Information Security News
by Sean Gallagher
On Oct. 31, Google's Threat Analysis Group revealed a vulnerability in most versions of Windows that is actively being exploited by malware attacks.
Today, Terry Myerson, executive vice president of Microsoft's Windows and Devices group, acknowledged the exploit was being used actively by a sophisticated threat group—the same threat group involved in the hacks that led to the breach of data from the Democratic National Committee and the Clinton campaign. And while a patch is on the way for the vulnerability, he encouraged customers to upgrade to Windows 10 for protection from further advanced threats.
In an advisory, Myerson wrote:
There's a new, more powerful Internet-of-things botnet in town, and it has managed to infect almost 3,500 devices in just five days, according to a recently published report.
Linux/IRCTelnet, as the underlying malware has been named, borrows code from several existing malicious IoT applications. Most notably, it lifts entire sections of source code from Aidra, one of the earliest known IoT bot packages. Aidra was discovered infecting more than 30,000 embedded Linux devices in an audacious and ethically questionable research project that infected more than 420,000 Internet-connected devices in an attempt to measure the security of the global network. As reported by the anonymous researcher, Aidra forced infected devices to carry out a variety of distributed denial-of-service attacks but worked on a limited number of devices.
Linux/IRCTelnet also borrows telnet-scanning logic from a newer IoT bot known as Bashlight. It further lifts a list of some 60 widely used username-password combinations built into Mirai, a different IoT bot app whose source code was recently published on the Internet. It goes on to add code for attacking sites that run the next-generation Internet protocol known as IPv6.
by Kelly Fiveash
The UK government has promised to spend nearly £2 billion over the next five years to try to tackle the growing problem of cyber attacks in the country.
Recent research suggested that Britain is particularly susceptible to data breaches involving compromised employee account data. Nonetheless, chancellor of the exchequer Philip Hammond claimed on Tuesday that the country is "an acknowledged global leader in cyber security."
Number 11's occupant crowed that the previous Tory-led coalition government had chucked £860 million at the problem, but Hammond then undermined himself somewhat by adding that "we must now keep up with the scale and pace of the threats we face." Which underlines the fact that the government is playing catch-up in its race against cybercrims.