declaration was “a landmark achievement that sees the world’s…

Read More
01 Nov

Mozi Botnet Likely Killed by Its Creators

Information, News

The recent shutdown of the Mozi botnet is believed to be the work of its operators, who may have been forced to kill their creation by Chinese authorities. This is a theory from cybersecurity firm ESET, whose researchers recently discovered a kill switch suggesting that the takedown was deliberate.  Mozi emerged in September 2019 and at one point it was a highly active botnet, accounting for a large chunk of the traffic associated with IoT…

Read More
01 Nov

Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges

Information, News

VMware Carbon Black’s Threat Analysis Unit (TAU) has identified dozens of previously unknown vulnerable kernel drivers that could be exploited by attackers to alter firmware or escalate privileges. It’s not uncommon for threat actors, including cybercriminals and state-sponsored groups, to abuse kernel drivers in their operations. Such drivers can allow malicious hackers to manipulate system processes, maintain persistence on a system, and evade security products. VMware’s TAU collected roughly 18,000 Windows driver samples from VirusTotal…

Read More
01 Nov

20 scary cybersecurity facts and figures for a haunting Halloween

Information

Digital Security Cybersecurity Awareness Month draws to a close and Halloween is just around the corner, so here is a bunch of spine-tingling figures about some very real tricks and threats lurking online Phil Muncaster 30 Oct 2023  •  , 4 min. read October is Cybersecurity Awareness Month (CSAM) in the US and Canada and European Cybersecurity Month (ECMS) on the other side of the pond. These campaigns represent a great opportunity to share best…

Read More
01 Nov

Closing the gender gap: 7 ways to attract more women into cybersecurity

Information

We Live Progress Global Diversity Awareness Month is a timely occasion to reflect on the steps required to remove the obstacles to women’s participation in the security industry, as well as to consider the value of inclusion and diversity in the security workforce. 31 Oct 2023  •  , 7 min. read While our digital age is progressing by leaps and bounds and technology-related roles will remain in high demand in the future, the cybersecurity industry…

Read More
31 Oct

Cybersecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO

Information, News

In a development sparking chatter and debate through the cybersecurity world, the lawsuit filed by the the U.S. Securities and Exchange Commission (SEC) against the Chief Information Security Officer (CISO) of SolarWinds is leaving CISOs across the industry spooked and reevaluating their roles. The lawsuit alleges that former SolarWinds CISO Timothy Brown failed to disclose critical information regarding the massive cyberattack on the company’s software supply chain that occurred in late 2020. The complex attack,…

Read More
31 Oct

.US Harbors Prolific Malicious Link Shortening Service

Information, Insights

The top-level domain for the United States — .US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified .US domains as among the most prevalent in phishing attacks over the past year. Researchers at Infoblox say they’ve been tracking what appears to be a three-year-old link shortening service…

Read More
30 Oct

SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures

Information, News

In a surprising development on Monday that is spooking the cybersecurity community, the Securities and Exchange Commission (SEC) has filed charges against SolarWinds and its Chief Information Security Officer (CISO), Timothy G. Brown, alleging that the software company misled investors about its cybersecurity practices and known risks. The charges stem from alleged fraud and internal control failures related to known cybersecurity weaknesses that took place between the company’s October 2018 initial public offering (IPO) and…

Read More
29 Oct

Roundcube Webmail servers under attack – Week in security with Tony Anscombe

Information

Video The zero-day exploit deployed by the Winter Vivern APT group only requires that the target views a specially crafted message in a web browser 27 Oct 2023 This week, ESET research described how the Winter Vivern APT group has been exploiting a zero-day XSS vulnerability in Roundcube Webmail servers to target European governmental entities and a think tank. ESET researchers uncovered the attacks on October 11th while monitoring Winter Vivern’s cyberespionage operations, which typically…

Read More