Automatically preventing all traffic from hosts that attempt to connect to blocked ports can help prevent further malicious actions from those IP addresses as explained in Auto-Blocking Suspicious Hosts Found in Traffic Logs. After posting that article, one WatchGuard customer sent me a note about using the auto-block feature to help prevent DDoS attacks. By reducing the … [Read more...]
Hackers Take Tips From WannaCry and Petya Ransomware Attacks
Hackers are adding lessons they’ve learned from the worldwide spread of the WannaCry ransomware and Petya cyberattack to their playbook. According to an article in ZDNet, the hackers behind the Trickbot financial malware are testing a new version of Trickbot that uses a rough imitation of the EternalBlue security vulnerability to spread itself through an infected network like … [Read more...]
Auto-Blocking Suspicious Hosts Found in Traffic Logs
Many attackers and hosts infected with malware try to infect other hosts by scanning networks for open ports exposed to the Internet. After finding an open port, a malicious third party will attack software running on that port using known vulnerabilities. These published software flaws can cause damage or allow unauthorized access to hosts and networks. Often vendors publish … [Read more...]
WannaCry Officially World Traveler with Infection of Australian Traffic Cams
The WannaCry virus is giving the Travelocity Gnome a run for his money as world traveler, recently popping up in a Honda plant in Sayama, Japan, and just yesterday, hitting the network of a company that controls Australian traffic cameras. More than fifty cameras, most located in the inner-city of Melbourne, were infected with the virus. According to a recent BBC article, a … [Read more...]