Category: Honeypots

Mirai: Not Just For IoT Anymore

Executive Summary Botmasters have taken the lessons from developing Internet of Things (IoT) malware and shifted their focus to targeting commodity Linux servers. Like many IoT devices, unpatched Linux servers linger on the network, and are being abused at scale by attackers sending exploits to […]

Read more

Dipping Into The Honeypot

Executive Summary Brute-forcing factory default usernames and passwords remains a winning strategy for Internet of Things (IOT) botnet propagation. Botnet operators with the best list will produce the larger botnet and obtain superior firepower for launching DDoS attacks. IOT bots are indiscriminate – they will […]

Read more

Buy Buy Exploitation

We stumbled across a set of links recently via the MITRE Honeyclient, which we feed our spam URLs to. A handful of URLs that have been spammed out were triggered as malicious. Analysis shows that they are roughly the same basic injected code. WARNING — […]

Read more

AV, how cam’st thou in this pickle?

While I’ve seen and heard random spatterings about why AV isn’t effective, or analyst reports from the likes of Yankee declaring “AV is Dead”, there’s been very little qualitative or quantitative study on precisely why. Well, beyond the endless flurry of new malware families and […]

Read more