Tag: iot
-
Novel PumaBot slips into IoT surveillance with stealthy SSH break-ins
bypasses the usual playbook of conducting internet-wide scanning and instead brute-forces secure shell (SSH) credentials for a list of targets it receives from a command and control (C2) server.”DarkTrace researchers have identified a custom Go-based Linux botnet targeting embedded Linux Internet of Things (IoT) devices,” researchers said in a blog post. “The botnet gains initial access…
-
IT-Sicherheitskennzeichen für gesamtes IoT-Sortiment – Axis verstärkt Engagement in Cybersicherheit
First seen on security-insider.de Jump to article: www.security-insider.de/axis-open-2025-videoueberwachung-artpec-9-chip-bsi-sicherheitskennzeichen-a-5d02721fc106d6f8113979dee24113c9/
-
Attacks with new Pumabot botnet hit Linux IoT devices
First seen on scworld.com Jump to article: www.scworld.com/brief/attacks-with-new-pumabot-botnet-hit-linux-iot-devices
-
New PumaBot Hijacks IoT Devices via SSH Brute-Force for Persistent Access
Tags: access, botnet, cyber, cybersecurity, data-breach, exploit, Internet, iot, malicious, malware, software, threat, vulnerabilityA sophisticated new malware, dubbed PumaBot, has emerged as a significant threat to Internet of Things (IoT) devices worldwide. Cybersecurity researchers have identified this malicious software as a highly advanced botnet that exploits weak security configurations in IoT ecosystems, particularly targeting devices with exposed SSH (Secure Shell) ports. Emerging Threat Targets Vulnerable IoT Ecosystems By…
-
PumaBot Malware Targets Linux IoT Devices
Stealthy Malware Installs Cryptomining Software. A botnet targeting Internet of Things devices works by brute forcing credentials and downloading cryptomining software. Researchers call the botnet PumaBot, since its malware checks for the string Pumatronix, the name of a Brazilian manufacturer of surveillance and traffic camera systems. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/pumabot-malware-targets-linux-iot-devices-a-28526
-
New PumaBot botnet brute forces SSH credentials to breach devices
A newly discovered Go-based Linux botnet malware named PumaBot is brute-forcing SSH credentials on embedded IoT devices to deploy malicious payloads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-pumabot-botnet-brute-forces-ssh-credentials-to-breach-devices/
-
New PumaBot targets Linux IoT surveillance devices
PumaBot targets Linux IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine crypto. Darktrace researchers discovered a new botnet called PumaBot targets Linux-based IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine cryptocurrency. PumaBot skips broad internet scans and instead pulls a list of targets from its…
-
New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto
Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot.Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand in size and scale and deliver additional malware to the infected hosts.”Rather than scanning the internet, the malware retrieves a list of targets…
-
SHARED INTEL QA: Visibility, not volume, reframing detection for the AI-enabled SOC
For years, network security has revolved around the perimeter: firewalls, antivirus, endpoint controls. But as attackers grow more sophisticated, and as operations scatter to the cloud, mobile, and IoT, it’s increasingly what happens inside the network that counts.”¦ (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/shared-intel-qa-visibility-not-volume-reframing-detection-for-the-ai-enabled-soc/
-
Top 12 US cities for cybersecurity job and salary growth
Tags: access, ai, apple, attack, blockchain, business, country, crowdstrike, cyber, cybersecurity, data, defense, finance, fintech, government, group, infrastructure, insurance, iot, jobs, metric, microsoft, nvidia, office, okta, privacy, software, startup, strategy, supply-chain, technology, training, warfareWhile major hubs like San Francisco naturally come to mind, and perform well based on the metrics we evaluated, there are many lesser-known cities that may be just as promising, if not more. These emerging destinations can offer easier access to job opportunities, more sustainable career paths, higher pay, and a lower cost of living.Here’s…
-
KrebsOnSecurity Hit with 6.3 Tbps DDoS Attack via Aisuru Botnet
KrebsOnSecurity hit and survided a record-breaking 6.3 Tbps DDoS attack linked to the Aisuru IoT botnet, but it shows the vulnerable state of IoT devices. First seen on hackread.com Jump to article: hackread.com/krebsonsecurity-6-3-tbps-ddos-attack-aisuru-botnet/
-
5 Monitoring-Tipps für die Cybersecurity von OT-Netzen
Die Integration von IT- und OT-Systemen revolutioniert die Arbeitsweise von Unternehmen und steigert ihre Effizienz. Doch diese Entwicklung bringt auch erhebliche Herausforderungen für die Cybersicherheit mit sich. OT-Netzwerke sind nun neuen Risiken und Gefahren ausgesetzt, während die zunehmende Verbreitung von IoT- und IIoT-Geräten die Angriffsfläche weiter vergrößert. Die steigende Zahl von Cyberangriffen, darunter Ransomware, Session-Hijacking…
-
We’re Answering Your Exposure Management Questions
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this Exposure Management Academy FAQ, we help CISOs understand exposure management, look at how advanced you might be and outline how to structure a program. You can read the entire Exposure Management…
-
Sicherheit von cyberphysischen Systemen Claroty und Ectacom schließen Vertriebspartnerschaft
