Architecture, Information Security and Internet

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. Effective implementation improves data throughput, system reliability, and overall security for any organization. or segregated as cloud or network attached storage (NAS).

Architecture

Architecture Network Security Firewall Risk

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

The second architectural flaw is related subscriber credentials that are checked on S-GW (SGSN) equipment by default. phone number) of a real subscriber and impersonate him to access the Internet. “On all tested networks, it was possible to use mobile Internet at the expense of both other subscribers and the operator.”

Mobile

Mobile Internet Internet Advertising

Google Responds to Warrants for “About” Searches

Schneier on Security

OCTOBER 13, 2020

“We vigorously protect the privacy of our users while supporting the important work of law enforcement,” Google’s director of law enforcement and information security Richard Salgado told us. We have knowingly and willingly built the architecture of a police state, just so companies can show us ads.

Surveillance

Surveillance Wireless Accountability Architecture

As Internet-Connected Medical Devices Multiply, So Do Challenges

Cisco Security

JUNE 15, 2022

To consumers, the Internet of Things might bring to mind a smart fridge that lets you know when to buy more eggs, or the ability to control your home’s lighting and temperature remotely through your phone. But for cybersecurity professionals, internet-connected medical devices are more likely to be top-of-mind.

Internet

Internet Internet Manufacturing Healthcare

What Is a DMZ Network? Definition, Architecture & Benefits

eSecurity Planet

APRIL 7, 2023

However, when your DMZ network includes a proxy server, administrators also have the option to filter all internal internet usage through the DMZ. Also read: Network Protection: How to Secure a Network How DMZ Networks Work DMZ networks work through isolation, but first, through network segmentation.

Architecture

Architecture Firewall Network Security Technology

CTO of Center for Internet Security Expounds on Transforming InfoSec

SecureWorld News

NOVEMBER 9, 2022

We have so much change happening and we can drive it to happen in a more positive way to reduce the resource needs for organizations and actually scale security for businesses of all sizes.". Or is that just too much of a reach?

InfoSec

InfoSec Internet Internet Encryption

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

the firm’s Head of Security Engineering and Architecture, is quoted as saying that Apple “makes the most secure mobile devices on the market.”. Also concerning is the fact that in Apple’s Lockdown announcement, Ivan Krsti?, Is that really true?

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

NASA identified 1,785 cyber incidents in 2020

Security Affairs

MAY 27, 2021

“The cyber threat to NASA’s computer networks from internet-based intrusions is expanding in scope and frequency, and the success of these intrusions demonstrates the increasingly complex nature of cybersecurity challenges facing the Agency. . Pervasive weaknesses exist in NASA IT internal controls and risk management practices. •

Information Security

Information Security Cyber Attacks Mobile Architecture

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

The Last Watchdog

MAY 19, 2022

As every computer security professional knows, if anything is on the Internet, it’s subject to increasingly sophisticated attacks. percent of CMS users worry about the security of their CMS—while 46.4 percent actually had a CMS security issue affect their content.

Data breaches

Data breaches Encryption Mobile Technology

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

The Last Watchdog

OCTOBER 19, 2020

For organizations looking to improve their security posture, this is causing confusion and vendor fatigue, especially for companies that don’t have a full time Chief Information Security Officer. The vendors are well-intentioned.

eCommerce

eCommerce Cybersecurity B2B Marketing

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. In the current version, each node cannot send control command to its peers.

Architecture

Architecture IoT Malware Advertising

Large-scale extortion campaign targets publicly accessible environment variable files (.env)

Security Affairs

AUGUST 18, 2024

This extortion campaign involved several security failures, including exposing environment variables, using long-lived credentials, and the lack of a least privilege architecture. This indicates that these threat actor groups are both skilled and knowledgeable in advanced cloud architectural processes and techniques.”

