If you or your ISP are running BIG-IP devices, they are almost certainly under active attack right now. On Wednesday, F5 Networks issued patches for a remote code execution vulnerability in BIG-IP devices. Within hours, security researchers reported targeted attacks against BIG-IP devices.
It's so stupidly simple, you gotta wonder how we missed this all these years. Adding a dot to the end of a domain name throws off the browser's cookie handling (breaks CORS too). This hack works on YouTube (for now, anyway) and many other websites that operate behind paywalls (e.g. New York Times).
Somewhat unusual cast of characters today. IPHostCountryBlock Count184.108.40.206ANMAX TELECOMUNICACIONES MAXIMILIANO BIONDI EIRL Chile302220.127.116.11Diretoria de Planejamento e Tecnologia Brazil26318.104.22.168CIRCLE NETWORK Bangladesh19722.214.171.124Knet Solutions P. Ltd India91126.96.36.199Cyber Internet Services Pakistan Pakistan30 Most of…
Evidence shows BellTroX InfoTech Services, aka Dark Basin or Mercenary.Amanda, targeted government officials, celebrities, non-profit organizations, advocacy groups, journalists, investors, and large and small corporations in a hacking spree that is believed to be under investigation by U.S. law enforcement.
News erupted this week proclaiming the enigmatic hacker, Guccifer 2.0, accidentally dropped his VPN connection, revealing his secret identity. According to Daily Beast, his true IP address was revealed while he visited a social media site – and it tracked directly to Russia’s GRU headquarters. That’s akin to Batman forgetting to put on his mask or locking the door to the bat-cave. Could it happen? Sure. But not likely.
Like him or not, the controversial Commander X (Christopher Doyon) is reportedly on the run. Below is a statement released from Anonymous explaining Commander X’s flight from Canada to Mexico for asylum. It’s worthy to note that Commander X has just released a book, Behind the Mask, about his exploits during his time with Anonymous.
This just popped up on pastebin claiming to expose the members of the WannaCry attack. Legit?
Somebody dumped a file in VirusTotal claiming it's the new WCry 2.0 variant that's wreaking havoc today. Details below but take with grain of salt until we know more.
The new Rule 41 dictate is going to be law and it's a doozy, both mind-boggling (for its stupidity) and stomach-churning (for its stupidity) at the same time. Effectively, what the law does is allow any judge, anywhere (including Podunk, Texas), to grant a warrant for electronic surveillance of any US citizen. If you thought the NSA spying fiasco was bad – you ain't seen nothing yet.
The first thought for anyone who has examined the Mirai codebase is how well the application was coded. The second thought is how easy it would be to disable. Being a C&C server inherently means you can control the Mirai botnet with it - even to the point of shutting it down – permanently.