Ars Technica: Widely used D-Link modem/router under mass attack by potent IoT botnet. “Malicious hackers are mass exploiting a critical vulnerability in D-Link DSL routers in an attempt to make them part of Satori, the potent Internet-of-things botnet that is used to take down websites and mine digital coins, researchers said.”
Motherboard: Bugs Allowed Hackers to Make Malware Look Like Apple Software
. “For years, hackers could hide malware alongside legitimate Apple code and sneak it past several popular third-party security products for Mac computers, according to new research. This is not a flaw in MacOS but an issue in how third-party security tools implemented Apple’s APIs. A researcher from security firm Okta found that several security products for Mac—including Little Snitch, xFence, and Facebook’s OSquery—could be tricked into believing malware was Apple code, and let it past their defenses.”
Tom’s Guide: Watch Kodi on Amazon Fire TV? You’re About to Be Hacked. “Thousands of Amazon Fire TV devices are vulnerable to infection by a cryptocurrency-mining botnet, Tom’s Guide has discovered. The devices are vulnerable because their owners have disabled basic security protections to install Kodi and other piracy-related streaming apps. Doing so enables an Android diagnostic tool and opens up a specific port to the internet, which the botnet scans for and detects.”
CNET: Chrome extensions soon only available from Google’s website. “If you want to install Chrome extensions, Google’s Chrome Web Store soon will be the only place to get them. Extensions — the software that lets you do things like block ads, manage your tabs better, explore art on your new-tab page or cover your screen with doge dogs — can be useful and fun. Unfortunately, they can also be a conduit for malware that spies on you or cryptocurrency miners that let others profit off your computer’s horsepower.” I’m not sure how this is supposed to be safer.
Ars Technica: VPNFilter malware infecting 500,000 devices is worse than we thought. “Two weeks ago, officials in the private and public sectors warned that hackers working for the Russian government infected more than 500,000 consumer-grade routers in 54 countries with malware that could be used for a range of nefarious purposes. Now, researchers from Cisco’s Talos security team say additional analysis shows that the malware is more powerful than originally thought and runs on a much broader base of models, many from previously unaffected manufacturers.”
Neowin: FBI urges router owners to perform a reboot to stop VPNFilter malware. “Earlier this week, Cisco’s security team disclosed a Russian-developed malware called VPNFilter which compromised at least 500,000 routers built by Linksys, MikroTik, NETGEAR, and TP-Link as well as network-attached storage devices manufactured by QNAP. In addition to the threat protections rolled out by Cisco, the Federal Bureau of Investigation (FBI) has also released a public advisory calling on users of the affected networking devices to reboot the routers in order to destroy the malware.”
Forbes: How To Scan Your Computer For Malware With Google Chrome. “Protecting Chrome users from malware remains a top priority today. What you may not have realized is that Chrome’s ability to protect you from ransomware, hijackers and other nastiness extends beyond the browser itself. Believe it or not, Chrome can actually scan your entire computer for malware… just like a standalone antivirus program does. Here’s how you do it.”