“The botnet known as Dark Mirai (aka MANGA) has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017. The flaw is tracked as CVE-2021-41653 and is caused by a vulnerable ‘host’ variable that an authenticated user can abuse to execute commands on the device. TP-Link fixed the flaw by releasing a firmware update (TL-WR840N(EU)_V5_211109) on November 12, 2021. However, many users have not applied the security update yet.”
“Earlier this year, the FBI in partnership with the Dutch National High Technical Crimes Unit (NHTCU), German Federal Criminal Police Office (BKA) and other international law enforcement agencies brought down what Europol rereferred to as the world’s most dangerous malware: Emotet. This strain of malware dates back as far as 2014 and it became a gateway into infected machines for other strains of malware ranging from banking trojans to credential stealers to ransomware. Emotet was extremely destructive and wreaked havoc across the globe before eventually being brought to a halt in February.
Following the takedown, the FBI reached out and asked if Have I Been Pwned (HIBP) might be a viable means of alerting impacted individuals and companies that their accounts had been affected by Emotet. This isn’t the first time HIBP has been used by law enforcement in the wake of criminal activity with the Estonian Central Police using it for similar purposes a few years earlier. ”
A group of Russian criminals are making between $3 million and $5 million every day in a brazen attack on the advertising market, security firm White Ops claimed today. It’s the biggest digital ad fraud ever uncovered and perpetrated by faking clicks on video ads, the company said.The crew, which White Ops dubbed Ad Fraud Komanda or « AFK13 », planned their machinations in meticulous detail. First, they created more than 6,000 domains and 250,267 distinct URLs within those that appeared to belong to real big-name publishers, from ESPN to Vogue.
The botnets are made up of tens of thousands of Internet of Things (IoT) devices, including unsecure routers, digital video recorders (DVRs) and connected IP cameras. Such IoT machines have been shown widely vulnerable to simple hacks, meaning the bot masters are easily able to build up vast networks of compromised systems to send extraordinary volumes of traffic to a chosen target.