Author Archive for: Deyan Panchev
Entries by Deyan Panchev
Memcached – Newest amplification attack out there
History: In the last months and years we have seen multiple DDoS attacks based on amplification techniques (DNS, NTP, Chargen, SSDP) A new amplification attack was spotted in the last week of February (25th – 27th of February). It is, by far, the strongest amplification attack we had and it is based on the Memcached […]
Not The Best Intel Month
So far, the 2018 has been catastrophic for Intel. Three major vulnerabilities were found in a very short span of time, and Intel team cannot catch up fast enough with the patching and the security updates. The newest one is from the 12th of Jan and disclosed by a Finnish Security Company (F-Secure). It uses […]
Modern security landscape, trends in malware and counteracting security controls
Malware is evolving constantly. The threat landscape is so dynamic that yesterday’s news is not news today. The malware business is a full-blown industry that can easily size up with the IT security industry. Recent major security breaches: NiceHash, the largest Bitcoin mining marketplace, has been hacked, which resulted in the theft of more than […]
New Ransomware on the loose
New extremely large Botnet is being built – Nicknamed IoTroop or IoT Reaper Remember Mira? The worm that prayed on unsecure IoT devices. It managed to spread and gain control using quite a simple method to gain entry – reusing the hard-coded or default password for IoT devices which were well-known by then, and the […]
New VPN/crypto attack – DUNK (Don’t Use Hard-coded Keys) attack
We live in interesting times There is a Chinese proverb/curse saying: May you live in interesting times? Why is this intended as a curse? Maybe living in interesting times means living in challenging times. The security environment is so dynamic these days, it is certainly interesting to see how things change all the time, vulnerabilities […]
KRACKATTACK – the kraken of the Wi-Fi WPA2
Wi-Fi is everywhere, everything is on Wi-Fi now, phones, tablets, laptops, even home PCs, game consoles, smart devices (IoT), sensors etc. The security of WiFI is imperative, and has been entrusted to the WPA2 protocol. For that protocol, thus far all exploits have been connected to guessing the security key (hence reliant on customers having […]
Engineering excellence, where you need it, when you need it