More than one million consumer web-connected video cameras and DVRs are compromised by bot herders who use the devices for DDoS attacks, researchers say.
According to Level 3 Threat Research Labs, a small malware family that goes by the names Lizkebab, BASHLITE, Torlus and Gafgyt is behind a web of botnets carrying out the attacks.
“This research shocked us,” said Dale Drew, chief security officer at Level 3 Communications. “We picked fairly well-known and average botnets and challenged ourselves to find as many interesting things as we could. At a high level we were surprised. When we looked at BASHLITE malware, for example, we found it was tied to botnets far more organized and structured than we had previously thought.”
The profile of attacks on two US state voter registration systems this summer presented in an FBI "Flash" memo suggests that the states were hit by a fairly typical sort of intrusion. But an Arizona official said that the Federal Bureau of Investigation had attributed an attack that succeeded only in capturing a single user's login credentials to Russian hackers and rated the threat from the attack as an "eight on a scale of ten" in severity. An Illinois state official characterized the more successful attack on that state's system as "highly sophisticated" based on information from the FBI.
The Locky ransomware family has emerged as one of the most prominent ransomware families to date, being sold in the Brazilian underground and spreading via various exploits. Locky has, over time, become known for using a wide variety of tactics to spread–including macros, VBScript, WSF files, and now, DLLs.
Recently we encountered a new Locky variant (detected as RANSOM_LOCKY.F116HM) that used old tactics on the surface, but with some key technical changes. The emails that were used to distribute it were fairly pedestrian as far as these messages go, although it was part of a large-scale spam campaign.
The FBI is urging US election officials to increase computer security after it uncovered evidence that hackers have targeted two state election databases in recent weeks, according to a confidential advisory.
The warning was in an August 18 flash alert from the FBI's Cyber Division. Reuters obtained a copy of the document.
Yahoo News first reported the story on Monday, citing unnamed law-enforcement officials who said they believed foreign hackers caused the intrusions.
In 2013, a document leaked by former National Security Agency contractor Edward Snowden illustrated how a specially modified USB device allowed spies to surreptitiously siphon data out of targeted computers, even when they were physically severed from the Internet or other networks. Now, researchers have developed software that goes a step further by turning unmodified USB devices into covert transmitters that can funnel large amounts of information out of similarly "air-gapped" PCs.
The USBee—so named because it behaves like a bee that flies through the air taking bits from one place to another—is in many respects a significant improvement over the NSA-developed USB exfiltrator known as CottonMouth. That tool had to be outfitted with a hardware implant in advance and then required someone to smuggle it into the facility housing the locked-down computer being targeted. USBee, by contrast, turns USB devices already inside the targeted facility into a transmitter with no hardware modification required at all.
Cyber threats today are no longer restricted to a company’s communications and IT domains, calling for more than just technical controls to avert attacks and protect the business from future risks and breaches, a new report said. According to the joint report of the Confederation of Indian Industry (CII) and KPMG, cyber security today embraces multiple units of an organization like human resource, supply chain, administration and infrastructure. It, therefore, requires governance at the highest levels. “It is vital to keep pace with the changing regulatory and technology landscape to safeguard and advance business objectives. Working backwards by identifying and understanding future risks, predicting risks and acting ahead of competition, can make a company more robust,” said Richard Rekhy, Chief Executive Officer, KPMG, India.