Online extortionists going after HPE iLO interfaces

Internet threat actors are constantly diversifying their portfolio of attack mechanisms and targets. When it comes to the extortion vector, things no longer boil down to attacking individual computers or enterprise IT networks. In a recent defiant move, a group of hackers have been targeting HPE iLO 4 interfaces. This technology stands for HPE Integrated Lights-Out, a proprietary framework by Hewlett-Packard that allows administrators to access and manage some HP servers remotely. The admin can use their regular web browser to log in and do their settings tweaking or maintenance job, for instance, reboot the server and view details on its current status.

Security analysts have stumbled upon incidents where malefactors replaced HPE iLO 4 login screen with a ransom note named “Security Notice: Basic principles of Data Anonymization”. It says the server’s hard disk is encrypted using RSA-2048 asymmetric cipher, and to decrypt the data the victim needs to obtain the private key. In order to get this secret code, the plagued user is instructed to contact the attacker at 15fd9ngtetwjtdc@yopmail.com and follow the steps provided in a reply. Ultimately, the recover process is a matter of paying 2 BTC (about $19,000) to the crooks’ Bitcoin address. (more…)

Continue ReadingOnline extortionists going after HPE iLO interfaces

The New Wave of MongoDB Attacks – Bigger Than Before

IT specialists warn about the resumption of extortion attacks aimed at misconfigured MongoDB servers.

The first wave of MongoDB attacks was observed in late 2016. Dozens of criminal groups hacked vulnerable MongoDB servers that time. After that, they also targeted ElasticSearch, Hadoop, CouchDB, Cassandra, and MySQL.

Cybercriminals used to erase all information from the databases and demanded a ransom from the owners of the servers. Importantly this was a bluff as criminals were not able to get the data back because and as stated earlier they completely delete all data during the attack.

This week extortionists stepped up again. Although the number of attackers is small compared to the cases occurred in the beginning of the year, new criminal groups involved have approached the situation on a grand scale. New attacks cause much more damage. For example, if in winter criminals managed to compromise 45,000 databases per month, now the Cru3lty group broke 22,449 databases in one week. (more…)

Continue ReadingThe New Wave of MongoDB Attacks – Bigger Than Before

National Instruments, TPM and SME Corp. Malaysia Set-up Academy and Innovation Nucleus for Malaysian SMEs

PUTRAJAYA, Malaysia, 13 September 2012 – National Instruments (NI) announced the establishment of the National Instruments Academy & Innovation Nucleus (NI-AIN), in collaboration with Technology Park Malaysia Corporation Sdn Bhd (TPM) and SME Corp. Malaysia The three parties signed a Memorandum of Understanding (MoU) witnessed by YB Datuk Seri Panglima Dr Maximus Johnity Ongkili today in Putrajaya. (more…)

Continue ReadingNational Instruments, TPM and SME Corp. Malaysia Set-up Academy and Innovation Nucleus for Malaysian SMEs

Protecting Your Tablet from Viruses

Readers of HTNet would probably notice that I’ve not been updating as frequently as I used to. Well, due to tons of changes in my life (mostly positive ones), updating this blog is not one of my top priorities right now.

Therefore, I am accepting guest blogging on HTNet and the first one will be this post from dailysmartphone.net

Azmeen

Rapidly growing sales of tablet PCs and Samsung Galaxy S3 in Poland – this year, 300000 new devices of this type could hit our market. Not surprisingly, there are also safety packages for tablets. (more…)

Continue ReadingProtecting Your Tablet from Viruses