#Zerobot Adds Brute Force, #DDoS to Its #IoT Attack Arsenal #cybersecurity https://www.darkreading.com/threat-intelligence/zerobot-adds-brute-force-ddos-iot-attack-arsenal

A new #Zerobot variant spreads by exploiting #Apache flaws
https://securityaffairs.co/wordpress/139918/cyber-crime/zerobot-spreads-apache-flaws.html
#securityaffairs #hacking #malware

A new #Zerobot variant spreads by exploiting #Apache flaws
https://securityaffairs.co/wordpress/139392/malware/zerobot-botnet-dozens-flaws.html
#securityaffairs #hacking #malware

Zerobot is a Go-based botnet that spreads primarily through IoT and web application vulnerabilities.

Learn how Zerobot works and how to defend devices and networks against it:

- Use Microsoft 365 Defender as security solutions with cross-domain visibility and detection capabilities

- Adopt a comprehensive IoT security solution such as Microsoft Defender for IoT, integrate it with XDR platform such as Microsoft Sentinel and Microsoft 365 Defender

- Harden endpoints with a comprehensive Windows security solution

- Ensure secure configurations for devices

- Use least privileges access

https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

#microsoft #windows #security #iot #MSTIC #azure #xdr #microsoft365defender #defenderforIoT #iot #sentinel #microsoftsentinel #siem #soar #cloud #cloudsecurity #Zerobot #ssh #leastprivilege #rat #ioc #threatintelligence #ti #tip #ddos #ZeroStresser #webapp #vulnerabilities #cve

Zerobot is a Go-based botnet that spreads primarily through IoT and web application vulnerabilities.

Learn how Zerobot works and how to defend devices and networks against it:

- Use Microsoft 365 Defender as security solutions with cross-domain visibility and detection capabilities

- Adopt a comprehensive IoT security solution such as Microsoft Defender for IoT, integrate it with XDR platform such as Microsoft Sentinel and Microsoft 365 Defender

- Harden endpoints with a comprehensive Windows security solution

- Ensure secure configurations for devices

- Use least privileges access

https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

#microsoft #windows #security #iot #MSTIC #azure #xdr #microsoft365defender #defenderforIoT #iot #sentinel #microsoftsentinel #siem #soar #cloud #cloudsecurity #Zerobot #ssh #leastprivilege #rat #ioc #threatintelligence #ti #tip #ddos #ZeroStresser #webapp #vulnerabilities #cve

Microsoft researchers analyzed Zerobot 1.1, the latest version of the Go-based DDoS botnet that spreads primarily through IoT and web application vulnerabilities. This version expands the malware’s reach to different types of devices:
http://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/
#cybersecurity #zerobot

Microsoft researchers analyzed Zerobot 1.1, the latest version of the Go-based DDoS botnet that spreads primarily through IoT and web application vulnerabilities. This version expands the malware’s reach to different types of devices:
http://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/
#cybersecurity #zerobot

Great collaboration between Microsoft Defender for IoT Research Team, Microsoft Defender Research Team, and Microsoft Threat Intelligence Center (MSTIC). Refer to the blog for a list of #Zerobot IOCs and protection, detection, and hunting recommendations.

https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

Microsoft Defender for IoT research team has observed new DDoS attack capabilities in #Zerobot 1.1, including ICMP/SYN/SYN-ACK/ACK floods and various custom UDP/TCP attacks (including XMAS attack).

#Zerobot targets various architectures including ARM64, MIPS & x86_64. Upon gaining access to a device, Zerobot uses a downloader script to download & execute the main Zerobot components. After establishing persistence, Zerobot scans for other internet-exposed devices to infect.

In addition to credential brute force attacks, #Zerobot 1.1 is capable of exploiting a variety of known/patched vulnerabilities, including *patched* vulnerabilities in Apache HTTP Server, Apache Spark, Tenda GPON routers, LinuxKI, Zivif, Grandstream, Roxy-WI, MiniDVBLinux, etc.

Microsoft Threat Intelligence is releasing a blog on a new set of #Zerobot/#ZeroStresser 1.1 capabilities. Zerobot spreads primarily through exploitation of known IoT and web application vulnerabilities in devices such as firewalls, routers, cameras, etc.

https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

RT @Unit42_Intel@twitter.com

It is notable and unique that #ZeroBot, a new Golang botnet that targets 21 #IoT vulnerabilities, avoids several large portions of the internet including networks owned by the U.S. Department of Defense, China Unicom, KCell and more.

🐦🔗: https://twitter.com/Unit42_Intel/status/1603806529517502480

Researchers discovered a new Go-based botnet called Zerobot that exploits two dozen security vulnerabilities IoT devices. https://securityaffairs.co/wordpress/139392/malware/zerobot-botnet-dozens-flaws.html #CyberSecurity #IoT #ZeroBot #Botnet #Go

New Go-based #botnet #Zerobot exploits dozens of flaws
https://securityaffairs.co/wordpress/139392/malware/zerobot-botnet-dozens-flaws.html
#securityaffairs #hacking #Linux

New Go-based #botnet #Zerobot exploits dozens of flaws
https://securityaffairs.co/wordpress/139392/malware/zerobot-botnet-dozens-flaws.html
#securityaffairs #hacking #Linux

"New Go-based Botnet Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its Network"

#Zerobot #Botnet #exploit #cyberattack vs #IoT #vulnerability

https://thehackernews.com/2022/12/new-go-based-zerobot-botnet-exploiting.html

Researchers have discovered a novel Go-based #botnet called "#Zerobot" in the wild that exploits nearly two dozen vulnerabilities in #IoT devices and other software to rapidly expand its network.

https://thehackernews.com/2022/12/new-go-based-zerobot-botnet-exploiting.html

#infosec #cybersecurity #hacking #malware #linux