Author Archive for: Deyan Panchev
Entries by Deyan Panchev
Memcached – Newest amplification attack out there
History: In the last months and years we have seen multiple DDoS attacks based on amplification techniques (DNS, NTP, Chargen, SSDP) A new amplification attack was spotted in the last week of February (25th – 27th of February). It is, by far, the strongest amplification attack we had and it is based on the Memcached […]
Not The Best Intel Month
So far, the 2018 has been catastrophic for Intel. Three major vulnerabilities were found in a very short span of time, and Intel team cannot catch up fast enough with the patching and the security updates. The newest one is from the 12th of Jan and disclosed by a Finnish Security Company (F-Secure). It uses […]
Modern security landscape, trends in malware and counteracting security controls
Malware is evolving constantly. The threat landscape is so dynamic that yesterday’s news is not news today. The malware business is a full-blown industry that can easily size up with the IT security industry. Recent major security breaches: NiceHash, the largest Bitcoin mining marketplace, has been hacked, which resulted in the theft of more than […]
New Ransomware on the loose
New extremely large Botnet is being built – Nicknamed IoTroop or IoT Reaper Remember Mira? The worm that prayed on unsecure IoT devices. It managed to spread and gain control using quite a simple method to gain entry – reusing the hard-coded or default password for IoT devices which were well-known by then, and the […]
New VPN/crypto attack – DUNK (Don’t Use Hard-coded Keys) attack
We live in interesting times There is a Chinese proverb/curse saying: May you live in interesting times? Why is this intended as a curse? Maybe living in interesting times means living in challenging times. The security environment is so dynamic these days, it is certainly interesting to see how things change all the time, vulnerabilities […]
KRACKATTACK – the kraken of the Wi-Fi WPA2
Wi-Fi is everywhere, everything is on Wi-Fi now, phones, tablets, laptops, even home PCs, game consoles, smart devices (IoT), sensors etc. The security of WiFI is imperative, and has been entrusted to the WPA2 protocol. For that protocol, thus far all exploits have been connected to guessing the security key (hence reliant on customers having […]
Equifax cyber-security breach – lessons to be learned
As you probably know the Equifax (one of the three big credit bureaus in North America and UK) announced it was breached (discovered unauthorized access) on the 29th of July. So far, the predictions are that this leak of sensitive personal data impacts over 143 Million American, Canadian and British citizens. What is a credit […]
Nyatya – a Wiper Malware disguised as Ransomware
A new malware Nyetya (combination of words from Nye Petya, meaning NOT Petya), also known as Petrwrap and GoldenEye has been spreading globally over the last 24 hours. This virus is distinct from WannaCry and other initially suspected variants, it has some unique new features which makes it harder to detect and defend against, clearly […]
Engineering excellence, where you need it, when you need it