The mystery of the recent surge in port 8000 scan activity has been solved today by security researches from Qihoo 360 Netlab, who tracked this week's mystery traffic to an old foe —the Satori IoT botnet.
At least 5% of all the Monero cryptocurrency currently in circulation has been mined using malware, and about 2% of the total daily hashrate comes from devices infected with cryptocurrency-mining malware.
Chinese firm Foscam has published firmware updates to address three vulnerabilities in multiple models of IP-based cameras. The flaws, when exploited, allow an attacker to take control of vulnerable cameras, and especially those left connected online via a public IP address.
The VPNFilter malware that infected over 500,000 routers and NAS devices across 54 countries during the past few months is much worse than previously thought.
Cyber-criminals have managed to assemble a gigantic botnet of over 40,000 infected web servers, modems, and other IoT devices, which they used for cryptocurrency mining, and for redirecting users to malicious sites.
Botnet operators can be as clueless about security as their victims, according to Ankit Anubhav Principal Researcher at NewSky Security, a cyber-security company specialized in IoT security.
Security researchers from Cisco said today that they've detected a giant botnet of hacked routers that appears to be preparing for a cyber-attack on Ukraine.
A malicious PHP script found on over 5,000 compromised websites has been fingered as the source of a large-scale spam campaign that has been silently redirecting users to web pages hosting diet and intelligence boosting pills.
Attacks on Dasan GPON routers are continuing to happen using two vulnerabilities disclosed last month, but today, researchers from Qihoo 360 Netlab have revealed that one botnet operator appears to have deployed a new zero-day affecting the same router types.
The operators of the Satori botnet are mass-scanning the Internet for exposed Ethereum mining rigs, according to three sources in the infosec community who've observed the malicious behavior —SANS ISC, Qihoo 360 Netlab, and GreyNoise Intelligence.
Attackers are experimenting with a new method of avoiding some DDoS mitigation solutions by employing the Universal Plug and Play (UPnP) protocol to mask the source port of network packets sent during the DDoS flood.
Security researchers have discovered the first IoT botnet malware strain that can survive device reboots and remain on infected devices after the initial compromise.
Two vulnerabilities affecting over one million routers, and disclosed earlier this week, are now under attack by botnet herders, who are trying to gather the vulnerable devices under their control.
A recent survey of 2,205 regular users has proven once again that most people don't update router firmware, don't change default credentials, and don't generally know how to secure their devices.
A botnet made up of servers and smart devices has begun the mass exploitation of a severe Drupal CMS vulnerability and is using already compromised systems to infect new machines, in a worm-like behavior.