The well-established “Mozi” peer-to-peer (P2P) botnet has developed new persistence capabilities. These are designed to increase Mozi’s success rate, and to block attempts to interfere with its compromise of Internet of Things (IoT) devices by exploiting weak passwords and multiple flaws. Since its discovery in 2019, Mozi has been continually upgraded by its operators, demonstrating their intent to dominate a crowded IoT botnet market. Mozi’s exploitation of legacy vulnerabilities in IoT devices highlights the security failures of such products. As device manufacturers struggle to overcome (or bypass) security issues, their reputation dwindles. Even if IoT security improves, cybercriminals will likely adapt and innovate, steadily pursuing their goal of corporate network access by targeting connected devices.
Most Recent Flipbooks
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Weekly Intelligence Summary 14th Jan
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022
Weekly Intelligence Summary 17th Dec
Log4j bug exposes fragility of digital ecosystem worldwide. Plus information on Magecart home for the holidays, Emotet regaining power, and Muddywater APT group hunts for airline data via Slack.
Weekly Intelligence Summary 10th Dec
Microsoft has allegedly halted a long-term cyber-espionage operation of “NICKEL”, a threat group linked to the People’s Republic of China (PRC).
Weekly Intelligence Summary 20th August
A configurable, malicious Traffic Direction System (TDS) has been enabling widespread malware attacks.