Sicurezza

Hadoop YARN: An Assessment of the Attack Surface and Its Exploits

Pubblicato il

TL;DR Rate of Hadoop YARN exploits is slowing but still at a concerning 350,000 events per day 1065 servers are exposed and vulnerable The geographic spread of vulnerable servers and the targets of the attacks is global and concentrated in regions with high cloud data center densities Motivations behind the exploits range from planting Linux […]

Sicurezza

The Origin of Ransomware and Its Impact on Businesses

Pubblicato il

In previous articles we’ve mentioned how Ransomware has wreaked havoc, invading systems and putting organizations’ reputation and stability at stake. In this article, we’ll start with the basics and describe what ransomware is and how it is used by cybercriminals to attack tens of thousands of systems by taking advantage of system-vulnerabilities. [You might also […]

Sicurezza

IoT Botnets on the Rise

Pubblicato il

Over the last two years, the criminal community has shifted its focus away from exploit kits as a mean of payload delivery and began focusing on exploiting IoT devices for the purpose of botnet development. Botnets are all the rage and have become more advanced than the days of Sub7 and Pretty Pack. They possess the […]

Sicurezza

The Evolution of IoT Attacks

Pubblicato il

What is the Internet of Things (IoT)? IoT is the ever-growing network of physical devices with embedded technologies that connect and exchange data over the internet. If the cloud is considered someone else’s computer, IoT devices can be considered the things you connect to the internet beyond a server or a PC/Laptop. These are items […]

Sicurezza

Free DNS Resolver Services and Data Mining

Pubblicato il

Why would companies offer free DNS recursive servers? DNS data is extremely valuable for threat intelligence. If a company runs a recursive DNS for consumers, it can collect data on new domains that “pop up”. It can analyze trends, build baselines on domain resolution and enrich its threat intelligence overall (machine learning and big data […]

Sicurezza

Top Cryptomining Malware. Top Ransomware.

Pubblicato il

In 2018, cryptominers have emerged as the leading attack vector used by cybercriminals to gain access into others systems. Cryptominers are getting advanced makeovers by cybercriminals doing their best to develop innovative cryptominers with ground-breaking capabilities. The recently-discovered cryptominers are not only known for their advanced features, but also for their capabilities to attack a wide […]

Sicurezza

Malicious Cryptocurrency Mining: The Road Ahead

Pubblicato il

As cryptomining continues to rule the cybercrime scenario, cybercriminals are designing innovative ways to drain people’s cryptowallets. Scammers are still doing their best to make the most out of their resources to launch leading-edge scam attempts. The increase in scams is mainly attributed to the failure in implementing appropriate fraud protection measures and unfortunately, popular […]

Sicurezza

Can SNMP (Still) Be Used to Detect DDoS Attacks?

Pubblicato il

SNMP is an Internet Standard protocol for collecting information about managed devices on IP networks. SNMP became a vital component in many networks for monitoring the health and resource utilization of devices and connections. For a long time, SNMP was the tool to monitor bandwidth and interface utilization. In this capacity, it is used to […]

Sicurezza

Raising the Bar for Ethical Cryptocurrency Mining

Pubblicato il

In our last article, we discussed how cybercriminals are launching drive-by mining attacks to gain access to people’s crypto-wallets. In this article, we will continue the discussion, explain what ethical mining is and the reason why this area calls for much improvement. It is quite interesting to note that cybercriminals are delivering miners that communicate […]

Sicurezza

DNS: Strengthening the Weakest Link

Pubblicato il

One in three organizations hit by DDoS attacks experienced an attack against their DNS server. Why is DNS such an attractive target? What are the challenges associated with keeping it secure? What attack vectors represent the worse of the worst when it comes to DNS assaults? Based on research from Radware’s 2017-2018 Global Application & […]