Comments for Krebs on Security

Comment on KrebsOnSecurity Hit By Huge New IoT Botnet “Meris” by GSG

GSG — Sat, 11 Sep 2021 00:53:34 +0000

This attack just proves the importance criminals attribute to Mr. Krebs.

Comment on KrebsOnSecurity Hit By Huge New IoT Botnet “Meris” by anom

anom — Fri, 10 Sep 2021 23:50:28 +0000

In reply to C Davis. They're just the latest to join the fail club. Who knows.

Comment on “FudCo” Spam Empire Tied to Pakistani Software Firm by anom

anom — Fri, 10 Sep 2021 23:42:13 +0000

In reply to the tax man comith. They don't have "feds" interested in them in the countries they're operating in.

Comment on “FudCo” Spam Empire Tied to Pakistani Software Firm by CliffOnTheRoad

CliffOnTheRoad — Fri, 10 Sep 2021 23:12:21 +0000

Who took over ICANN? phony registration name/addr/phone was reason to complain, but even blantent abuse was too much for Joe Citizen to act so I didn’t bother. Hosting services also played the “privacy” card when malware was involves.

Good PR piece for Krebs, so thank you for sharing the investigation.

Comment on KrebsOnSecurity Hit By Huge New IoT Botnet “Meris” by Chuks.O

Chuks.O — Fri, 10 Sep 2021 22:46:10 +0000

In reply to Robert Scroggins. If you were unable to contact his site despite Brian using Google as a shield against ddos attack. Then of what use is paying google for their ddos service since they are only playing "catchup"

Comment on Microsoft: Attackers Exploiting Windows Zero-Day Flaw by Alex Mondale

Alex Mondale — Fri, 10 Sep 2021 21:53:29 +0000

The mysterious “kill bill” bit:

Warning

We do not recommend unkilling (undoing the kill action on) a COM object. If you do this, you might create security vulnerabilities. The kill bit is typically set for a reason that might be critical, and because of this, extreme care must be used when you unkill an ActiveX control.
A

Comment on Microsoft: Attackers Exploiting Windows Zero-Day Flaw by Alex Mondale

Alex Mondale — Fri, 10 Sep 2021 21:50:52 +0000

In reply to Alex Mondale.

Please be careful when you unkill the kill bit (may turn into the “Kill Bill Bit” :))

From the above 10-year-old article on ActiveX controls (yeah, back when IE ruled!):

Warning

Comment on Microsoft: Attackers Exploiting Windows Zero-Day Flaw by Alex Mondale

Alex Mondale — Fri, 10 Sep 2021 21:43:44 +0000

It’s humorous to me how poorly written and ancient MS articles are in describing exactly to disable ActiveX capabilities that are documented to exist in their Office line of products, i.e., https://docs.microsoft.com/en-us/previous-versions/office/office-2010/cc179076(v=office.14)?redirectedfrom=MSDN … I mean, c’mon, where’s the beef??!

If you give me ten years to find vulnerabilities in a 15-20 year old technology that still is required by 2021 software, I would think it wouldn’t be too tough a challenge!

Comment on “FudCo” Spam Empire Tied to Pakistani Software Firm by ChrisSuperPogi

ChrisSuperPogi — Fri, 10 Sep 2021 19:51:47 +0000

“when bright young people with few prospects and subsistence-level income are granted access to comparatively wealthy “marks” can you really blame them?” – Yes. Were the Somali pirates blameless in their actions to attack, detain, and (possibly) hurt seafarers? (Reference: Captain Philipps).

Comment on “FudCo” Spam Empire Tied to Pakistani Software Firm by ChrisSuperPogi

ChrisSuperPogi — Fri, 10 Sep 2021 19:51:22 +0000

In reply to Radnar Poshek.