Architecture

Architecture Internet Internet Media

Czech cyber-security agency warns over Huawei, ZTE security threat

Security Affairs

DECEMBER 18, 2018

. “The main issue is a legal and political environment of the People’s Republic of China, where (the) aforementioned companies primarily operate,” reads a statement issued by the Czech National Cyber and Information Security Agency. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Manufacturing

Manufacturing Advertising Internet Internet

New NKAbuse malware abuses NKN decentralized P2P network protocol

Security Affairs

DECEMBER 15, 2023

The malicious code can target various architectures, it supports both flooder and backdoor capabilities. The primary target of NKAbuse is Linux desktops, however, it can target MISP and ARM architecture. The protocol enables secure and low-cost data transfer. ” reads the report published by Kaspersky.

Malware

Malware Architecture Technology DDOS

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

DECEMBER 18, 2021

Devices running no longer supported firmware will not receive security updates in the future with the result that they will be more exposed to cyber-attacks. For this reason, it is essential to disconnect these devices from the internet, disable remote access, and use a strong, unique password.

Firmware

Firmware Architecture Internet Internet

Czech public radio says Huawei Czech Unit secretly collected data

Security Affairs

JULY 22, 2019

In December 2018, the Czech National Cyber and Information Security Agency warned against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. The Chinese firm was already excluded by several countries from building their 5G internet networks.

Manufacturing

Manufacturing Internet Internet Advertising

Firms with exposed IoT have a higher concentration of other security problems

SC Magazine

JANUARY 29, 2021

For example, companies with exposed IoT are more than 50% more likely to have email security issues, according to a new report and blog post from the Cyentia Institute and RiskRecon. But what does that correlation mean for chief information security officers? Let’s say you had a printer operating on the internet.

IoT

IoT Internet Internet CISO

DDoS attacks leverages Plex media server

SC Magazine

FEBRUARY 4, 2021

Indeed, what should be evaluated among chief information security officers “is the security posture of the home environment ,” said Roland Dobbins, Netscout principal engineer, who authored the report. “That includes the broadband internet access router.

DDOS

DDOS Media Engineering Architecture

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Security Affairs

DECEMBER 17, 2018

In November 2018, the Wall Street Journal reported that the US Government is urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures. Huawei was already excluded by several countries from building their 5G internet networks.

Technology

Technology Internet Internet Advertising

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet leverages a robust architecture based on a combination of third-party services, P2P, and Command & Control servers. This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices.

Architecture

Architecture DDOS Advertising DNS

Cryptojacking campaign targets exposed Docker APIs

Security Affairs

JUNE 19, 2024

The attack begins with the threat actor scanning the internet to find hosts with Docker’s default port 2375 open. Researchers at Datadog uncovered a new cryptojacking campaign linked to the attackers behind Spinning YARN campaign. The threat actors target publicly exposed and unsecured Docker API endpoints for initial access.

Internet

Internet Internet Malware Architecture

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Security Affairs

SEPTEMBER 18, 2024

“The investigation has yielded insights into the botnet’s network architecture, exploitation campaigns, malware components, and operational use, illuminating the evolving tactics and techniques employed by the threat actors. “This botnet has targeted entities in the U.S. ” concludes the report.

IoT

IoT Wireless DDOS Architecture

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

Researchers at Lumen’s Black Lotus Labs discovered a new malware family, named Cuttlefish, which targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data from internet traffic. The binary analyzed by the researchers is compiled for all major architectures used by SOHO operating systems.

Malware

Malware DNS Authentication Telecommunications

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

The seller published multiple ads in multiple hacking forums and also offered access to a sample of the stolen info, including blueprints and PII.

Engineering

Engineering Telecommunications Data breaches Wireless

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

The campaign was uncovered by CrowdStrike by investigating a series of security incidents in multiple countries, the security firm added that the threat actors show an in-depth knowledge of telecommunications network architectures. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

Amadey malware spreads via software cracks laced with SmokeLoader

Security Affairs

JULY 25, 2022

Then the malware contacts the C2 and sends system information (i.e. computer name, user name, OS version, architecture type, list of installed anti-malware products) to the operators. Once the malware is installed, it can stay in the system to steal user information and download additional payloads.” Pierluigi Paganini.

