Top IT Security Bloggers

Arbor Networks
  • Musical Chairs Playing Tetris

    Arbor Networks
    Introduction ASERT has discovered new command-and-control infrastructure controlled by the APT actors behind the Musical Chairs campaign.  The security research community has associated these actors with significant campaigns in the past, including the pivotal Night Dragon campaign reported on by McAfee in 2011.  The actors […]
  • The ARC of Satori

    Arbor Networks
    Authors: Pete Arzamendi, Matt Bing, and Kirk Soluk Satori, the heir-apparent to the infamous IOT malware Mirai, was discovered by researchers in December 2017. The word “satori” means “enlightenment” or “understanding” in Japanese, but the evolution of the Satori malware has brought anything but clarity. […]
  • MedusaHTTP DDoS Slithers Back into the Spotlight

    Arbor Networks
    Executive Summary MedusaHTTP is a HTTP-based DDoS botnet written in .NET, that surfaced in early 2017. MedusaHTTP is based off of MedusaIRC which leveraged IRC for its command and control communications instead of HTTP. MedusaIRC botnet has been advertised on various underground hacker marketplaces since […]
  • Reaper Madness

    Arbor Networks
    On October 19th, a team of security researchers warned of a new IoT Botnet that had already infected “an estimated million organizations” and that was poised to “take down the internet”. This report was subsequently picked up by the press and spread quickly via social media. […]
  • SnatchLoader Reloaded

    Arbor Networks
    Executive Summary SnatchLoader is a “downloader” malware—a type of malware that specializes in distributing (or loading) other malware onto infected computers. We first started seeing it in the wild around January 2017, but after a few months it went dormant. Recently, development of the malware […]
  • The Flusihoc Dynasty, A Long Standing DDoS Botnet

    Arbor Networks
    Since 2015, ASERT has observed and followed a DDoS Botnet named Flusihoc. To date very little has been published about this family, despite numerous anti-virus and intrusion detection signatures created by various vendors. Flusihoc has remained persistent with multiple variants, over 500 unique samples in […]
  • The Formidable FormBook Form Grabber

    Arbor Networks
    More and more we’ve been seeing references to a malware family known as FormBook. Per its advertisements it is an infostealer that steals form data from various web browsers and other applications. It is also a keylogger and can take screenshots. The malware code is […]
  • Down to the WireX

    Arbor Networks
    Over the course of the last few weeks, a botnet comprised mainly of Android mobile devices has been utilized to launch a high-impact DDoS extortion campaign against multiple organizations in the travel and hospitality sector. This botnet, dubbed ‘WireX’, is only the second mobile botnet […]
  • LockPoS Joins the Flock

    Arbor Networks
    While revisiting a Flokibot campaign that was targeting point of sale (PoS) systems in Brazil earlier this year, we discovered something interesting. One of the command and control (C2) servers that had been dormant for quite some time had suddenly woken up and started distributing […]
  • Patching Not Enough to Stop Petya

    Arbor Networks
    Voluminous amounts of information have already been disseminated regarding the “Petya” (or is it “NotPetya”? [1]) ransomware that hit the Ukraine hard [2] along with organizations such as “the American pharmaceutical giant Merck, the Danish shipping company AP Moller-Maersk, the British advertising firm WPP, Saint-Gobain […]

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release