Internet of Things

Pierluigi Paganini October 22, 2016
Massive DDoS attack against Dyn DNS service, how and why

A massive DDoS attack targeted the Dyn DNS service and caused an extended Internet outage. How the attackers powered the attack? Yesterday a massive DDoS attack targeted the DNS service of the Dyn company, one of the most authoritative domain name system (DNS) provider, and caused an extended Internet outage. A large portion of Internet users was not able […]

Pierluigi Paganini October 16, 2016
The Mirai botnet is targeting also Sierra Wireless cellular data gear products

Sierra Wireless is warning its customers to change factory credentials of its AireLink gateway communications products due to Mirai attacks. Sierra Wireless is warning its customers to change factory credentials of its AireLink gateway communications product. The company is aware of a significant number of infections caused by the Mirai malware, a threat specifically designed […]

Pierluigi Paganini October 14, 2016
Exclusive – ELF Linux/NyaDrop, a new IoT threat in the wild

Exclusive: interview made by @unixfreaxjp of MalwareMustDie for Security Affairs about the Linux/NyaDrop. The latest details about this new dangerous IoT malware. After the Krebs DDoS attacks the enrollment of new IoT botnets is going to grow and new large “zombie army” made by of web-ip-cam, DVR/NVR, routers/modems are invading the cyberspace. The evidence of […]

Pierluigi Paganini October 11, 2016
MITRE will award $50,000 for a solution that detects rogue IoT Devices

MITRE has challenged the security community to devise new methods that could help in detecting rogue IoT devices on a network. The non-profit research and development organization MITRE has challenged security researchers to propose new methods and technologies that could help in detecting rogue Internet of Things (IoT) devices on a network. The goal of […]

Pierluigi Paganini October 10, 2016
Reverse engineering a Smarter Coffee machine for fun and a security lesson

Simone Margaritelli has done a reverse engineering of the Smarter Coffee IoT Machine Protocol to control the machine from his terminal. What is the lesson? While security industry is stressing the need to adopt a security by design approach for IoT devices, security researchers continue to find flawed and poorly designed smart objects. Clearly, such kind of devices […]

Pierluigi Paganini September 27, 2016
150,000 IoT Devices behind the 1Tbps DDoS attack on OVH

The hosting provider OVH continues to face massive DDoS attacks launched by a botnet composed at least of 150000 IoT devices. Last week, the hosting provider OVH faced 1Tbps DDoS attack, likely the largest one ever seen. The OVH founder and CTO Octave Klaba reported the 1Tbps DDoS attack on Twitter sharing an image that lists the […]

Pierluigi Paganini September 20, 2016
Car Hacking – Chinese hacker team remotely hacked Tesla Model S

A group of security researchers from the Chinese firm Tencent have found a series of flaws that can be exploited to remotely hack a Tesla Model S. Security experts at the Keen Lab at Chinese firm Tencent have found a series of vulnerabilities that can be exploited by a remote attacker to hack an unmodified […]

Pierluigi Paganini September 05, 2016
Linux/Mirai ELF, when malware is recycled could be still dangerous

Experts from MalwareMustDie spotted a new ELF trojan backdoor, dubbed ELF Linux/Mirai,  which is now targeting IoT devices. Experts from MalwareMustDie have analyzed in August samples of a particular ELF trojan backdoor, dubbed ELF Linux/Mirai,  which is now targeting IoT devices. The name of the malware is the same of the binary,”mirai.*,” and according to the […]

Pierluigi Paganini September 01, 2016
BASHLITE Botnets peaked 1 Million Internet of Thing Devices

A joint research conducted by Level 3 Communications and Flashpoint allowed the identification of a million devices infected by the BASHLITE malware. Do you remember the BASHLITE malware? It was a strain of malware (also known as Lizkebab, Torlus and Gafgyt) detected by experts at Trend Micro shortly after the public disclosure of the ShellShock bug. The BASHLITE malware includes the […]

Pierluigi Paganini August 25, 2016
Linux.PNScan Trojan is back to compromise routers and install backdoors

The Linux Trojan Linux.PNScan is back and it is actively targeting routers based on x86 Linux in an attempt to install backdoors on them. Yesterday I wrote about a new Linux Trojan dubbed Linux.Rex.1, a new Linux malware that is capable of self-spreading and creating a peer-to-peer botnet, now experts from Malware Must Die discovered a new strain […]