Software

Software Malware Cybercrime VPN

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

In November 2018, the Wall Street Journal reported that the US Government was urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Chinese equipment is broadly adopted in many allied countries, including Germany, Italy, and Japan.

Manufacturing

Manufacturing Advertising Surveillance Architecture

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. The IT giant is tracking this cluster of threat activity as DEV-1061. The bot is saved using the filename “zero.”.

IoT

IoT DDOS Malware Firmware

Y2k + 20: risk, COVID and "the Internet issue"

Notice Bored

JANUARY 9, 2021

So, egged-on by information security pro's and IT auditors (me, for instance), management took the risk seriously and invested significant resources into solving "the Y2k issue". Go ahead, show me the associated risk profiles and documented security architectures. The sheer scale of the Internet problem is the real issue.

Internet

Internet Internet Risk InfoSec

New P2PInfect bot targets routers and IoT devices

Security Affairs

DECEMBER 4, 2023

Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botnet that targets routers, IoT devices, and other embedded devices. This variant has been compiled for the Microprocessor without Interlocked Pipelined Stages (MIPS) architecture. ” The new bot targets devices embedded with 32-bit MIPS processor.

IoT

IoT Architecture Malware Hacking

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. Then the script downloads the actual Enemybot binary which is compiled for the target device’s architecture. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

DDOS

DDOS Architecture Malware Cybercrime

The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

Security Affairs

AUGUST 5, 2022

It allows threat actors to target multiple architectures without requiring technical skills. “The platform currently supports Windows, Linux and Python-based payloads, allowing adversaries to target multiple architectures without requiring significant development resources.”

Architecture

Architecture DDOS Internet Internet

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

Security Affairs

JUNE 15, 2021

A new variant of the Mirai botnet, tracked as Moobot, was spotted scanning the Internet for vulnerable Tenda routers. Researchers from AT&T Alien Lab have spotted a new variant of the Mirai botnet, tracked asu Moobot, which was scanning the Internet for the CVE-2020-10987 remote code-execution (RCE) issue in Tenda routers.

Malware

Malware Internet Internet DDOS

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

More than a third (39%) used the microservice architecture. Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST. Most of the web applications were owned by companies based in Russia, China and the Middle East.

Passwords

Passwords Authentication Architecture Risk

45,654 VMware ESXi servers reached End of Life on Oct. 15

Security Affairs

OCTOBER 17, 2022

IT Asset Management software provider Lansweeper has scanned the Internet for VMware ESXi servers and found over 45,000 instances that have reached end-of-life (EOL). There will be no architectural, performance improvements, or feature additions. Security patches are limited to one roll-up per year.”

Architecture

Architecture Cybercrime Software Internet

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

” Recently, experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. The installation script also retrieves the contents of a Pastebin URL containing a Monero wallet ID and mining information, then it downloads the miner.

Architecture

Architecture Cryptocurrency Malware Advertising

Updated MATA attacks industrial companies in Eastern Europe

SecureList

OCTOBER 18, 2023

The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows executable malware by downloading files through an internet browser. Next, they were able to access the control panels of two security solutions simultaneously. The last one we named MATA gen.5

Malware

Malware Phishing Internet Internet

Trend Micro observed notable malware activity associated with the Momentum Botnet

Security Affairs

DECEMBER 18, 2019

The Momentum bot targets various Linux platforms running upon multiple CPU architectures, including ARM, MIPS, Intel, and Motorola 68020. Experts revealed details on the tools and techniques used by the botnet to compromise Linux devices and recruit them in launching distributed denial-of-service (DDoS) attacks.

