Gafgyt bot-maker, Horde helper, QNAP snatched, and more.


Hi, I’m Paul Torgersen. It’s Friday, November
1st, 2019, happy dia de los muertos, and this is a look at the information security news
from overnight. From ZDNet.com:
Tens of thousands of Wi-Fi routers are vulnerable to an updated form of the Gafgyt (I hope I
said that right) malware also known as Bashlite or QBot, and may end up as part of a botnet
in a DDoS for hire scheme. The malware targets vulnerabilities in Huawei, Realtek, and Zyxel
wireless routers. From TechCrunch.com:
Several vulnerabilities have been found in the Horde open-source web email software that
allow hackers to steal the contents of your inbox. Horde was notified of the vulnerabilities
back in May, but has yet to acknowledge them. Some, but not all, of the flaws were fixed
in the latest Horde update. From ThreatPost.com:
Chinese state-sponsored hacking group APT41 is using a new malware called MessageTap to
spy on SMS messages. In particular they are targeting specific phone numbers and key words
associated with Chinese political dissidents. Details in the article. From SCMagazine.com:
Domain name registration and web development services provider Web.com has disclosed a
data breach that also affects customers of its Network Solutions and Register.com brands.
PII for some portion of there customers was exposed, but no credit card or payment information.
The company is notifying affected customers and doing a forced password reset for all
customers. And last this week from ZDNet.com
Thousands of network-attached storage devices from Taiwanese vendor QNAP have been infected
with a new strain of malware named QSnatch. Attack vector and propagation techniques are
not yet known, but at least 7,000 devices have been infected in Germany alone. For the
time being, the only confirmed method of removing QSnatch is to perform a full factory reset
of the device. That’s all for me this week. Have a great
weekend and until Monday, be safe out there.

, , , , , , , , , , , , , , , , , , , , , , ,

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *