(707) 478-1991

Miscreants are exploiting UPnP on your home router! Yes, we have another example of the UPnP Universal Plug and Play protocol being used on your home router to allow criminals to use it without your permission. Hui Wang (NetLab 360) and the RootKiter Team have dug into a malware system that is using UPnP to 301-997-8611

GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers

“GhostDNS is a new wave of DNS hijacking. Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials. Dubbed GhostDNS, the campaign has many similarities with the self-sown

New DNS Rebinding Exposures

Attackers with DNS Rebinding change the DNS server settings in your devices, home CPEs, and other network devices. The goal is to get them to use their DNS Resolver vs the one provided by your Operator (or one you select for a DNS security service). The miscreants (bad guys) will use malware, phishing, and other 229-605-7097

6075350105

From Senki.org …. By bgreene On August 10, 2012 · As of Friday morning (August 10, 2012), the IP address blocks used by the Rove Digital criminal operations have been re-allocated by RIPE-NCC and advertised to the Internet: /www.ris.ripe.net/cgi-bin/lg/index.cgi?rrc=RRC001&query=1&arg=85.255.112.0%2F20 /www.ris.ripe.net/dashboard/85.255.112.0/20 (Read full blog here)

laich

July 8th 2012 is the last day we collect DNS data on the DNS Changer Victims. The total “unique IPs” and last day of infections per DNS Top Level Domain Country Code (TLD CC) are linked below. Now that this phase of the remediation exercise is over, researchers will collect all the data and compare Read More