Author

Gartner’s “Magic Quadrant” for digital commerce is available.
Gartner, world’s leading in IT consulting, research and analysis services, published its yearly “Magic Quadrant” for digital commerce. The report is available at this address.

Among the most interesting results, an expected yearly growth of 15% from 2015 to 2020 of the digital commerce platforms market, including licences, support and SaaS service; total expenditure will be $9,4 bln by 2020, with 53% coming from on-premises solutions.

Read more Cloud - Datacenter Bulletin - May 2017

WordPress 4.7.5 - Security and Maintenance Release is now available
While waiting for the release of version 4.8, expected in June, WordPress released version 4.7.5.
This is a “Security and Maintenance Release” which doesn’t add any new feature, it fixes security and performances issues.
In particular these 6 major problems have been fixed, in addition to other 4 fixes about performances:

  1. Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing.
  2. Improper handling of post meta data values in the XML-RPC API. Reported by Sam Thomas.
  3. Lack of capability checks for post meta data in the XML-RPC API. Reported by Ben Bidner of the WordPress Security Team.
  4. A Cross Site Request Forgery (CSRF) vulnerability was discovered in the filesystem credentials dialog. Reported by Yorick Koster.
  5. A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files. Reported by Ronni Skansing.
  6. A cross-site scripting (XSS) vulnerability was discovered related to the Customizer. Reported by Weston Ruter of the WordPress Security Team.

The update is available within the administration dashboard.

Read more CMS Bulletin - May 2017

DDoS attacks and botnets

Rakos botnet grows but remains dormant
The Rakos botnet grows but remains inactive, Morphus Labs’ Renato Marinho says.
Rakos adds 8.000 new zombie IoT each day, and continues to evolve: it now has a P2P structure. Some bots act as a (Command & Control) called Skaros, while other act as “slaves” -Checker- and launch SSH attacks to targets to add them to the botnet.
Today Rakos is composed by IoT devices as Raspberry PI (45%), OpenELEC on Raspberry PI (22%), Ubiquiti wireless access points (16%) and other.
As of now, the only remedy to the malware is to reboot the IoT device and use strong SSH credentials.
Marinho defines the botnet as “transient”: bots don’t remain as such indefinitely but only until a reboot. The force of the botnet lies in the number of bots available each day -almost 8.000- which is enough to launch an impactful DDoS attack.

Shodan launches new tool to find C&C servers
Shodan launches Malware Hunter, a tool specifically conceived to find Command and Control (C&C, sometimes C2) servers, ie servers belonging to a botnet that send commands to zombie members of the net and act as malware download center.
Malware Hunter works thanks to bots that scan the Network looking for computer configured to act as a C2 server; bots then use a predefined mode pretending to be an infected computer and communicate with the suspected C&C server: if it replies, Malware Hunter records data and makes it available with its powerful graphical tool.

Read more Security Bulletin - May 2017

DDoS attacks and botnets

Mirai botnet launches DDoS attack toward US college

At the end of March Incapsula researchers discovered a DDoS attack aimed to an UN college.
The attack lasted 54 hours and generated an average of 30.000 requests per second with a peak of 37.000 and a total of 2.8bln requests; such number can KO most devices on the network.
Less than a day after the first attack, a second one happened, but this time with a lower impact: it lasted a little bit more than an hour and a half and RPS were 15.000, on average.

The attack shows a probable new version of the Mirai botnet, as the dimensions of the attack itself and used agent users show; it had an impact on the application level rather than on the network layer.

9.793 different IP addresses (from the US, Israel, Taiwan, India, Turkey, Russia and Italy) belong to Internet of Things devices like CCTV cameras, router and DVRs; in particular, 56% of the devices belongs to a DVR model of a single manufacturer.

Read more IT Security Bulletin - April 2017

DDoS attacks and botnets

Linux.MulDrop14 targets Raspberry-PI devices for cryptocurrencies mining
Dr.Web researchers discovered a malware, called Linux.MulDrop14, which targets Raspberry PI devices, the popular single board computer, adding them to a botnet that mines for cryptocurrencies.
In this case devices which still have default credentials and are reachable via SSH from the outside are vulnerable: the malware installs on the device, changes the access password and adds some packages, including libraries to start mining, ZMap to scan networks for vulnerable devices and sshpass to login on any found device.
Once infected, the only way to delete the malware is reinstalling the whole operating system. Naturally default passwords must be changed.

Read more IT Security Bulletin - July 2017

banner eng

fb icon evo twitter icon evo

Word of the Day

The term Edge Computing refers, when used in the cloud-based infrastructure sphere, the set of devices and technologies that allows...

>

The acronym SoC (System on Chip) describes particular integrated circuit that contain a whole system inside a single physical chip:...

>

The acronym PtP (Point-to-Point) indicates point-to-point radio links realized with wireless technologies. Differently, PtMP links connects a single source to...

>

Hold Down Timer is a technique used by network routers. When a node receives notification that another router is offline...

>

In the field of Information Technology, the term piggybacking refers to situations where an unauthorized third party gains access to...

>
Read also the others...

Download of the Day

Netcat

Netcat is a command line tool that can be used in both Linux and Windows environments, capable of...

>

Fiddler

Fiddler is a proxy server that can run locally to allow application debugging and control of data in...

>

Adapter Watch

Adapter Watch is a tool that shows a complete and detailed report about network cards. Download it here.

>

DNS DataView

DNS DataView is a graphical-interface software to perform DNS lookup queries from your PC using system-defined DNS, or...

>

SolarWinds Traceroute NG

SolarWinds Traceroute NG is a command line tool to perform advanced traceroute in Windows environment, compared to the...

>
All Download...

Issues Archive

  •  GURU advisor: issue 21 - May 2019

    GURU advisor: issue 21 - May 2019

  • GURU advisor: issue 20 - December 2018

    GURU advisor: issue 20 - December 2018

  • GURU advisor: issue 19 - July 2018

    GURU advisor: issue 19 - July 2018

  • GURU advisor: issue 18 - April 2018

    GURU advisor: issue 18 - April 2018

  • GURU advisor: issue 17 - January 2018

    GURU advisor: issue 17 - January 2018

  • GURU advisor: issue 16 - october 2017

    GURU advisor: issue 16 - october 2017

  • GURU advisor: issue 15 - July 2017

    GURU advisor: issue 15 - July 2017

  • GURU advisor: issue 14 - May 2017

    GURU advisor: issue 14 - May 2017

  • 1
  • 2
  • 3
  • BYOD: your devices for your firm

    The quick evolution of informatics and technologies, together with the crisis that mined financial mines, has brought to a tendency inversion: users that prefer to work with their own devices as they’re often more advanced and modern than those the companies would provide. Read More
  • A switch for datacenters: Quanta LB4M

    You don’t always have to invest thousands of euros to build an enterprise-level networking: here’s our test of the Quanta LB4M switch Read More
  • Mobile World Congress in Barcelona

    GURU advisor will be at the Mobile World Congress in Barcelona from February 22nd to 25th 2016!

    MWC is one of the biggest conventions about the worldwide mobile market, we'll be present for the whole event and we'll keep you posted with news and previews from the congress.

    Read More
  • 1