Unpatched Bug in WiFi Mouse App Opens PCs to Attack – Threatpost
Unpatched Bug in WiFi Mouse App Opens PCs to Attack Threatpost
Unpatched Bug in WiFi Mouse App Opens PCs to Attack Threatpost
Cybercrime
,
DDoS Protection
,
Fraud Management & Cybercrime
Researchers Says Malicious Network Could Be Used to Launch DDoS Attacks
Prajeet Nair (@prajeetspeaks) •
January 20, 2021
Researchers at Check Point Research are tracking a new botnet dubbed “FreakOut” that’s targeting vulnerabilities in Linux systems.
The goal behind the botnet’s attacks, researchers say, is to create an IRC botnet – a collection of machines infected with malware that can be remotely controlled – that then can be used for malicious activities, such as launching distributed denial-of-service attacks or cryptomining (see: Monero Mining Botnet Targets PostgreSQL Database Servers ).
See Also: 7 Ways to Take Cybersecurity to New Levels
The FreakOut botnet is targeting Linux-based systems that include the TerraMaster operating system, which manages TerraMaster network-attached storage servers; the Zend framework, designed to build web application services using PHP; and Liferay Portal, a web application platform that enables users to create portals and websites.
Each of these open-source systems has a vulnerability that the FreakOut botnet attempts to exploit, the researchers say. In the TerraMaster OS, the remote code execution flaw is tracked as CVE-2020-28188. The Zend framework deserialization bug is listed as CVE-2021-3007. And the deserialization vulnerability within the Liferay Portal is CVE-2020-7961.
Researchers urge users to patch these flaws to…
One of the most critical Windows vulnerabilities disclosed this year is under active attack by hackers who are trying to backdoor servers that store credentials for every user and administrative account on a network, a researcher said on Friday.
Zerologon, as the vulnerability has been dubbed, gained widespread attention last month when the firm that discovered it said it could give attackers instant access to active directories, which admins use to create, delete, and manage network accounts. Active directories and the domain controllers they run on are among the most coveted prizes in hacking because once hijacked, they allow attackers to execute code in unison on all connected machines. Microsoft patched CVE-2020-1472, as the security flaw is indexed, in August.
On Friday, Kevin Beaumont, working in his capacity as an independent researcher, said in a blog post that he had detected attacks on the honeypot he uses to keep abreast of attacks hackers are using in the wild. When his lure server was unpatched, the attackers were able to use a powershell script to successfully change an admin password and backdoor the server.
Read 6 remaining paragraphs | Comments
A researcher claims that the issue can be exploited by attackers in order to gain root access.
Mobile Security – Threatpost