2022, Cybersecurity, DDOS and Information Security

Akamai prevented the largest DDoS attack on a US financial company

Security Affairs

SEPTEMBER 10, 2023

Akamai announced it has mitigated the largest distributed denial-of-service (DDoS) attack on a U.S. Cybersecurity firm Akamai successfully identified and prevented a massive distributed denial-of-service (DDoS) attack targeting an unnamed, leading American financial institution. financial company. gigabits per second.

DDOS

DDOS Financial Services Hacking Ransomware

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

Security Affairs

MAY 28, 2022

360 Qihoo reported DDoS attacks launched by APT-C-53 (aka Gamaredon) conducted through the open-source DDoS Trojan program LOIC. “We found that multiple C2 servers distributed an open-source DDoS Trojan program LOIC compiled by.net from March 4th to 5th, 2022.” caciques.gloritapa.** delicate.maizuko.**

DDOS

DDOS Malware Phishing Hacking

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

eSecurity Planet

JANUARY 28, 2022

Microsoft in November fended off a massive distributed denial-of-service (DDoS) attack in its Azure cloud that officials said was the largest ever recorded, the latest in a wave of record attacks that washed over the IT industry in the second half of 2021. Also read: How to Stop DDoS Attacks: 6 Tips for Fighting DDoS Attacks.

DDOS

DDOS IoT Engineering DNS

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Imperva blocked a record DDoS attack with 25.3 billion requests

Security Affairs

SEPTEMBER 21, 2022

Cybersecurity company Imperva announced to have mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 Cybersecurity firm Imperva mitigated a DDoS attack with over 25.3 billion requests on June 27, 2022. “On June 27, 2022, Imperva mitigated a single attack with over 25.3

DDOS

DDOS Telecommunications Hacking Cybersecurity

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

FBI seized 13 domains linked to DDoS-for-hire platforms

Security Affairs

MAY 9, 2023

DoJ announced the seizure of 13 new domains associated with DDoS-for-hire platforms as part of Operation PowerOFF. Justice Department announced the seizure of 13 domains linked to DDoS-for-hire services as part of a coordinated international law enforcement effort known as Operation PowerOFF. com, ragebooter(.)com, com, downthem(.)org

DDOS

DDOS Internet Internet Hacking

Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet

Security Affairs

MAY 9, 2023

A DDoS botnet dubbed AndoryuBot has been observed exploiting an RCE, tracked as CVE-2023-25717, in Ruckus access points. The activity is associated with a known DDoS botnet tracked as AndoryuBot that first appeared in February 2023. The bot supports multiple DDoS attack techniques and uses SOCKS5 proxies for C2 communications.

DDOS

DDOS Wireless Architecture Advertising

Dark Frost Botnet targets the gaming sector with powerful DDoS

Security Affairs

MAY 26, 2023

Researchers spotted a new botnet dubbed Dark Frost that is used to launch distributed denial-of-service (DDoS) attacks against the gaming industry. Researchers from Akamai discovered a new botnet called Dark Frost that was employed in distributed denial-of-service (DDoS) attacks. Gbps through a UDP flood attack. We are in the final!

DDOS

DDOS Architecture Malware Hacking

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

Security Affairs

MAY 4, 2022

Pro-Ukraine hackers are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen Russian and Belarusian websites. The DDoS attacks also targeted three Lithuanian media websites. The DDoS attacks also targeted three Lithuanian media websites. Follow me on Twitter: @securityaffairs and Facebook.

DDOS

DDOS Media Government Engineering

Lockbit leak sites hit by mysterious DDoS attack after Entrust hack

Security Affairs

AUGUST 22, 2022

Cybersecurity researcher Dominic Alvieri published a notice sent to Entrust customers on July 6, which inform them that some files were taken from its internal systems. Entrust security incident dated June 18th. Curiously, the LockBit ransomware’s Tor leak sites were unreacheable due to a DDoS attack. Tor leak site.

