Daily Perk 3/16/2021

New Botnet using Mirai variant and targeting numerous vulnerabilities per Threatpost

Researchers at Palo Alto’s Unit 42 report a very busy botnet hunting connected devices, including network security ones. The botnet has leveraged at least ten known vulnerabilities to compromise devices and then infects them with a variant of Mirai malware flavoured for the that device’s architecture: SonicWall, D-Link, Netgear among others. With APTs from Russia and China merrily traversing our networks, now is a great time to say remember 2019 and VPN botnet? These things can be weaponized …

China-based cyber espionage campaign targets telecoms per ZDNet

Telecoms have been targets by APTs for some time and this campaign, dubbed Operation Diànxùn, is brought to you by Mustang Panda and RedDelta. Chinese APTs are notoriously good at cyber espionage, and telecoms are great sources to access information. So far 23 providers in Europe, the US, and South East Asia have been targets in the operation extending back to August 2020. There has been a clear uptick in aggressive cyber activities by China, and given the current situation with Exchange servers I urge active monitoring to look for activity: do not underestimate the depth or extent of their intrusions.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s