Application Security Architecture Authentication
CertificationsCorporate ComplianceCryptology
Disaster RecoveryEnterprise SecurityExploits
FirewallsIncident HandlingIntrusion Detection
OS SecurityPolicies and ProceduresSecurity Basics
Security ManagementSecurity ToolsServers
StandardsVoIPVulnerability Management
Web SecurityWiFi SecurityWorms and Viruses

Mirai: New wave of IoT botnet attacks hits Germany

by Semantec Security Response

A new wave of attacks involving the Mirai botnet has crippled internet access for nearly a million home users in Germany. The latest attacks used a new version of the Mirai malware (Linux.Mirai) which is configured to exploit a weakness found in routers widely used in Germany. New variant of malware used in attacks that knocked 900,000 home internet users offline. Read more in this posting by Semantec Security Response.
» Read more

PowerShell threats surge: 95.4 percent of analyzed scripts were malicious

by Candid Wueest

Malicious PowerShell scripts are on the rise, as attackers are using the framework’s flexibility to download their payloads, traverse through a compromised network, and carry out reconnaissance. Symantec analyzed PowerShell malware samples to find out how much of a danger they posed.

Of all of the PowerShell scripts analyzed through the BlueCoat Malware Analysis sandbox, 95.4 percent were malicious. This shows that externally sourced PowerShell scripts are a major threat to enterprises.
» Read more

Shamoon: Back from the dead and destructive as ever

by Semantec Security Response

Shamoon (W32.Disttrack), the aggressive disk-wiping malware which was used in attacks against the Saudi energy sector in 2012, has made a surprise comeback and was used in a fresh wave of attacks against targets in Saudi Arabia.
The malware used in the recent attacks (W32.Disttrack.B) is largely unchanged from the variant used four years ago. In the 2012 attacks, infected computers had their master boot records wiped and replaced with an image of a burning US flag. The latest attacks instead used a photo of the body of Alan Kurdi, the three year-old Syrian refugee who drowned in the Mediterranean last year.
» Read more

Avalanche malware network hit with law enforcement takedown

by Semantec Security Response

The Avalanche malware-hosting network has been dealt a severe blow following the takedown of infrastructure used by at least 17 malware families. The takedown operation, which was a combined effort by multiple international law enforcement agencies, public prosecutors, and security and IT organizations including Symantec, resulted in the seizure of 39 servers and several hundred thousand domains that were being used by the criminal organization behind the Avalanche network.
» Read more