Rome Wasn’t Built in a Day, but This Botnet Was, Using CVE-2017-17215

A new botnet has been detected by security researchers at NewSky security, with their discovery being confirmed by researchers from Qihoo 360 Netlab, Rapid7, and Greynoise. The botnet in question has compromised more than 18,000 routers in a single day, and has been built by leveraging a security flaw in Huawei HG532 routers known as CVE-2017-17215.

Calisto Trojan for macOS

An interesting aspect of studying a particular piece of malware is tracing its evolution and observing how the creators gradually add new monetization or entrenchment techniques. Also of interest are developmental prototypes that have had limited distribution or not even occurred in the wild. We recently came across one such sample: a macOS backdoor that we named Calisto.

Surprise! Top sites still fail at encouraging non-terrible passwords

You would think that Amazon, Reddit, Wikipedia and other highly popular websites would by now tell you that “password1” or “hunter2” is a terrible password — just terrible. But they don’t. A research project that has kept tabs on the top sites and their password habits for the last 11 years shows that most provide only rudimentary password restrictions and do little to help users.