DDOS

DDOS Hacking InfoSec Ransomware

A DDoS attack took down Finnish govt sites as Ukraine’s President addresses MPs

Security Affairs

APRIL 9, 2022

A massive DDoS attack took down Finnish government websites while Ukrainian President Zelenskyy addressed Finland’s members of parliament (MPs). StandWithUkraine [link] — MFA Finland (@Ulkoministerio) April 8, 2022. link] — Puolustusministeriö (@DefenceFinland) April 8, 2022. To nominate, please visit:?

DDOS

DDOS Government Hacking Cybersecurity

The Cybersecurity Perception Problem in 2023

Approachable Cyber Threats

DECEMBER 6, 2023

The 2023 update to our research on the perception of cybersecurity incident and data breach causes that’s helped organizations re-evaluate how they are at risk of a cybersecurity incident or data breach instead of what feels right. Source: Verizon DBIR [1] Patterns over time in cybersecurity data breaches. Keep reading below!

Cybersecurity

Cybersecurity Social Engineering Data breaches Engineering

ENISA: Ransomware became a prominent threat against the transport sector in 2022

Security Affairs

MARCH 22, 2023

The European Union Agency for Cybersecurity (ENISA) published its first cyber threat landscape report for the transport sector. A new report published by the European Union Agency for Cybersecurity (ENISA) analyzes threats and incidents in the transport sector.

Ransomware

Ransomware DDOS Cyber threats Phishing

CloudFlare blocked a record HTTPs DDoS attack peaking at 15 rps

Security Affairs

APRIL 28, 2022

Cloudflare has mitigated a distributed denial-of-service (DDoS) attack that peaked at 15.3 Cloudflare announced to have mitigated a distributed denial-of-service (DDoS) attack that peaked at 15.3 million request-per-second (RPS), which is one of the largest HTTPS DDoS attacks blocked by the company.

DDOS

DDOS Encryption Hacking Cybersecurity

SLP flaw allows DDoS attacks with an amplification factor as high as 2200 times

Security Affairs

APRIL 25, 2023

A flaw in the Service Location Protocol (SLP), tracked as CVE-2023-29552, can allow to carry out powerful DDoS attacks. A high-severity security vulnerability (CVE-2023-29552, CVSS score: 8.6) impacting the Service Location Protocol ( SLP ) can be exploited by threat actors to conduct powerful volumetric DDoS attacks.

DDOS

DDOS Internet Internet Firewall

Ongoing DDoS attacks from compromised sites hit Ukraine

Security Affairs

APRIL 28, 2022

Ukraine CERT-UA warns of ongoing DDoS attacks targeting pro-Ukraine sites and the government web portal. The post Ongoing DDoS attacks from compromised sites hit Ukraine appeared first on Security Affairs. ” reads the advisory of the Ukraine CERT-UA. To nominate, please visit:? Pierluigi Paganini.

DDOS

DDOS Banking Government Hacking

The Data Breach Perception Problem in 2022

Approachable Cyber Threats

DECEMBER 13, 2022

The 2022 update to our research on the perception of data breach causes that’s helped organizations re-evaluate how they are at risk for a data breach instead of what feels right. In their 2022 report, System Intrusion took the lead, accounting for 40% of all breach events. What influences our perception of cybersecurity breach causes?

Data breaches

Data breaches Social Engineering Engineering Phishing

Let’s give a look at the Dark Web Price Index 2022

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report.

Identity Theft

Identity Theft Accountability DDOS Cybercrime

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

Security Affairs

AUGUST 4, 2022

Major Taiwan government websites were temporarily forced offline by distributed denial of service (DDoS) attacks attacks during the visit to Taipei of US House Speaker Nancy Pelosi. In February 2022, China-linked APT group APT10 (aka Stone Panda, Bronze Riverside) targeted Taiwan’s financial trading sector with a supply chain attack.

