ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic

The botnet — built for DDoS, backdooring, and dropping malware — is evading standard URL signature detections with a novel approach involving Hex IP addresses. [TechWeb]( Follow Dark Reading: [RSS]( October 16, 2023 LATEST SECURITY NEWS & COMMENTARY [ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic]( The botnet — built for DDoS, backdooring, and dropping malware — is evading standard URL signature detections with a novel approach involving Hex IP addresses. [Microsoft Debuts AI Bug-Bounty Program, Offers $15K]( The goal of the program is to uncover critical or important vulnerabilities within the AI-powered Bing program. [How MOVEit Is Likely to Shift Cyber Insurance Calculus]( Progress Software plans to collect millions in cyber insurance policy payouts after the MOVEit breaches, which will make getting coverage more expensive and harder to get for everyone else, experts say. [Feds: Beware AvosLocker Ransomware Attacks on Critical Infrastructure]( CISA and FBI warn the RaaS provider's affiliates are striking critical industries, with more attacks expected to come from additional ransomware groups in the months ahead. [Gaza Conflict Paves Way for Pro-Hamas Information Operations]( Mandiant's John Hultquist says to expect anti-Israel influence and espionage campaigns to ramp up as the war grinds on. [What the Hollywood Writers Strike Resolution Means for Cybersecurity]( The writers' strike shows that balancing artificial intelligence and human ingenuity is the best possible outcome for creative as well as cybersecurity professionals. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Uber's Ex-CISO Appeals Conviction Over 2016 Data Breach]( Joe Sullivan's lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs. [Backdoor Lurks Behind WordPress Caching Plug-in to Hijack Websites]( Evasive malware disguised as a caching plug-in allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy. [Protect Critical Infrastructure With Same Rigor as Classified Networks]( Government security processes are often viewed as tedious and burdensome — but applying the lessons learned from them is imperative for private industry to counter a nation-state threat. [MORE]( EDITORS' CHOICE [DarkGate Operator Uses Skype, Teams Messages to Distribute Malware]( A plurality of the targets in the ongoing campaign have been based in the Americas. LATEST FROM THE EDGE [Security Pros Warn That EU's Vulnerability Disclosure Rule Is Risky]( The Cyber Resilience Act's requirement to disclose vulnerabilities within 24 hours could expose organizations to attacks — or government surveillance. LATEST FROM DR TECHNOLOGY [Passkeys Are Cool, but They Aren't Enterprise-Ready]( Apple, Google, and Microsoft are promoting passkeys as a solution for accounts recovery, but enterprises are slow-walking their adoption. LATEST FROM DR GLOBAL [Gaza Conflict Paves Way for Pro-Hamas Information Operations]( Mandiant's John Hultquist says to expect anti-Israel influence and espionage campaigns to ramp up as the war grinds on. WEBINARS - [Modern Threats, Modern Security: 3 Practical Tips for CISOs to Stop Cyber Threats in the Age of AI]( Join our Cloudflare security experts as they share advice on how modernize your threat defense and highlight: --Trends in cybersecurity like the emergence of AI, multi-channel attacks, and cybercrime-as-a-service --Practical threat defense use cases based on recent cyberattacks and customer ... - [The Enterprise View to Cloud Security]( Today's enterprises may have dozens and dozens of cloud applications and services running in their environment. Enterprises need to coordinate security, manage privileges and access, and handle incident response - the service provider will do only so much. In this ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023]( - [Global Perspectives on Threat Intelligence]( - [Building Cyber Resiliency: Key Strategies for Proactive Security Operations]( - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [How to Deploy Zero Trust for Remote Workforce Security]( - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... - [Everything You Need to Know About DNS Attacks]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Appdome Announces Attack Evaluation Tools in Digital Economy's Mobile XDR]( [DigiCert Announces Comprehensive Discovery of Cryptographic Assets]( [BlackBerry Unveils Next-Generation UEM Redefining the Endpoint Management Market]( [RIT Is the First University to Receive Support From the Google Cybersecurity Clinics Fund]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The State of Supply Chain Threats]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=118751&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_10.16.23&sp_cid=50143&utm_content=DR_NL_Dark%20Reading%20Daily_10.16.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#a9 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)