MSS News: Today's Daily Report

Last Updated: 11:04AM EST

Recent Security News

Supreme Court Rules cell phone tower searches require warrant

The Supreme Court has ruled that cell phone tower searches require warrant. An earlier blog post covers this item.

Recent Security Events

EvilOSX has been observed attacking MAC systems

These attacks are being carried out using python based scripts which are easily detected. Event: 28763

VPNFilter Telnet Scans

Jigsaw Advanced Network Protection continues to see large amounts of VPNFilter activity. These attacks have been ongoing for several weeks and account for 80% of the IDS traffic we are observing on our distributed sensors. Customers using the Jigsaw Security protection model, FirstWatch sensor and secure Internet gateway are not vulnerable to this attack. The biggest offender continues to be 209.141.57[.]203 which has been observed at nearly every Jigsaw customer site attempting to exploit the VPNFilter vulnerabilities. Many consumer level edge devices are vulnerable to this attack. We have included the vulnerable device list below for your reference.

One change is that this host is now observed doing VPNFilter, Remote Code Execution as well as Netcor Router Backdoors which shows that the activity of this threat actor has expanded from what was originally observed. Event: 28752

Vulnerable Devices:

LinkSys: E1200, E2500 and WRVS4400N

Mikrotik Routers: 1016, 1036, 1072

Netgear: DGN2200, R6400, R7000, R8000, WNR1000, WNR2000

QNap Devices: TS251, TS439 Pro, QNap NAS devices running QTS

TP-LINK Devices: R600VPN

Uptick in Activity of Jigsaw Domain Threat Feed

We are seeing an uptick in the number of blacklisted domains due to some email based attacks. We are just posting for awareness.

Necurs Botnet Activity

In addition to VPNFilter we are also seeing Necurs botnet activity. Event: 28766


Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2018 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business Jigsaw Security is an operator of WIMAX networks and is operating under license WQVC235 as a common carrier, non-common carrier and private communications operator. Jigsaw Security operates cable and satellite services. Courses may be provided by a third party authorized training partner in some cases. Some training is only available for cleared and US Citizens. Courses approved by the North Carolina Department of Public Safety Private Protective Services Board for licensing and CE credits. JPM program insurance is provided by an authorized Jigsaw Security Insurance Partner and is not underwritten by Jigsaw Security. For insurance information please contact our JPM program manager. Jigsaw Security operates a network through our NCBroadband brand.