#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Peer-to-Peer | Breaking Cybersecurity News | The Hacker News

New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks

New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks

Dec 15, 2023 Blockchain / Internet of Things
A novel multi-platform threat called  NKAbuse  has been discovered using a decentralized, peer-to-peer network connectivity protocol known as  NKN  (short for New Kind of Network) as a communications channel. "The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities," Russian cybersecurity company Kaspersky  said  in a Thursday report. NKN, which has over 62,000 nodes, is  described  as a "software overlay network built on top of today's Internet that enables users to share unused bandwidth and earn token rewards." It incorporates a blockchain layer on top of the existing TCP/IP stack. While threat actors are known to take advantage of emerging communication protocols for command-and-control (C2) purposes and evade detection, NKAbuse leverages blockchain technology to conduct distributed denial-of-service (DDoS) attacks and function as an implant inside com
Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge

Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge

Sep 21, 2023 Botnet / Cyber Threat
The peer-to-peer (P2) worm known as  P2PInfect  has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12 and 19, 2023. "This increase in P2PInfect traffic has coincided with a growing number of variants seen in the wild, suggesting that the malware's developers are operating at an extremely high development cadence," Cado Security researcher Matt Muir said in a report published Wednesday. A majority of the compromises have been reported in China, the U.S., Germany, the U.K., Singapore, Hong Kong, and Japan. P2PInfect first came to light in July 2023 for its ability to breach poorly secured Redis instances. The threat actors behind the campaign have since resorted to different approaches for initial access, including the abuse of the database's replication feature to deliver the malware. Cado Security said it has observed an increase in initial access events attributable to P2PInfect in which the Redis SLAVEOF command
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

Feb 15, 2024SaaS Security / Risk Management
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023.  Their study reveals  how companies use SaaS today, and the wide variety of threats that result from that usage. This unique analysis provides rare and important insights into the breadth and depth of SaaS-related risks, but also provides practical tips to mitigate them and ensure SaaS can be widely used without compromising security posture.  The TL;DR Version Of SaaS Security 2023 brought some now infamous examples of malicious players leveraging or directly targeting SaaS, including the North Korean group UNC4899, 0ktapus ransomware group, and Russian Midnight Blizzard APT, which targeted well-known organizat
New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods

New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods

Jul 31, 2023 Cyber Threat / Botnet
The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet. "The malware compromises exposed instances of the Redis data store by exploiting the replication feature," Cado Security researchers Nate Bill and Matt Muir  said  in a report shared with The Hacker News. "A common attack pattern against Redis in cloud environments is to exploit this feature using a malicious instance to enable replication. This is achieved via connecting to an exposed Redis instance and issuing the SLAVEOF command." The Rust-based malware was  first documented  by Palo Alto Networks Unit 42, calling out the malware's ability to exploit a critical Lua sandbox escape vulnerability ( CVE-2022-0543 , CVSS score: 10.0) to obtain a foothold into Redis instances. The campaign is believed to have commenced on or after June 29, 2023. However, the latest discovery suggests th
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems

New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems

Jul 20, 2023 Malware / Cyber Threat
Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called  P2PInfect  that targets vulnerable Redis instances for follow-on exploitation. "P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than other worms," Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist  said . "This worm is also written in Rust, a highly scalable and cloud-friendly programming language." It's estimated that as many as 934 unique Redis systems may be vulnerable to the threat. The first known instance of P2PInfect was detected on July 11, 2023. A notable characteristic of the worm is its ability to infects vulnerable Redis instances by exploiting a critical Lua sandbox escape vulnerability,  CVE-2022-0543  (CVSS score: 10.0), which has been previously exploited to deliver multiple  malware families  such as  Muhstik ,  Redigo , and  HeadCrab  over the past ye
Researchers Warn of Increase in Phishing Attacks Using Decentralized IPFS Network

Researchers Warn of Increase in Phishing Attacks Using Decentralized IPFS Network