Der Spezialist für die Sicherheit von cyberphysischen Systemen (CPS), Claroty, hat mit Ectacom eine Vertriebspartnerschaft für Zentral- und Osteuropa geschlossen. Der Business-Development-Distributor ergänzt die bestehenden Partner Westcon Comstor und Boll Engineering mit seiner ausgesprochenen Expertise im Bereich komplexer IoT- und OT-Security-Technologien und -dienstleistungen. ‘Clarotys Produktportfolio ist technologieführend. Nicht umsonst wird Claroty von Analysten bestens bewertet,…
-
IAM 2025: Diese 10 Trends entscheiden über Ihre Sicherheitsstrategie
Tags: access, ai, api, authentication, best-practice, cio, ciso, cloud, compliance, conference, credentials, crypto, cryptography, detection, dora, framework, governance, iam, identity, iot, kritis, login, mfa, nis-2, resilience, risk, risk-analysis, service, strategy, threat, tool, zero-trustDie Kernaussage der EIC Conference 2025: IAM ist ein ganzheitlicher Architekturansatz und kein Toolset. Identity & Access Management (IAM) ist nicht länger eine Frage der Tool-Auswahl, sondern der Architektur. Diese Kernaussage prägte die European Identity and Cloud Conference 2025, die vom 6. bis 9. Mai in Berlin stattfand. Mit über 1.500 Teilnehmern, 300 Rednern und…
-
UK Considers New Enterprise IoT Security Law
The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/government-enterprise-iot-security/
-
Criminal Proxy Network Infects Thousands of IoT Devices
The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/proxy-network-infects-iot-devices/
-
âš¡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams
What do a source code editor, a smart billboard, and a web server have in common? They’ve all become launchpads for attacks”, because cybercriminals are rethinking what counts as “infrastructure.” Instead of chasing high-value targets directly, threat actors are now quietly taking over the overlooked: outdated software, unpatched IoT devices, and open-source packages. It’s not…
-
Neue Herausforderungen für die Cybersecurity – Die Konvergenz von IT, OT und IoT bringt neue Risiken
First seen on security-insider.de Jump to article: www.security-insider.de/cybersicherheit-herausforderungen-massnahmen-iot-a-b80ef3cd5fc65863f6c881cc550fbe16/
-
Updated CISA vulnerabilities catalog includes GeoVision IoT bugs
First seen on scworld.com Jump to article: www.scworld.com/brief/updated-cisa-vulnerabilities-catalog-includes-geovision-iot-bugs
-
BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that’s powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to malicious actors.In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chertkov, 37, Kirill Vladimirovich…
-
ColorTokens + Nozomi Networks: A Partnership That’s Built for the Trenches of OT and IoT Security
Discover how ColorTokens and Nozomi Networks deliver real-time OT/IoT threat detection and Zero Trust microsegmentation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/colortokens-nozomi-networks-a-partnership-thats-built-for-the-trenches-of-ot-and-iot-security/
-
CVE funding crisis offers chance for vulnerability remediation rethink
Tags: access, ai, awareness, best-practice, cisa, cve, cvss, cybersecurity, data, exploit, Hardware, healthcare, intelligence, iot, kev, least-privilege, metric, mfa, microsoft, network, open-source, penetration-testing, risk, software, threat, tool, training, update, vulnerability, vulnerability-managementAutomatic for the people: AI technologies could act as a temporary bridge for vulnerability triage, but not a replacement for a stable CVE system, according to experts consulted by CSO.”Automation and AI-based tools can also enable real-time discovery of new vulnerabilities without over-relying on standard CVE timelines,” said Haris Pylarinos, founder and chief executive of…
-
Zero Trust Gets Real for OT and IoT with ColorTokensNozomi Partnership
First seen on scworld.com Jump to article: www.scworld.com/news/zero-trust-gets-real-for-ot-and-iot-with-colortokens-nozomi-partnership
-
Mirai botnet spread via GeoVision IoT, Samsung MagicINFO exploits
First seen on scworld.com Jump to article: www.scworld.com/brief/mirai-botnet-spread-via-geovision-iot-samsung-magicinfo-exploits
-
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks.The activity, first observed by the Akamai Security Intelligence and Response Team (SIRT) in early April 2025, involves the exploitation of two operating system command…
-
indevis gibt Insider-Tipps über SASE
Tags: iotSASE steht nicht nur für sichere Konnektivität es ist der Schlüssel zu einer zukunftssicheren IT-Strategie. Die Plattform löst zentrale Herausforderungen moderner Netzwerke, von globaler Expansion über IoT-Integration bis zur Support-Optimierung. Unternehmen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/indevis-gibt-insider-tipps-ueber-sase/a40675/
-
Are IoT Devices the New Attack Vector for Ransomware Groups?
Tags: attack, cybersecurity, exploit, group, iot, password, ransomware, tactics, threat, vulnerabilityPhosphorus Cybersecurity’s Phillip Wylie on Asset Inventory, Password Hygiene. Organizations inadvertently create cybersecurity gaps by trusting connected devices. Threat actors are shifting tactics to exploit IoT vulnerabilities when traditional attack vectors strengthen, said Phillip Wylie, xIoT security evangelist at Phosphorous Cybersecurity. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/are-iot-devices-new-attack-vector-for-ransomware-groups-a-28280