How is it possible for users to lose hundreds of dollars in anomalous online bank transfers when all of their gadgets have security software installed?
Read More
With more households running smart devices that access the internet, the router is typically their only doorkeeper. And whether an end user has a laptop/desktop and router combo, or a miscellany of other devices connected to the network, the security risks are the same. Based on our research, home routers have been most susceptible to cross-site scripting (XSS) and PHP arbitrary code injection attacks, as well as being involved in carrying out DNS amplification attacks.
Read MoreAttacks against home routers have been going around for years—from malware that rigs routers to DNS rebinding attacks and backdoors, among others. Just last year one of our researchers reported a Domain Name System (DNS) changer malware that redirected users to malicious pages when they visited specific websites. This enabled cyber crooks to get hold of the victims’ online credentials, such as passwords and PINs.
We recently came across an attack that proves how the Internet of Things (IoT) can be an entry point for cybercriminal activities. In this attack, which has been going on since December 2015, it requires users to access malicious websites hosting the JavaScript via their mobile devices. Accessing these sites via mobile devices enable the JavaScript to download another JavaScript with DNS changing routines.
Read More