Duo's Security Blog

JANUARY 8, 2021

“Turns out, people aren’t all that good at predictions,” I wrote in my 2020 article. Few could foresee the turns 2020 would take. Cyber Crime in 2020 I predicted, with money still being the top motivating factor for crime, criminals would blend techniques and technologies into new unforeseen attacks. Well, it was.

Digital transformation 77

Digital transformation Phishing Passwords Authentication 77

Security Affairs

MARCH 21, 2020

A new variant of the infamous Mirai malware, tracked as Mukashi, targets Zyxel network-attached storage (NAS) devices exploiting recently patched CVE-2020-9054 issue. According to Palo Alto researchers, threat actors exploited the recently patched CVE-2020-9054 vulnerability in Zyxel NAS. The vendor advisory is also available.

DDOS 134

DDOS Authentication Advertising Firmware 134

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. reads the analysis published by the experts. ” continues the analysis.

IoT 145

IoT DDOS Architecture Passwords 145

Security Affairs

APRIL 8, 2020

Cybersecurity researchers discovered a new IoT botnet, tracked as Dark Nexux, that is used to launch distributed denial-of-service (DDoS) attacks. Dark Nexux is the name of a new emerging IoT botnet discovered by Bitdefender that is used to launch DDoS attacks. through 8.6). through 8.6). net:80), and then executes them.

IoT 114

IoT DDOS Advertising Architecture 114

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The botnet targets multiple architectures, including arm, bsd, x64, and x86. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

Malware 145

Malware DDOS IoT Cybercrime 145

IT Security Guru

SEPTEMBER 7, 2022

Per a recent report from Q4 2020 to Q4 2021 , the average number of APIs per company increased by 221% in 12 months and that API attack traffic grew by 681% while overall API traffic grew by 321%. Microservices Architecture has Created a Security Blind Spot. Microservices communicate over APIs.

DDOS 131

DDOS Authentication Architecture Social Engineering 131

Security Affairs

JUNE 15, 2021

Researchers from AT&T Alien Lab have spotted a new variant of the Mirai botnet, tracked asu Moobot, which was scanning the Internet for the CVE-2020-10987 remote code-execution (RCE) issue in Tenda routers. cc, further investigations allowed the researchers to date some of the campaigns back at least to May 2020.

Malware 138

Malware Internet Internet DDOS 138

Security Affairs

DECEMBER 22, 2022

com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The most recent variant spotted by Microsoft spreads by exploiting vulnerabilities in Apache and Apache Spark ( CVE-2021-42013 and CVE-2022-33891 respectively) and also supports new DDoS attack capabilities.

IoT 125

IoT DDOS Malware Firmware 125

CSO Magazine

JUNE 21, 2021

As if 2020 didn’t present enough challenges, it also brought an increase in distributed denial-of-service (DDoS), ransomware, and malware attacks. As more and more businesses expand their reliance on network and cloud architectures, this trend also has exposed new risks from cyberattacks.

DDOS 80

DDOS Architecture Network Security Ransomware 80

eSecurity Planet

JANUARY 30, 2024

Downtime limits incident response, increases the risk of data breaches, and can be used as leverage for DDoS attacks. Limited Control & Visibility Insufficient visibility into the cloud architecture causes delays in threat responses, increasing the risk of data breaches.

Risk 128

Risk DDOS Data breaches Encryption 128

SecureList

SEPTEMBER 21, 2023

Dark web services: DDoS attacks, botnets, and zero-day IoT vulnerabilities Of all IoT-related services offered on the dark web, DDoS attacks are worth examining first. See translation I’m the world’s best-known DDoS attacker for hire (getting ahead of myself here). Botnet based on Medusa, working since 2020.

IoT 135

IoT DDOS Passwords Malware 135

eSecurity Planet

SEPTEMBER 1, 2021

Hackers can spread malware via IoT networks, disrupt supply chains in development, and use a fleet of routers as an IoT botnet to launch a DDoS attack. Also Read: Cloudflare Fended Off Mirai Botnet DDoS Attack. To be successful, an attacker must gain access to the 5G Service Based Architecture. 5G Systems Architecture.

