The Trend Zero Day Initiative (ZDI) Threat Hunting and Trend Research teams have identified a significant RondoDox botnet campaign that targets a wide range of internet-exposed infrastructure.
This campaign consists of over 50 exploits, including unpatched router flaws across over 30 vendors, targeting vulnerabilities found in routers, digital video recorders (DVRs), network video recorders (NVRs), CCTV systems, web servers, and various other network devices. While the exploits specifically exploit vulnerabilities in routers, DVRs, NVRs, CCTV systems, web servers, and networking equipment, the latest RondoDox campaign uses an “exploit shotgun”, using multiple exploits and seeing what hits.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- IT threat evolution Q3 2019
November 29, 2019
Targeted attacks and malware campaigns, Mobile espionage targeting the Middle East At the end of June Kaspersky reported the details of a highly targeted campaign that we dubbed ‘Operation ViceLeaker’ involving the spread of malicious Android samples via instant messaging. The campaign affected several dozen victims in Israel and Iran. We discovered this activity in May ...
- Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK
November 29, 2019
While we have been following cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008, we noticed an unusual increase in malware development and deployments towards November 2018. We already know that the group uses previously deployed malware and modified tools for obfuscation, but we also found TICK developing new malware families capable of detection ...
- Ransomware: Big paydays and little chance of getting caught means boom time for crooks
November 29, 2019
Ransomware will continue to plague organisations in 2020 because there’s little risk of the cyber criminals behind the network-encrypting malware attacks getting caught; so for them there’s only a small amount of risk, but a potentially large reward. During the last year, there’s been many examples of ransomware attacks where victims have given into the extortion demands of ...
- Hotel front desks are now a hotbed for hackers
November 28, 2019
It seems that any possible way cybercriminals can exploit the hospitality industry, they will. Hotels, restaurant chains, and related tourism services have been subject to a range of techniques when it comes to cybercrime; the compromise of Point-of-Sale (PoS) terminals to harvest guest data, phishing emails sent to staff which are designed to give attackers access ...
- NSO Group President Defends Controversial Tactics
November 27, 2019
In a rare public appearance by Shiri Dolev, the president of the secretive NSO Group Technologies, the company leader vented over what she called “false myths” about the firm. Dolev also took indirect aim at secure messaging platforms, offered by the likes of Facebook, explaining surveillance companies may soon have to step in where law ...
- Exploit code published for dangerous Apache Solr remote code execution flaw
November 25, 2019
Confusion still surrounds a security bug that the Apache Solr team patched over the summer, which turns out it’s actually much more dangerous than anyone thought. Apache Solr is a Java-based open-source search engine, initially developed to add search functionality to the CNET website. The project was donated to the Apache Software Foundation in 2006, from where ...