Tag Archive for: leveraging

A Stealthy Multi-Platform Malware Leveraging NKN for DDoS Attacks


A recently discovered multi-platform malware named ‘NKAbuse,’ leveraging Go-based technology, has raised concerns as it marks the first instance of malware exploiting NKN (New Kind of Network) technology for data exchange. This innovative approach poses a stealthy threat, using NKN, a decentralized peer-to-peer network protocol built on blockchain technology, to conduct distributed denial of service (DDoS) attacks. This article explores the intricate details of NKAbuse, its modus operandi, and the challenges it poses to cybersecurity.

 

The NKN Technology Landscape:

NKN, a decentralized peer-to-peer network protocol, operates by leveraging blockchain technology to efficiently manage resources and establish a secure and transparent model for network operations. With the primary goal of optimizing data transmission speed and latency across the network, NKN achieves this by calculating efficient data packet travel paths. Individuals can participate in the NKN network by running nodes, contributing to its robustness, decentralization, and capacity to handle high volumes of data.

NKAbuse: Targeting Linux Systems in Specific Regions:

Kaspersky reports the discovery of NKAbuse, a novel malware that primarily targets Linux desktops, with notable infection instances identified in Mexico, Colombia, and Vietnam. The malware exploits an old Apache Struts flaw (CVE-2017-5638) to compromise Linux systems, demonstrating its adaptability by supporting multiple architectures, including MIPS, ARM, and 386.

 

NKN Exploitation for DDoS Attacks:

NKAbuse stands out by abusing NKN to launch DDoS attacks, characterized by their difficulty to trace and likelihood of evading detection by conventional security tools. The malware utilizes the NKN public blockchain protocol to execute flooding attacks and establish a backdoor within Linux systems. Its communication with the bot master through NKN allows it to send and receive data, while the ability to maintain multiple concurrent channels adds resilience to its communication line.

 

Versatile Capabilities: A Unique Threat in the DDoS Botnet Space:

Beyond its DDoS capabilities, NKAbuse functions as a remote access trojan (RAT) on compromised…

Source…

Week in review: Kali Linux 2022.1 released, attackers leveraging Microsoft Teams to spread malware


Week in review

Here’s an overview of some of last week’s most interesting news, articles and interviews:

Kali Linux 2022.1 released: New tools, kali-linux-everything, visual changes
Offensive Security has released Kali Linux 2022.1, the latest version of its popular open source penetration testing platform.

DDoS attacks knock Ukrainian government, bank websites offline
Unknown attackers have mounted disruptive distributed denial-of-service (DDoS) attacks against several Ukrainian government organizations and state-owned banks.

Attackers use Microsoft Teams as launchpad for malware
Hackers are starting to realize that Microsoft Teams is a great means of spreading tentacles throughout an organization’s systems; since the start of the year, Avanan has been seeing hackers increasingly dropping malware in Teams conversation.

Open banking innovation: A race between developers and cybercriminals
In this interview with Help Net Security, Karl Mattson, CISO at Noname Security, explains the wide usage of open banking and how it can easily be exploited if adequate security measures are not implemented.

Online fraud skyrocketing: Gaming, streaming, social media, travel and ecommerce hit the most
An Arkose Labs report is warning UK commerce that it faces its most challenging year ever. Experts analyzed over 150 billion transaction requests across 254 countries and territories in 2021 over 12 months to discover that there has been an 85% increase in login attacks and fake consumer account creation at businesses.

Qualys Context XDR: Bringing context to an organization’s security efforts
In this interview with Help Net Security, Jim Wojno, Senior Director of XDR at Qualys, explains the advantages of using Qualys Context XDR and how it can provide clarity through context.

The importance of implementing security scanning in the software development lifecycle
Veracode published a research that finds most applications are now scanned around three times a week, compared to just two or three times a year a decade ago. This represents a 20x increase in average scan cadence between 2010 and 2021.

How QR code ease of use has broaden the attack surface
In this interview with Help Net Security, Neil Clauson,…

Source…

U.S., U.K. warn of Russian hackers using new tactics, leveraging Microsoft vulnerability


Russian hackers have adopted new cyber tactics, techniques and procedures for attacking targets in the U.S. and elsewhere after their earlier methods were exposed, several government agencies said Thursday.

Security agencies in the U.S. and United Kingdom issued a joint advisory warning about recent activity they have attributed to hackers acting on behalf of the Russian Foreign Intelligence Service, or SVR.

Known also by names including APT29 and Cozy Bears, the hackers recently began leveraging a vulnerability affecting Microsoft Exchange Server that became publicly known in March, the advisory said.

Additionally, the unclassified, 14-page advisory said the hackers were recently spotted using an open-source, command-and-control framework called Silver after gaining initial access to victim network.

The advisory was issued jointly by the FBI, U.S. National Security Agency (NSA), U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the U.K. National Cyber Security Centre (NCSC).

Previously, the…

Source…

Adobe Flash zero-day exploit… leveraging ActiveX… embedded in Office Doc… BINGO! – The Register

  1. Adobe Flash zero-day exploit… leveraging ActiveX… embedded in Office Doc… BINGO!  The Register
  2. Adobe releases Flash patch for zero-day exploit  ComputerWeekly.com
  3. Adobe releases out-of-band security update for newly discovered Flash zero-day  ZDNet
  4. Adobe Flash Zero-Day Leveraged Via Office Docs in Campaign  Threatpost
  5. Adobe fixes zero-day Flash bug after attackers target Russian clinic with exploit | SC Media  SC Magazine
  6. View full coverage on read more

“zero day exploit” – read more