Jul 29, 2022
The decentralized file system solution known as IPFS is becoming the new "hotbed" for hosting phishing sites, researchers have warned. Cybersecurity firm Trustwave SpiderLabs, which disclosed specifics of the spam campaigns, said it identified no less than 3,000 emails containing IPFS phishing URLs as an attack vector in the last three months. IPFS , short for InterPlanetary File System, is a peer-to-peer (P2P) network to store and share files and data using cryptographic hashes, instead of URLs or filenames, as is observed in a traditional client-server approach. Each hash forms the basis for a unique content identifier ( CID ). The idea is to create a resilient distributed file system that allows data to be stored across multiple computers. This would allow information to be accessed without having to rely on third parties such as cloud storage providers, effectively making it resistant to censorship. "Taking down phishing content stored on IPFS can be difficult
Telegram Calling Feature Leaks Your IP Addresses—Patch Released

Telegram Calling Feature Leaks Your IP Addresses—Patch Released

Oct 01, 2018
The desktop version of the security and privacy-focused, end-to-end encrypted messaging app, Telegram , has been found leaking both users' private and public IP addresses by default during voice calls. With 200 million monthly active users as of March 2018, Telegram promotes itself as an ultra-secure instant messaging service that lets its users make end-to-end encrypted chat and voice call with other users over the Internet. Security researcher Dhiraj Mishra uncovered a vulnerability (CVE-2018-17780) in the official Desktop version of Telegram (tdesktop) for Windows, Mac, and Linux, and Telegram Messenger for Windows apps that was leaking users' IP addresses by default during voice calls due to its peer-to-peer (P2P) framework. To improve voice quality, Telegram by default uses a P2P framework for establishing a direct connection between the two users while initiating a voice call, exposing the IP addresses of the two participants. Telegram Calls Could Leak Your
Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication

Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication

May 30, 2017
What if your laptop is listening to everything that is being said during your phone calls or other people near your laptop and even recording video of your surrounding without your knowledge? Sounds really scary! Isn't it? But this scenario is not only possible but is hell easy to accomplish. A UX design flaw in the Google's Chrome browser could allow malicious websites to record audio or video without alerting the user or giving any visual indication that the user is being spied on. AOL developer Ran Bar-Zik reported the vulnerability to Google on April 10, 2017, but the tech giant declined to consider this vulnerability a valid security issue, which means that there is no official patch on the way. How Browsers Works With Camera & Microphone Before jumping onto vulnerability details, you first need to know that web browser based audio-video communication relies on WebRTC (Web Real-Time Communications) protocol – a collection of communications protocols th
Ricochet — Most Secure Peer-to-Peer Encrypted Messenger that Sends No Metadata

Ricochet — Most Secure Peer-to-Peer Encrypted Messenger that Sends No Metadata

Feb 23, 2016
There are several encrypted messaging apps for mobile and desktop platforms that shipped with "The Most Secure" tagline but ends up in de-anonymizing the real identity of its users in some or the other way. In fact, very few encrypted messaging apps available today deal with the core problem of Metadata .  The majority of apps offer end-to-end encryption that kept the content of your messages away from prying eyes, but your metadata will still be accessible to them, which is enough to know who you really are, and who you're talking to. But, one messenger app stands out of the crowd by providing superb anonymity to its users, and it is dubbed as " Ricochet ." Ricochet is a peer-to-peer instant messaging system available for Windows, Mac, and Linux and you can trust it as the app has already cleared its first professional security audit carried out by cyber security company NCC Group . What's so Promising about Ricochet? Unlike
Nasdaq to Use Bitcoin-style Blockchain to Record Shareholder Votes

Nasdaq to Use Bitcoin-style Blockchain to Record Shareholder Votes

Feb 13, 2016
The Nasdaq stock exchange and the Republic of Estonia have announced the use of Blockchain-based technology to allow shareholders of companies to e-vote in shareholder meetings even when they're abroad, according to Nasdaq's press release. Global stock market giant is developing an electronic shareholder voting system implemented on the top of Blockchain technology that underpins Bitcoins . Blockchain – the public and decentralized ledger technology underpins all Bitcoin transactions and logs each transfer of an asset in an encrypted "block" that is added to a permanent, transparent chain showing every deal associated with that asset. Even some of the world's major banks are also considering the adoption of the Blockchain technology. In the mid of last year, 9 of the World's renowned Banks, including JPMorgan, Royal Bank of Scotland, Goldman Sachs and Barclays , collaborated with New York-based financial tech firm R3 to create a new fram
Sadly, Windows 10 Is Stealing Your Bandwidth 'By Default' — Disable It Immediately

