The Intelligence Corner

Our experts’ unique discoveries, observations, and opinions on what’s trending today in Business Risk Intelligence and the Deep & Dark Web.

Blog

An After-Action Analysis of the Mirai Botnet Attacks on Dyn

Key Takeaways • On October 21, 2016, a series of distributed denial-of-service (DDoS) attacks against Dyn DNS impacted the availability of a number of sites concentrated in the Northeast US and, later, other areas of the country. Impacted sites included: PayPal, Twitter, Reddit, GitHub, Amazon, Netflix, Spotify, and RuneScape. • While the attacks were still […]

Read more

Mirai Botnet Linked to Dyn DNS DDoS Attacks

By FP_Analyst
October 21, 2016

Key Takeaways Flashpoint has confirmed that some of the infrastructure responsible for the distributed denial-of-service (DDoS) attacks against Dyn DNS were botnets compromised by Mirai malware. Mirai botnets were previously used in DDoS attacks against the “Krebs On Security” blog and OVH. As of 1730 EST, the attacks against Dyn DNS are still ongoing. Flashpoint […]

Read more

Analysis of “DirtyCow” Kernel Exploit

Key Takeaways On October 20, 2016, Ars Technica published an article about a serious kernel-level Linux exploit which allows for local privilege escalation attacks. Red Hat Product Security has identified this exploit being used in the wild and addressed the apparent vulnerability caused by this exploit. Other Linux distribution operating systems are also in the […]

Read more

Team Member Profile: Ronnie Tokazowski

By FP_Analyst
October 20, 2016

  Ronnie Tokazowski, Senior Malware Analyst Ronnie is a Senior Malware Analyst at Flashpoint who specializes in APT, crimeware, and cryptanalysis. When he’s not cooking, he’s reversing new strains of malware and breaking different malware protocols in order to understand how they work. Q: What are you currently working on? A: I’m assisting our analysts with […]

Read more

Q3 Reflections: A remarkable team and innovative strategy

October 17, 2016
BRI

It’s been a busy and exciting few months at Flashpoint. In July, we set some ambitious Q3 2016 goals, which included everything from industry-specific sales targets and key hiring strategies to product roadmap milestones. However, one critical mission quickly became the driving force behind everything we sought to accomplish: help as many organizations as possible […]

Read more

Current Trends in Mobile Threats Targeting Financial Services

Key Findings Malware targeting credentials and payment information remains a major threat to mobile users. Call and SMS interception are in demand and support a variety of unauthorized retail and banking transactions. Calls and SMS Telephony Denial of Service (TDoS) are in demand; however, due to the excessive cost of the technique, they are only available […]

Read more

When Vulnerabilities Travel Downstream

CVEs Assigned to Upstream Devices Exploited by Mirai IoT Botnet Key Findings • While investigating the recent large-scale distributed denial-of-service (DDoS) attacks, Flashpoint identified the primary manufacturer of the devices that utilize the default username and password combination known as root and xc3511. • Default credentials pose little threat when a device is not accessible […]

Read more

Team Member Profile: Rob C.

By FP_Analyst
October 5, 2016

Rob C., Senior Intelligence Analyst Rob is a dynamic and well-rounded All-Source Intelligence and Physical Security Analyst with 20 years of multi-discipline intelligence experience. His background includes managing and developing Personnel Security, Physical Security (certified DoD Physical Security Inspector), and Operations Security programs for the Department of Defense. Rob’s positions have entailed tactical-level intelligence collection […]

Read more