Botnet archives - Overheard in the tech blogosphere
Home > IT Blogs > Overheard in the tech blogosphere >

Overheard in the tech blogosphere:

botnet

Oct 23 2009   4:42PM GMT

Overheard - Baby botnet



Posted by: Margaret Rouse
micro-botnet, Security, botnet, phishing, social engineering
I suspect that a sizable percentage of small botnets are those developed by people who understand or are operating inside a business as employees who want to gain remote access to corporate systems, or by criminal entities that have dug deep and gotten insider information on the environment…We’ve seen a growth in the number of sites that offer the sale of corporate documents that were extracted from the bots.

Gunter Ollmann, as quoted in Up To 9 Percent Of Machines In An Enterprise Are Bot-Infected

Today’s WhatIs.com  Word of the Day is micro-botnet, also known as baby botnet.

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend

Apr 29 2009   3:55PM GMT

VM escape - using the hypervisor as an attack vector



Posted by: Margaret Rouse
Virtualization, Security, hypervisor, botnet, zombie army, DMZ
posey Granted, no virtual machine escape hacks exist today, but if the IT security experts are right and this type of attack is eventually developed, then virtualized servers in the DMZ are basically sitting ducks.

Brien M. Posey, Virtual servers no escape from IT security management concerns

Today’s WhatIs.com Word of the Day is virtual machine escape.  In theory, an attacker could get access to the hypervisor (if it was mis-configured or had some other vulnerability) and use it to control all the other virtual machines on the host.

Bob Plankers explains more in What is VM Escape?:

Since the hypervisor controls the execution of all of the virtual machines, an attacker that can gain access to the hypervisor can then gain control over every other virtual machine running on the host. Because the hypervisor is between the physical hardware and the guest operating system, an attacker will then be able to circumvent security controls in place on the virtual machine.

Can you image the power of a zombie army that included an almost infinite number of virtual machines?  An army that once established, had the power to create new soldiers (VMs) which one click?  Holy moly.  Big money there.

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend

Apr 9 2008   3:43PM GMT

Overheard: Is Kraken buzz just Damballa’s attempt to make a name for itself?



Posted by: Margaret Rouse
Security, Spam, Malware, botnet
“Many folks in the anti-virus and broader Internet security space say Damballa is trying to make a name for itself by hyping this threat, and that Kraken is nothing more than a renamed and repackaged “Bobax,” a worm of similar lineage and methods that was discovered several years ago.”

Brian Krebs, Kraken Spawns a Clash of the Titans
AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend