Security Never Sleeps- ElasticSearch Malware, Quantum Communications

ElasticSearch Servers Found Hosting PoS Malware Files

“Over 4,000 servers affected”

Kromtech Security Center has found that over 4,000 instances of ElasticSearch servers that are hosting files specific to two strains of Point of Sale malwares, AlinaPOS and JackPOS. The researchers discovered these exposed ElasticSearch servers last week during routine scans. Intrigued by their initial discovery, the Kromtech team used Shodan to identify more than 15,000 ElasticSearch instances that were left exposed online without any form of authentification.

Bashware hacking technique puts 400 million Windows 10 PCs at risk

“Vulnerable to new technique”

Somewhere in the range of 400 million PC users running Windows 10 around the world may now be susceptible to a fresh cyber attack approach referred to as Bashware. Cyber security firm Check Point discovered and named the new malware, and explain that Bashware exploits the built-in Linux shell in Windows to allow malware to bypass common antivirus and other security software.

RouteX Malware Uses Netgear Routers for Credential Stuffing Attacks

“Netgear routers infected likely by Russian hacker”

A Russian-speaking hacker has been infecting Netgear routers over the past several months with yet another new strain of malware named RouteX. This is used to turn infected devices into what are called called SOCKS proxies, which carry out credential stuffing attacks. This is all according to US cyber-security firm Forkbombus Labs, firm that uncovered this new threat. The hacker allegedly is exploiting CVE-2016-10176, a vulnerability disclosed last December to take over Netgear WNR2000 routers.

U.S. Energy Department Invests $20 Million in Cybersecurity

“Department announced intentions to invest up to $50 million”

The United States Department of Energy announced on Tuesday its investments in the research and development of tools and technologies that would make the country’s energy infrastructure more resilient and secure. Over $20 million of that amount has been allocated to projects focusing on cyber security. The funding, awarded to various national laboratories, will be used to support early-stage research and development of next-generation tools and technologies that improve the resilience and security of critical energy infrastructure, including the power grid, and oil and natural gas infrastructure.

China sets up first ‘commercial’ quantum network for secure communications

“Latest step in developing hackproof communications”

China has set up its first “commercial” quantum network in its northern province of Shandong, Chinese state media has reported. This is the country’s latest step in advancing a technology expected to enable the highest security communications. China touts that it is at the forefront of developing quantum technology. In August it said it sent its first “unbreakable” quantum code from an experimental satellite to the Earth. The Pentagon has called the launch of that satellite a year earlier a “notable advance”.

Enjoy your read? Check out our other content here.