Huawei Routers Exploited to Create New Botnet

 
A Zero-Day vulnerability in the Huawei home router HG532 has been discovered and hundreds of thousands of attempts to exploit it have already been found in the wild. The delivered payload has been identified as OKIRU/SATORI which is an updated variant of Mirai. The suspected threat actor behind the attack is an amateur nicknamed ‘Nexus Zeta’. Introduction In the last 10 years, the number of connected devices has grown to over twenty billion, and, as the years go by, they get progressively smarter. However, whereas they score high on convenience, the latest discoveries from Check Point Research shows they still have a lot of homework to do to get their security score up ...

October’s Most Wanted Malware: Cryptocurrency Mining Presents New Threat

 
Check Point’s latest Global Threat Index has revealed crypto miners were an increasingly prevalent form of malware during October as organizations were targeted with the CoinHive variant Crypto mining is emerging as a silent, yet significant, actor in the threat landscape, allowing threat actors to extract substantial profits while victims’ endpoints and networks suffer from latency and decreased performance. The emergence of Seamless and CoinHive once again highlights the breadth and depth of the challenges organizations face in securing their networks against cyber-criminals. Following up on recent Check Point research that found that cryptocurrency miners can use up to 65% of ...

Bad Rabbit – A New Ransomware Outbreak Targeting Ukraine and Russia.

 
On October 14th, the Ukrainian Security Service warned that a new large scale cyber-attack, similar to notPetya, might take place sometime between October 13 and 17. The attack arrived a few days later than expected; today (October 24th, 2017) the anticipated ransomware attack broke in Europe. Ukraine was the main target for this malware, with many of its critical infrastructure such as train stations, airports and media sites suffering downtime. Other affected countries include Turkey, Russia and Bulgaria. Affected companies include the Kiev Metro (Ukrainian train services), Odessa Airport (Ukraine), the Ukrainian ministries of infrastructure and finance and Interfax (a large ...