Risk 137

Risk Cybersecurity IoT Wireless 137

eSecurity Planet

MAY 2, 2024

Vendor reports note huge volume of attacks on local and public infrastructure, such as: CrowdStrike: Monitored hacktivist and nation-state distributed denial of service (DDoS) attacks related to the Israli-Palestinian conflict, including against a US airport. 50,000 DDoS attacks on public domain name service (DNS) resolvers.

Cybersecurity 122

Cybersecurity DDOS Penetration Testing Passwords 122

IT Security Guru

JULY 19, 2021

According to the World Economic Forum 2020 Global Risk Report , ransomware was the third most common, and second most damaging type of malware attack recorded last year, with payouts averaging a hefty $1.45M per incident. Digital transformation and the move to remote work has fundamentally changed the way modern businesses operate.

Ransomware 107

Ransomware Digital transformation Antivirus DDOS 107

Security Boulevard

FEBRUARY 28, 2021

Further to the attack on Oldsmar, Florida’s water facility, CTO of Cymulate Avihai Ben-Yossef warned, " in 2020 we saw a dramatic increase in Nation-State actors attempting attacks on critical infrastructure like power and utility companies. DDoS Attacks Leverage Plex Media Server. Redscan NIST Security Vulnerability Trends 2020.

Energy and Utilities 145

Energy and Utilities Ransomware DDOS Accountability 145

CyberSecurity Insiders

MARCH 14, 2021

If there’s one thing we learned from 2020, it’s to expect the unexpected! Despite the challenges of 2020, the IoT industry is thriving. recently noted that 2020 marked a turning point where 12 billion IoT connections surpassed non-IoT connections for the first time in history. billion at the end of 2020. billion in 2020.

IoT 86

IoT Healthcare Digital transformation Technology 86

SC Magazine

MARCH 19, 2021

billion in 2020. Today’s columnist, Glenn Mulvaney of Clumio, says while ransomware has become a hot-button issue, companies also need to focus on viruses, DDoS attacks, cryptojacking, and securing the cloud. Master the provider’s security offerings and their best practices in terms of access control, architecture, and design.

Backups 72

Backups DDOS Architecture Ransomware 72

eSecurity Planet

MAY 19, 2022

Already a leading SD-WAN pick, the HPE subsidiary boosted its market position with acquisitions of security vendor Cape Networks in 2018 and WAN specialist Silver Peak Systems in 2020. infographic from Cisco laying out its SD-WAN architecture. Barracuda Networks. Features: Juniper Session Smart Routers and SASE.

Firewall 121

Firewall Architecture Encryption Network Security 121

CyberSecurity Insiders

NOVEMBER 11, 2021

However, there is a difference between the Mirai malware and the new malware variants using Go, including differences in the language in which it is written and the malware architectures. It also has different DDoS functionality. Example 1: main_infectFunctionGponFiber function, exploits CVE-2020-8958. CVE-2020-8515.

Malware 85

Malware IoT Firmware Authentication 85

eSecurity Planet

AUGUST 26, 2022

Today, both outsiders with the right social engineering skills and disgruntled personnel pose risks to sensitive data when network architectures fail to implement microsegmentation and advanced network traffic analysis (NTA). Integration with EDR, SIEM, SOAR, and other network security solutions. Network Security and NDR.