Malware

Malware DDOS Advertising DNS

New Go-based botnet Zerobot exploits dozens of flaws

Security Affairs

DECEMBER 7, 2022

Researchers discovered a new Go-based botnet called Zerobot that exploits two dozen security vulnerabilities IoT devices. Fortinet FortiGuard Labs researchers have discovered a new Go-based botnet called Zerobot that spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications.

IoT

IoT Architecture Internet Internet

What do cybersecurity experts predict in 2022?

CyberSecurity Insiders

DECEMBER 24, 2021

As long-time information security professionals and (ISC)² Community Champions, we have experienced the way cybersecurity employees engage and work with one another continue to adapt in response to changes in the workplace and world at large. We suggest that all cybersecurity professionals be informed on these topics as they evolve.

Cybersecurity

Cybersecurity Ransomware VPN Architecture

AT&T Cybersecurity’s managed SASE service wins CyberSecurity Breakthrough award

CyberSecurity Insiders

NOVEMBER 8, 2021

As organizations strive for excellence in digital transformation and face the realities of an accelerated push to remote work, they’ve been called to rethink their networking and cybersecurity architecture. SASE helps future-proof cybersecurity architecture by decoupling security control from the data center.

Cybersecurity

Cybersecurity Digital transformation Architecture Technology

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Security Affairs

DECEMBER 9, 2021

Like the Mirai botnet, Dark Mirai determines the victim’s architecture to fetch and download the matching payload. Below are the two requests sent to the devices to compromise them: The researchers pointed out that successful exploitation requires authentication of the routers.

Firmware

Firmware Architecture Malware Hacking

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

. “Our analysis of this particular sample indicates the file executes on microprocessor without interlocked pipelined stages (MIPS) architecture. This is an extension understood by machines running reduced instruction set computer (RISC) architecture, which is prevalent on many IoT devices.” ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

Network Security Architecture: Best Practices & Tools

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Trending Sources

Google Responds to Warrants for “About” Searches

As Internet-Connected Medical Devices Multiply, So Do Challenges

What Is a DMZ Network? Definition, Architecture & Benefits

CTO of Center for Internet Security Expounds on Transforming InfoSec

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

NASA identified 1,785 cyber incidents in 2020

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

New HEH botnet wipes devices potentially bricking them

Large-scale extortion campaign targets publicly accessible environment variable files (.env)

Czech cyber-security agency warns over Huawei, ZTE security threat

New NKAbuse malware abuses NKN decentralized P2P network protocol

Western Digital customers have to update their My Cloud devices to latest firmware version

Czech public radio says Huawei Czech Unit secretly collected data

Firms with exposed IoT have a higher concentration of other security problems

DDoS attacks leverages Plex media server

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Cryptojacking campaign targets exposed Docker APIs

Updated Kmsdx botnet targets IoT devices

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Cuttlefish malware targets enterprise-grade SOHO routers

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

China-linked LightBasin group accessed calling records from telcos worldwide

Amadey malware spreads via software cracks laced with SmokeLoader

US officials claim Huawei Equipment has secret backdoor for spying

A new Zerobot variant spreads by exploiting Apache flaws

Y2k + 20: risk, COVID and "the Internet issue"

New P2PInfect bot targets routers and IoT devices

Enemybot, a new DDoS botnet appears in the threat landscape

The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

Top 10 web application vulnerabilities in 2021–2023

45,654 VMware ESXi servers reached End of Life on Oct. 15

WatchBog cryptomining botnet now uses Pastebin for C2

Updated MATA attacks industrial companies in Eastern Europe

Trend Micro observed notable malware activity associated with the Momentum Botnet

New Go-based botnet Zerobot exploits dozens of flaws

What do cybersecurity experts predict in 2022?

AT&T Cybersecurity’s managed SASE service wins CyberSecurity Breakthrough award

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Mozi Botnet is responsible for most of the IoT Traffic

Stay Connected