Almost two million Androids infected by FalseGuide malware, masquerading as game guides

A malware family known as FalseGuide masqueraded as game guides on Google Play to infect nearly two million Android devices.

David Bisson reports.

The Hajime IoT worm fights the Mirai botnet for control of your devices

The Hajime malware is worming its way through DVRs, CCTV systems, and other poorly-protected Internet of Things (IoT) devices.

David Bisson reports.

For a while the infamous Mirai botnet could have exploited your IoT devices to mine Bitcoins

IoT-exploiting malware like Mirai is continually evolving, as online criminals look for new ways to make money.

David Bisson reports.

Top tip for botnet overlords: Don’t vacation in countries that can extradite you to the United States

There’s no doubt that a life of cybercrime can earn its most successful overlords a considerable amount of money, but you will always have to live with the fear that you could be apprehended and – if convicted – spend years in prison.

Read more in my article on the We Live Security blog.

Malicious torrent file conducts distributed WordPress password attack

The Sathurbot backdoor trojan uses the lure of torrents to deliver a distributed brute-force attack against websites with weak WordPress administrator passwords.

David Bisson reports.

Bye bye, botnet! Kibosh put on Chamois Android fraud network

Google has shut down an ad fraud network that was targeting Android users.

David Bisson reports.

British man arrested after 900,000 broadband routers knocked offline in Germany

A 29-year-old man has been arrested at Luton airport in connection with a massive internet attack that disrupted telephone, television and internet services in Germany last November.

Read more in my article on the We Live Security blog.

Tried-and-true Triada supplants Hummingbad as top mobile malware

Hummingbad is no longer the web’s “most wanted mobile malware.” That dubious honor goes to Triada according to a new report issued by security researchers.

David Bisson reports.

Smashing Security podcast #004: ‘You don’t mess with Brian Krebs’

Join me and fellow computer security industry veterans Vanja Svajcer and Carole Theriault as we have another casual chat about whatever is on our minds.

This week: the Spora ransomware that offers you more than just your encrypted files back, Brian Krebs busts the alleged masterminds behind the Mirai botnet, and be careful that your IT staff aren’t the only ones who know your company’s passwords.

Oh, and we’re now a podcast as well as a video… :)

Patch your Sony security cameras against backdoor attacks!

If you have a Sony network-connected CCTV camera, you may have a security problem.

Read more in my article on the Tripwire State of Security blog.

How to secure your Wi-Fi network – the basic version

What we can do to better secure our routers and our Wi-Fi networks?

David Bisson reports.

TalkTalk and Post Office customers lose internet access as routers hijacked

Thousands of TalkTalk and Post Office customers in the UK have been cut off from the internet for days.

The reason? A malicious attack against poorly-protected broadband routers.

900,000 Germans knocked offline, as critical router flaw exploited

The Internet of insecure Things strikes again. As many as 900,000 Deutsche Telekom customers were knocked offline on Sunday and Monday as an attempt was made to hijack broadband routers into a botnet.

Read more in my article on the We Live Security blog.

Did the Mirai botnet knock Liberia offline? Not so much

A story spread like wildfire across the world’s media claiming that the small West African country of Liberia had been blasted off the internet by a massive DDoS attack.

But don’t be too quick to believe everything you read in the papers…

‘Good’ anti-Mirai worm is pulled from Github following backlash

An anti-worm worm, designed to clean-up the Internet of insecure Things, has had its code pulled from Github.

Which is probably a good thing.

Could a ‘good worm’ save the Internet of Things from the Mirai botnet?

Researcher Leo Linsky calls his creation an “anti-worm worm (or nematode)”.

I call it a potential breach of computer crime legislation.

Read more in my article on the Hot for Security blog.