Artificial Intelligence 115

Artificial Intelligence Network Security Firewall Malware 115

eSecurity Planet

MAY 6, 2021

With two options to choose from, the Web Application Protector (WAP) offers DDoS protection , bot management, and is pre-configured to detect the latest threats. Next to Imperva, the Gartner 2020 Magic Quadrant puts Akamai as the only other WAF market leader. Both the Akamai WAP and KSD hold an average of 4.7/5

Firewall 52

Firewall DDOS Marketing Technology 52

SecureList

OCTOBER 20, 2021

On top of that, due to changes in legislation that limited financial institutions in hiring external services, the number of cases we investigated for financial industry clients in 2020 was zero. We investigated 200 cases for clients in Russia in 2020, and already over 300 in the first nine months of 2021.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

eSecurity Planet

JANUARY 26, 2022

Founded in 2010 by veteran SaaS and DevOps industry leaders, Datadog specializes in optimizing the service-oriented architecture, helping organizations monitor user journeys and explore service relationships. Administrators can group traffic by container , team, or office and filter data by tag, device, or host. Kentik Features. SolarWinds.

Marketing 121

Marketing DDOS Threat Detection DNS 121

eSecurity Planet

AUGUST 11, 2023

Redundant architecture and tools should not be eliminated until the SASE solution has been thoroughly tested. Overcoming Edge Computing Risks This article was originally written by Paul Shread on November 24, 2020 and revised by Chad Kime on August 11, 2023. For additional reading: Top SASE Solutions What Is Edge Security?

Firewall 105

Firewall IoT Technology Internet 105

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. The new “ Hi-Tech Crime Trends 2019/2020 ” report describes attacks on various industries and critical infrastructure facilities, as well as campaigns aimed at destabilization of the Internet in certain countries.

Banking 123

Banking Telecommunications Marketing Internet 123

eSecurity Planet

JUNE 17, 2021

Security services and tools include anti-DDoS , SOCaaS , web application firewalls (WAF), data encryption , and more. For customers looking to bundle, Huawei offers vulnerability scanning , WAFs, and advanced DDoS protection. The DBSS database audit supports eight database types including MySQL, Oracle, and SQL Server.

Firewall 121

Firewall Encryption Computers and Electronics Software 121

SecureList

APRIL 27, 2022

Subsequently, DDoS attacks hit several government websites. While we were unable to obtain the same results by analyzing the CERT-UA samples, we subsequently identified a different WhiteBlackCrypt sample matching the WhisperKill architecture and sharing similar code. We have seen versions of the LODEINFO backdoor through v0.4.7,

Malware 145

Malware Firmware Government Phishing 145

SecureList

JULY 27, 2023

Killnet, led by a person nicknamed “KillMilk”, is one of the leaders of the hacktivist movement that uses DDoS as a means of disruption. GoldenJackal, an APT group we discovered in 2020, primarily targets high-profile entities in the Middle East and South Asia. We also discovered a new variant, MATAv5.

Malware 98

Malware Government Phishing Social Engineering 98

Security Boulevard

JULY 2, 2024

In Part 1, we explored early versions of SmokeLoader, from its initial rudimentary framework to its adoption of a modular architecture and introduction of encryption and obfuscation. The figure below shows an example packet using SmokeLoader’s binary request format for versions 2020 through 2022.Figure

Encryption 59

Encryption Malware Passwords DDOS 59

SecureList

MAY 11, 2022

This means that their ransomware should be able to run on different combinations of architectures and operation systems. Lockbit started in 2019, and then in 2020, its affiliate program was announced. One way to overcome this is to write the ransomware in a “cross-platform programming language” such as Rust or Golang.

Ransomware 141

Ransomware Encryption Malware Cybercrime 141

SecureList

NOVEMBER 14, 2023

The threat actor used news about the Russo-Ukrainian conflict to trick targets into opening harmful emails that exploited the vulnerabilities (CVE-2020-35730, CVE-2020-12641 and CVE-2021-44026). First, they can carry out actual cyberattacks, including DDoS attacks , data theft or destruction, website defacement, and so on.

Hacking 141

Hacking Energy and Utilities Media Malware 141

CyberSecurity Insiders

APRIL 24, 2023

Our data shows that DDoS (Distributed Denial of Service) attacks are now the top concern (when examining the data in the aggregate vs. by industry). Our research finds that organizations are fortifying and future-proofing their edge architectures and adding cyber resilience as a core pillar.

Energy and Utilities 94

Energy and Utilities Retail Manufacturing IoT 94