Tag Archive for: Counter

Common IoT Security Threats and best practices to counter them

/in



Read Article

By Bhavesh Goswami, CEO & Founder, CloudThat

The Internet of Things (IoT) is a growing phenomenon that is being adopted by various businesses to increase efficiency. As objects around us are increasingly being connected to the internet, IoT devices are ubiquitous today. Moreover, the IoT market is growing at a staggering rate with each passing day. This piece of statistics from IoT analytics emphasizes the growing pace of the IoT market. In 2021 the number of IoT devices worldwide was 13.8 billion, in 2022 it is expected to grow up to 16.8 billion devices and by 2025 it is estimated to become 30.9 billion devices. Interestingly, the report also says that by 2030, 75% of devices used worldwide will be IoT devices.

While IoT devices can greatly influence and increase productivity in business, it is also very important to understand that these devices are exposed to threats such as unethical hacking or masquerading from any of the internet-enabled devices. Moreover, the security vulnerabilities of IoT devices must be effectively handled and it is here where IoT security steps in.

IoT security: Knowing the Basics First
IoT security is a pool of tools and techniques employed to thwart security vulnerabilities faced by millions of inter-connected devices on the Internet. In other words, IoT security involves protecting IoT devices from attacks. While many business owners are aware that they must safeguard their PCs and phones with antivirus software, the security concerns associated with IoT devices are less widely understood, and their protection is sometimes overlooked. So, understanding the security vulnerabilities and threats is critical for adequately protecting one’s network.

6 Common IoT Security Threats: Cause of Concern for Businesses

•Weak password protection- IT systems and IoT devices consist of hard-coded and embedded credentials which are an unexpected gain for hackers to attack the device directly. Taking control of an IoT device via its interface or web portal is simple with a weak password.

•Lack of regular patches and weak update mechanism– IoT products are designed to keep usability and connectivity in mind. Initially, they may be…

Source…

Corero extends automatic DDoS protection to counter ‘carpet bomb’ and botnet attacks | VanillaPlus

/in


24 February, 2022 at 9:59 AM

Posted by: Anasia D’mello

Corero extends automatic DDoS protection to counter ‘carpet bomb’ and botnet attacks

Amersham, UK. 23 February 2022 – Corero Network Security plc, a provider of real-time, DDoS (distributed denial of service) cyber defence solutions, is extending its automatic protection against Carpet Bomb and Botnet attacks.

Corero’s mission is to make the internet a safer place to do business by protecting against the downtime and disruption caused by DDoS attacks. Corero is enabling organisations around the globe to maintain business continuity in the event of DDoS attacks, with its intelligently automated, SmartWall DDoS protection solution.

As DDoS attacks continue to grow in magnitude, frequency, and sophistication, it is no longer safe to address this growing problem with traditional blackholing or manual interventions. Corero’s real-time automatic approach is the only way to effectively prevent DDoS-downtime as it blocks over 98% of attacks in seconds, with no operator intervention required. Our ongoing market growth is being further propelled by multiple new product enhancements which ensure we continue to do so.

Corero’s new SmartWall DDoS protection includes:

  • Automatic Spread Spectrum attack protection to address the increase in volumetric ‘Carpet Bomb’ attacks that target entire network ranges and enables them to evade conventional DDoS mitigation solutions.
  • Automatic Advanced Botnet/Source flood protection to address the harmful high-rate traffic sources experienced with Botnet flood attacks as well as new TCP protocol flood protections (SYN-ACK, ACK, etc…)
  • Intelligent Fragment protection using Corero’s patented heuristics-based Smart-Rule technology enhances the ability to automatically block the large volumes of packet fragments associated with many of today’s DDoS attacks.

“As botnet and carpet bomb attacks continue to increase, these new capabilities enable Corero to further expand our automatic DDoS protection to address these significant threats, helping to keep our customers, and theirs, online, all the time,” says Corero’s head of security operations..

Comment on this article below or via Twitter: @VanillaPlus OR @jcvplus

Source…

Pakistan Needs A Cyber Army To Counter Emerging Risks

/in


Cyberspace is an exceptional, human-made domain that was created for the facilitation of communication and can be characterised as a worldwide interconnected infrastructure. It has enabled free interchange of data via a networked system for more than half of the world’s population. Emerging threats in cyberspace currently pose new hazards and challenges to societies around the world. These threats have the potential to undermine the safety of citizens and disrupt political, social and economic life.

To intellectualise cyberspace security, we need to understand the difference between two risk magnitudes: risk to cyberspace and risk through cyberspace. The risk of cyberspace can be considered as a threat to the physical infrastructure of communication technologies. The threat through cyberspace, on the other hand, is a danger posed by cyberspace itself and is enabled by the usage of its technologies.

The risk to cyberspace

Even though the internet was developed to become a mainly strong network, its growth and change of status from a small web of interconnected devices to the global hub of social and economic life introduced a wide range of security vulnerabilities to its physical structure. After being targeted many times with a malicious intent to bring disruption, many states have acknowledged cyberspace as a ‘key national asset’ and have planned to establish special organizations that will protect critical infrastructure, thereby reducing risks to the normal functioning of the network.

It is important to remember that cyberspace is a prerequisite for the existence of universal capitalism in its current form. Therefore, emerging risks to cyberspace threaten to undermine international capital marketplaces and disturb prevailing economic order. Consequently, the security needs of cyberspace infrastructure and flow of information coincide with some of the national security essentials and have to be sheltered by government actors. To this end, the Communications Security Establishment Canada (CSEC) and the National Security Agency (NSA) have established national encryption standards and protection protocols.

Furthermore, the task of safeguarding critical…

Source…

New RedLine malware version spread as fake Omicron stat counter

/in


redline

A new variant of the RedLine info-stealer is distributed via emails using a fake COVID-19 Omicron stat counter app as a lure.

RedLine is a widespread commodity malware sold to cyber-criminals for a couple of hundred USD. It supplies dark web markets with over half of the stolen user credentials sold to other threat actors.

The malware is actively developed and continually improved with widespread deployment using multiple distribution methods.

RedLine targets user account credentials stored on the browser, VPN passwords, credit card details, cookies, IM content, FTP credentials, cryptocurrency wallet data, and system information.

The most recent variant was spotted by analysts at Fortinet, who noticed several new features and improvements on top of an already information-stealing functionality.

Targeting additional data

The new variant has added some more information points to exfiltrate, such as:

  • Graphics card name
  • BIOS manufacturer, identification code, serial number, release date, and version
  • Disk drive manufacturer, model, total heads, and signature
  • Processor (CPU) information like unique ID, processor ID, manufacturer, name, max clock speed, and motherboard information

This data is fetched upon the first execution of the “Omicron Stats.exe” lure, which unpacks the malware and injects it into vbc.exe.

The additional apps targeted by the new RedLine variant are the Opera GX web browser, OpenVPN, and ProtonVPN.

Previous versions of RedLine targeted regular Opera, but the GX is a special “gamer-focused” edition growing in popularity. 

Moreover, the malware now searches Telegram folders to locate images and conversation histories and send them back to the threat actor’s servers.

Finally, local Discord resources are more vigorously inspected to discover and steal access tokens, logs, and database files.

New RedLine variant searching for Discord logs
New RedLine variant searching for Discord logs
Source: Fortinet

Campaign characteristics

While analyzing the new campaign, researchers found an IP address in Great Britain communicating with the command and control server via the Telegram messaging service.

The victims are spread across 12 countries, and the attack doesn’t focus on specific organizations or…

Source…