Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A new variant of the DNS-changing Trojan.Flush.M malware has been spotted, security researchers said this week.Johannes Ullrich, chief research officer of the SANS Institute, said in a blog post Monday that the malware resembles a December outbreak, which attempted to install a rogue DHCP (Dynamic Host Configuration Protocol) server. DHCP automates the assignment of IP addresses in an organisation's network.If an attacker is able to install the malicious DHCP, he or she can monitor traffic and hijack request packets from other machines on the network, forcing them to visit malicious websites, with the goal of infecting all machines in the network, researchers said."The main goal of the DCHP server is to spread a bad DNS server IP address," Ullrich wrote.The new variant better hides the fake DHCP than the previous version did, Ullrich said. Also, the latest variant does not specify a DNS domain name. "Monitor connections to DNS servers other than the approved one pushed out by your DHCP server," Ullrich recommended. "This should help you spot this kind of malware."See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.