Windows zero-day exploited by same group behind DNC hack

Enlarge / That bear looks familiar.

On Oct. 31, Google's Threat Analysis Group revealed a vulnerability in most versions of Windows that is actively being exploited by malware attacks.

Today, Terry Myerson, executive vice president of Microsoft's Windows and Devices group, acknowledged the exploit was being used actively by a sophisticated threat group—the same threat group involved in the hacks that led to the breach of data from the Democratic National Committee and the Clinton campaign. And while a patch is on the way for the vulnerability, he encouraged customers to upgrade to Windows 10 for protection from further advanced threats.

Myerson wrote:

Read 6 remaining paragraphs | Comments

New, more-powerful IoT botnet infects 3,500 devices in 5 days

There's a new, more powerful Internet-of-things botnet in town, and it has managed to infect almost 3,500 devices in just five days, according to a recently published report.

Linux/IRCTelnet, as the underlying malware has been named, borrows code from several existing malicious IoT applications. Most notably, it lifts entire sections of source code from Aidra, one of the earliest known IoT bot packages. Aidra was discovered infecting more than 30,000 embedded Linux devices in an audacious and ethically questionable research project that infected more than 420,000 Internet-connected devices in an attempt to measure the security of the global network. As reported by the anonymous researcher, Aidra forced infected devices to carry out a variety of distributed denial-of-service attacks but worked on a limited number of devices.

Linux/IRCTelnet also borrows telnet-scanning logic from a newer IoT bot known as Bashlight. It further lifts a list of some 60 widely used username-password combinations built into Mirai, a different IoT bot app whose source code was recently published on the Internet. It goes on to add code for attacking sites that run the next-generation Internet protocol known as IPv6.

Read 3 remaining paragraphs | Comments

ISC Releases Security Updates for BIND

Original release date: November 01, 2016

The Internet Systems Consortium (ISC) has released updates that address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

  • BIND 9 version 9.9.9-P4
  • BIND 9 version 9.10.4-P4
  • BIND 9 version 9.11.0-P1
  • BIND 9 version 9.9.9-S6

Users and administrators are encouraged to review ISC Knowledge Base Article AA-01434 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

The Latest IoT Device I Do Not Want Hacked


What if someone hacked this remotely controlled semiautonomous tractor?

I am a cybersecurity guy and a huge fan of technology. One of the challenges we face in the security industry is the growth of the Internet of Things (IoT). IoT is about connecting everyday objects to the Internet. It might be a toaster, alarm clock, pressure sensor, valve, security camera, medical pill, or vehicle. The benefits can be tremendous, with remote monitoring, management, and the ability to control something from afar. It can enable machines to do the mundane tasks we want to avoid.

This is why the IoT market is exploding. The estimates of IoT devices connected to the Internet is approximately 25 billion by 2020.

But there are risks, because technology is just a tool. One that can be used for noble purposes but also for malicious acts. Every connected device could potentially be taken over by someone who is not interested in your privacy, safety, or prosperity.

It could be petty, as with someone who makes your crock pot overcook your dinner. But it could be unnerving and downright dangerous. A stalker who hacks your home cameras without your knowing. A terrorist who takes over operation of vehicles on the freeway. A nation-state that can undermine an adversary’s power grid and water supply. An anarchist who brings down critical equipment in emergency rooms. These are not pleasant situations. Technology can be compromised.

So I spend my days looking into such things and pondering a future in which technology innovation and security threats intersect. Here is the latest little gem I was contemplating on a lazy afternoon: Meet the Case IH Autonomous Concept Vehicle. It is a powerful beast of a machine, a tractor that can run itself with semiautonomous capabilities or be controlled remotely by an operator. The benefits of an autonomous tractor, could be great, even game changing for the agriculture output of a farm. Taking advantage of narrow harvesting windows and using optimal routes to maximize the crop return, these things could run in packs, working 24/7 while stopping only for fuel, to maximize yields. They might even be able to farm areas we thought impossible or undesirable. The benefits to the farming output of a nation could be outstanding.

But on the other hand, I don’t want even one of these beasts to be hijacked by some hacker. The damage one could cause would be tremendous. The difficulty of stopping it may prove overwhelming to local law enforcement. A tornado on wheels.

I am not singling out this device over any others, just using it as an example of the juxtaposition of technology and security. There are tremendous potential benefits, but at the same time grievous potential risks. We as a society must understand both sides and maneuver in a way that finds a good balance, institutes proper safety measures, and aligns to healthy ethics for the greater community. Security grows more important as we embrace technology.


Interested in more?  Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.

The post The Latest IoT Device I Do Not Want Hacked appeared first on McAfee Blogs.