Wednesday, March 29, 2017

CYBR650-T302
Week 3

New Mirai Variant of Infamous IoT Botnet Unleashes 54-Hour DDoS Attack

A variant of the Mirai botnet was discovered as the culprit for a 54 hour Disrupted Denial of Service (DDoS) attack against a U.S. college. Last October the Mirai botnet was one of the most talked about DoS attack in history. The Mirai botnet is a type of malware that automatically finds vulnerable Internet of Things (IoT) devices and makes them into a group of computing devices that can be centrally controlled. Once enough groups of the IoT’s have been assembled they can be used to launch a DDoS attack releasing large amounts of traffic on a targets servers.

Since the Mirai botnet source code was leaked several new variants have surfaced. One version attacked 2400 TalTalk Telcom home routers in the UK, a new windows variant has been found that would spread the Linux Trojan to other IoT devices. More than 900,000 Deutsche Telekom customers in Germany internet service was disrupted. Researchers have recently found that 80 models of Sony cameras are vulnerable to a Mirai takeover.

According to Security Week magazine “On Feb. 28, the new Mirai threat was used to launch a DDoS attack against a US college, and researchers say that the assault continued for 54 hours straight. The average traffic was of over 30,000 requests per second (RPS) and peaked at around 37,000 RPS, the highest of any Mirai botnet (the attack generated a total of over 2.8 billion requests).” (Arghire, 2017)

References

Arghire, I. (2017, March 29). New Mirai Variant Unleashes 54-Hour DDoS Attack. Retrieved from Security Week: http://www.securityweek.com/new-mirai-variant-unleashes-54-hour-ddos-attack

Newman, L. (2016, December 09). The Botnet That Broke the Internet Isn’t Going Away. Retrieved from Wired: https://www.wired.com/2016/12/botnet-broke-internet-isnt-going-away/

Saturday, March 25, 2017

Be Wary Of Cyber Security Threat Sites.

While there are many websites to find information on current threats, vulnerabilities, updates, and security news. We all need to be cautious of conflicting information. Below are some credible sites to verify information found on the internet. I have included a small excerpt from their sites.

MSDN - The greatest threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal is generally behind the attack. (MSDN, 2017)

Symantec - Symantec sees more threats, and protects more customers from the next generation of attacks. (Symantec, 2017)

US-CERT (United States Computer Emergency Readiness Team) - The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT. (US-CERT, 2017) US-CERT is a division of the Department of Homeland Security

Security Week Magazine - SecurityWeek provides authoritative news and columns from information security expert and is a trusted source of information and insight to senior level information security executives, researchers and service providers. SecurityWeek content and resources focus on security strategies, techniques, research and statistics. Other coverage includes online privacy and compliance, cybercrime, and other security trends. (Security Week, 2017)

References

MSDN. (2017). Security Threats . Retrieved from Developer network: https://msdn.microsoft.com/en-us/library/cc723507.aspx#XSLTsection122121120120

Security Week. (2017). Virus & Threats. Retrieved from Security Week: http://www.securityweek.com/virus-threats

Symantec. (2017). About Symantec. Retrieved from Symantec: https://www.symantec.com/about

US-CERT. (2017). Current Activity . Retrieved from US-CERT: https://www.us-cert.gov/ncas/current-activity

Saturday, March 18, 2017

CYBR650 Current Trends in Cybersecurity

This course presents an in-depth study of current trends in Cybersecurity threats. Discussion includes the identification and management of threats and vulnerabilities within an effective enterprise security program. Prior Cybersecurity education is synthesized through projects and assignments.

This will be my 11th class towards a Master's in Cyber Security (one more to go!!!).

During this semester I will post articles that I hope will be of interest. I normally look for new technologies or exploits that have not made a big splash on the news but people need to know about.