Tag Archive for: devices

The top 3 ways to protect your new devices online


Cyberattacks are at an all-time high, and with the cost of dealing with a cyberattack doubling last year, their ramifications are more intense than ever. With your ISP and government trying to track your IP and internet activities, malicious actors devising schemes to infiltrate your device with malware or steal your sensitive data using phishing attacks, you absolutely need to wrap your devices with foolproof safety nets using the best VPN, the best antivirus, and the best password manager.

However, with so many security software on the market that release updates left, right, and center, you need a reliable team of experts that regularly test VPNs, antiviruses, and password managers first-hand—and TechRadar’s in-house experts do just that.

Source…

NoaBot: Another Mirai Botnet Strikes at Linux Devices


Akamai’s team of security experts has discovered a new cryptomining campaign, dubbed NoaBot, leveraging the SSH protocol to spread its malware.

Mirai is a self-propagating worm that can turn consumer devices running Linux on ARC processors into remotely controlled bots. For over seven years now, it’s been used to launch Distributed Denial of Service (DDoS) attacks and, of course, to spread cryptominer malware. That’s where the money is, after all.

Now, Akamai security researchers have discovered a new Mirai variation, NoaBot, that deploys a modified version of the XMRig cryptominer.

What makes this latest version interesting is that instead of relying on Telnet to spread its malware, it used SSH. It does this by initiating a connection, sending a simple “hi” message, and then terminating the connection. This quick scanning strategy aids in keeping a low profile.

It also comes with all the usual Mirai nastiness, such as a scanner module and an attacker module, hiding its process name, etc. NoaBot also seeks to install itself as a crontab entry so that it will run even after an infected device is rebooted. Once in place, it will also try to spread itself to other vulnerable systems.

In addition, it uses an obfuscated configuration and a custom mining pool to disguise itself from investigators. This approach effectively conceals the wallet address, complicating efforts to track the campaign’s profitability.

Interestingly, unlike Mirai, which is usually compiled with GCC, NoaBot is compiled with uClibc. This appears to change how antivirus engines detect the malware. While other Mirai variants are usually detected with a Mirai signature, NoaBot’s antivirus signatures show as an SSH scanner or a generic trojan. The malware also comes statically compiled and stripped of any symbols making reverse engineering it harder.

The P2PInfect Connection

Oddly, there seems to be a link between NoaBot and the P2PInfect worm, This is a peer-to-peer, self-replicating worm written in Rust that targets Redis servers. What’s the point of this? Good question. I wish we had a good answer.

The Akamai security researchers speculate, “The threat actors seem quite tech-savvy, so it could…

Source…

Stealthy new botnet targets VPN devices and routers while staying disguised


The US Government, together with several other countries, has issued a joint Cybersecurity Advisory notice warning of malicious work being carried out by a state-sponsored Chinese cyber actor known as Volt Typhoon.

The Chinese group has been observed targeting US critical infrastructure sectors, and other countries are believed to be at risk.

Source…

How to Enable Private DNS on Android Devices


In today’s digital world, online privacy has become a crucial concern. While Android offers various security features, one often overlooked gem is the Private Domain Name System (DNS). This powerful tool encrypts your internet traffic, shielding your browsing activity from snooping eyes and boosting your overall online security.

Think of DNS as the internet’s phonebook, translating website names into computer-readable addresses. Traditionally, this process was unencrypted, leaving your browsing data exposed to your Internet Service Provider (ISP) or other third parties. Private DNS encrypts this communication, creating a secure tunnel for your internet requests, and adding a layer of privacy and protection.

Google has brought DNS over TLS support to Android by introducing the Private DNS feature. It’s available in Android 9 (Pie) and higher and encrypts all DNS traffic on the phone, including from apps.

The feature is enabled by default and uses a secure channel to connect to the DNS server if the server supports it. But if your ISP or cell service provider’s DNS doesn’t have encrypted DNS support, or you are simply not sure about it, you can use a third-party secure DNS server using the Private DNS feature.

The benefits of secure Private DNS include enhancement of privacy, improved security, and faster browsing. In this guide, we will show you how to activate this powerful feature on your Android device, step-by-step.

Source…