Sadly, Windows 10 Is Stealing Your Bandwidth 'By Default' — Disable It Immediately

Aug 03, 2015
After installing Windows 10, Feeling like your Internet Bandwidth is dropping away? Windows 10 is stealing your network bandwidth. Along with the privacy features related to Wi-Fi Sense , Windows 10 users should check for another hidden by default feature that uses your network bandwidth to share updates with other Windows 10 users across the Internet. Microsoft launched Windows 10 on July 29 and offered a free upgrade to Windows 7,8 and 8.1 users , and for anyone who wants to download it. But, handling millions of simultaneous 3.5GB downloads is quite difficult for the company. So, in order to cope up with the issue, Microsoft has baked a new feature into its latest desktop operating system that uses the torrent-style approach to obtain software updates , allowing Windows 10 users to download updates from other users. Also Read:  How to Fix 35+ Windows 10 Privacy Issues With Just One Click . Windows 10 is Stealing your Internet Bandwidth The feature, known
Windows 10 to deliver updates and App downloads via Peer-to-Peer Technology

Windows 10 to deliver updates and App downloads via Peer-to-Peer Technology

Mar 16, 2015
Does downloading Windows updates from Microsoft's servers and waiting too long really annoy you? It might not be with the arrival of Windows 10 . Microsoft seems to make a major change in Windows 10 to the way it delivers updates for the software. The leaked version of Windows 10 build 10036 (the current version is build 9926) allows you to grab OS updates from Microsoft as well as other computers, whether they're on your local network or on the Internet. Yeah, it's a Peer-to-Peer (P2P) technology Microsoft is going to use in order to deliver both app and operating system updates. Peer-to-Peer , or P2P Technology is usually associated with file sharing services like BitTorrent to download illicit copies of movies and albums, and of course, those endless Linux ISOs you've been downloading. However, Redmond is embracing the technology as an efficient means to deliver software updates to its users around the globe. Peer-to-Peer downloads will be o
The Pirate Bay Goes Down Again and Again... and Then Once Again

The Pirate Bay Goes Down Again and Again... and Then Once Again

Feb 24, 2015
Since its return over a month ago, The Pirate Bay — the infamous peer-to-peer file sharing website that has provided only the finest in illegal torrents for more than a decade — has suffered a lot to keep the ship afloat. But, now TPB is experiencing yet more downtime. The Pirate Bay (TPB) torrent search website was down this morning, and users visiting the websites were redirected to the "mobile-friendly" version of its notorious website called The Mobile Bay , but the website wasn't working either. Both the websites displayed identical ' 403 Forbidden ' error messages. The outage was first spotted by TorrentFreak, which noted that The Pirate Bay has been struggling to keep the website online since it returned late January after going dark from the Internet following a raid in Sweden late last year in which several servers and other equipment were seized by the police in Stockholm. The actual cause of the latest downtime wasn't clear that
Federal Judge ruled at Child pornography case, 'Your Peer-to-Peer file sharing data is not a private matter'

Federal Judge ruled at Child pornography case, 'Your Peer-to-Peer file sharing data is not a private matter'

Nov 13, 2013
Today computer telecommunications have become one of the most prevalent techniques used by pedophiles to share illegal photographic images of minors and to lure children into illicit sexual relationships. The Internet has dramatically increased the access of the preferential sex offenders to the population they seek to victimize and provides them greater access to a community of people who validate their sexual preferences. The Fourth Amendment is the most implicated and litigated portion of the Constitution. Courts are increasingly confronting the problems associated with adapting Fourth Amendment principles to modern technology. If you think that your peer-to-peer file sharing can be kept under wraps, then please think again. A federal judge ' Christina Reiss ' in Vermont has ruled that there should be no expectation of privacy for data shared across peer-to-peer file-sharing services. In a Child pornography case, three defendants argued that information gained
Cybersecurity Resources