source:  wired.com

WHEN THE BOTNET named Mirai first appeared in September, it announced its existence with dramatic flair. After flooding a prominent security journalist’s website with traffic from zombie Internet of Things devices, it managed to make much of the internet unavailable for millions of people by overwhelming Dyn, a company that provides a significant portion of the US internet’s backbone. Since then, the number attacks have only increased. What’s increasingly clear is that Mirai is a powerfully disruptive force. What’s increasingly not? How to stop it.

Mirai is a type of malware that automatically finds Internet of Things devices to infect and conscripts them into a botnet—a group of computing devices that can be centrally controlled. From there this IoT army can be used to mount distributed denial of service (DDoS) attacks in which a firehose of junk traffic floods a target’s servers with malicious traffic. In just the past few weeks, Mirai disrupted internet service for more than 900,000 Deutsche Telekom customers in Germany, and infected almost 2,400 TalkTalk routers in the UK. This week, researchers published evidence that 80 models of Sony cameras are vulnerable to a Mirai takeover.

These attacks have been enabled both by the massive army of modems and webcams under Mirai’s control, and the fact that a hacker known as “Anna-senpai” elected to open-source its code in September. While there’s nothing particularly novel about Mirai’s software, it has proven itself to be remarkably flexible and adaptable. As a result, hackers can develop different strains of Mirai that can take over new vulnerable IoT devices and increase the population (and compute power) Mirai botnets can draw on.

Internet of Bots
The rise of Internet of Things malware is reminiscent of the viruses, worms, and intense email spam that plagued early internet users. Most PCs weren’t adequately secured, and companies racing to join the dot-com bubble didn’t necessarily understand the importance of internet security. The same is true now, but with webcams and routers instead of desktops.

What’s distinctly different in this tech generation, though, is how users interact with infected devices. An infected PC often malfunctions, slows down, or notifies users (either through operating system security alerts or through the malware itself in the case of something like ransomware). All of this encourages people to act. It’s standard practice to install some sort of security software on enterprise PCs, and anti-virus measures are popular at home as well.

 

 

source darkreading.com

With the holidays approaching, the focus will be on lucrative online shopping, email ransomware, phishing for credentials, and infection by holiday-lurking malware.

 Knowing what cybercriminals are targeting today is easy. Their attacks are loud, impactful, and have the elegance of a herd of bulls crashing through a glassware shop. The tougher challenge is figuring out where they will take aim tomorrow. Knowing where cyberthreats will attack in the future gives the necessary insights to be one step ahead of their mayhem. 

The Short Term

With the holidays approaching, the focus will be on lucrative online shopping, email ransomware, phishing for credentials, and infection by holiday-lurking malware. It is also a time for dark markets to thrive, selling unmentionables to those looking for illegal items for holiday celebrations. 

We must all expect malware-ridden holiday sale emails and websites. Be on the lookout for fake shipping invoices or urgent messages from merchants. Shady ecommerce sites advertising insane deals as bait will look to harvest credit card accounts, emails, and maybe convince you to install some “helpful” software. Phishing will increase a notch, and look for a new wave of ransomware to hold family pictures, personal files, and entire systems for extortion. Identity theft will add to the rise of new credit card applications to do some unauthorized shopping. In the next couple of months, all these financially motivated threats will increase, so now is the time to be on your guard.

Businesses Beware

Businesses must worry about the increased amount of ecommerce fraud, ransomware that extorts money to unlock important files, and the ever present risk of data breaches. Healthcare, retail, and financial sectors will be targeted the most, but all businesses are in

 

source: technewsworld.com

Proving once again that you can do a lot of damage with a little investment and a lot of ingenuity, security researcher Samy Kamkar recently managed to take down a locked, password-protected computer armed with only a US$5 Raspberry Pi.

The low-tech cookie-siphoning intrusion is one of Kamkar's simplest hacks ever. He previously has unlocked car doors, garages, wireless remote cameras and other devices, with MacGyver-like precision.

Kamkar's latest hack, PoisonTap, uses a Raspberry Pi Zero, a micro SD card, and a micro USB cable or other device that emulates USB, including USB Armory or LAN Turtle.

Windows, OS X and Linux recognize PoisonTap as an Ethernet device, load it as a low-priority network device, and perform a DHCP request across it, even if the computer is locked or password-protected, Kamkar explained.

PoisonTap provides the computer with an IP address. However, the DHCP response tells the machine that the IPv4 space is part of PoisonTap's local network, rather than a small subnet, he said.

If a Web browser is running in the background, one of the open pages will perform an HTTP request in the background, noted Kamkar. PoisonTap responds with a spoof, returning its own address, and the HTTP request hits the PoisonTap Web server.

When the node Web server gets the request, PoisonTap's response is interpreted as HTML or JavaScript.

The attacker is able to hijack all Internet traffic from the machine and siphon and store HTTP cookies from the Web browser or the top 1,000,000 Alexa websites.

Low-Cost Havoc

"The PoisonTap project is an extremely clever and creative attack that can have serious consequences," said Mark Nunnikhoven, vice president for cloud research at Trend Micro.

"The code is public, and hardware required to run it is only a few dollars, which increases the risk to average users," he told TechNewsWorld. "However, it still takes some effort for an attacker to steal the user's data."

 

 

source: govexec.com

These aren’t your kitchen cabinet granola bars.

NASA is developing a line of high-tech, nutrient-dense food bars for its planned Orion missions into space. They are meant for sustaining space travelers during the two-and-a-half years it will take to fly to Mars and back.

When it comes to packing food on board, engineers hope to save space by stocking more meal replacement food bars, which currently come in at least four flavors: banana nut, orange cranberry, ginger vanilla and barbecue nut. Each bar contains 700-900 calories and is designed to be a substitute for breakfast.

On the International Space Station at the moment, astronauts can choose between about 200 different meal options. But on smaller spacecrafts, where cargo weight and storage space are more tightly controlled to ensure enough room for fuel, the U.S. space agency is looking for ways to maximize efficiencies.

Earthlings use food bars to replace meals on occasion—not always successfully— but there are no reliable products for the long-term, wholesale replacement of meals. “There’s no commercially-available bar right now that meets our needs, so we’ve had to go design something that will work for the crew, while trying to achieve a multi-year shelf-life,” NASA said in a statement.

It’s not just food bars with which the space agency has been experimenting. Engineers are also looking to optimize in-flight management of fresh vegetables, too.