DDOS

DDOS Government Cyber Attacks Hacking

The Cybersecurity Perception Problem in 2023

Approachable Cyber Threats

DECEMBER 7, 2023

The 2023 update to our research on the perception of cybersecurity incident and data breach causes that’s helped organizations re-evaluate how they are at risk of a cybersecurity incident or data breach instead of what feels right. Source: Verizon DBIR [1] Patterns over time in cybersecurity data breaches. Keep reading below!

Cybersecurity

Cybersecurity Social Engineering Data breaches Engineering

Ukraine: Military defense agencies and banks hit by cyberattacks

Security Affairs

FEBRUARY 15, 2022

Ukraine ‘s defense agencies and two state-owned banks were hit by Distributed Denial-of-Service (DDoS) attacks. The Ministry of Defense and the Armed Forces of Ukraine and state-owned banks, Privatbank (Ukraine’s largest bank) and Oschadbank were hit by Distributed Denial-of-Service (DDoS) attacks. Inform [link] ?? ?????

Banking

Banking DDOS Accountability Media

Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable

Security Affairs

SEPTEMBER 11, 2023

Seeing many websites left vulnerable was unexpected, as attacks against universities have historically been very common, starting from DDoS attacks launched by students trying to cancel classes to full-blown ransomware attacks,” Cybernews researchers said. Researchers were able to confirm the entries were accurate.

Cybersecurity

Cybersecurity Penetration Testing Passwords DDOS

Spotlight on Cybersecurity Leaders: Randy Raw

SecureWorld News

MARCH 31, 2022

In Q&A format, they share about their professional journeys, unique experiences, and hopes for the future of cybersecurity—along with some personal anecdotes. He is the Chief Information Security Officer at Veterans United Home Loans in Columbia, Missouri. In this installment, we introduce you to Randy Raw. Answer: Excited!

Cybersecurity

Cybersecurity InfoSec Authentication DDOS

Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

Security Affairs

JANUARY 9, 2023

Cybersecurity firm Resecurity published report on drug trafficking marketplaces currently operating in the Dark Web. Resecurity, a Los Angeles-based cybersecurity and risk management provider has released an eye-opening report on drug trafficking marketplaces currently operating in the Dark Web. Pierluigi Paganini.

Marketing

Marketing Mobile Cybercrime DDOS

Pro-Russia group NoName took down multiple France sites, including the French Senate one

Security Affairs

MAY 5, 2023

The French Senate’s website was taken offline by a DDoS attack launched by the pro-Russian hacker group NoName. The pro-Russia hacker group NoName is claiming responsibility for a DDoS attack that took the website of the French Senate offline. We are in the final!

DDOS

DDOS Cyber Attacks Mobile Internet

New Wiper Malware HermeticWiper targets Ukrainian systems

Security Affairs

FEBRUARY 24, 2022

Cybersecurity experts discovered a new data wiper malware that was used in attacks against hundreds of machines in Ukraine. Researchers from cybersecurity firms ESET and Broadcom’s Symantec discovered a new data wiper malware that was employed in a recent wave of attacks that hit hundreds of machines in Ukraine.

Malware

Malware DDOS Banking Government

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

Security Affairs

NOVEMBER 4, 2022

I’m proud to announce the release of the 10th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2022 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape.

Cyber threats

Cyber threats Phishing Social Engineering Ransomware

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

Security Affairs

APRIL 21, 2023

Pro-Russia hackers KillNet launched a massive DDoS attack against Europe’s air-traffic agency EUROCONTROL. The massive DDoS attack hit the website of the agency on April 19. In February, the group launched a series of DDoS attacks against the websites of German airports, administration bodies, and banks.

DDOS

DDOS Hacking Education Banking

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Security Affairs

JUNE 6, 2022

Besides proprietary tools, they’re leveraging MHDDoS, Blood, Karma DDoS, Hasoki, DDoS Ripper and GoldenEye scripts to generate malicious traffic on Layer 7 which may impact the availability of WEB resources. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Government

Government DDOS Cyber Attacks Hacking

The government of Lithuania confirmed it had been hit by an intense cyberattack

Security Affairs

JUNE 27, 2022

The Lithuanian Ministry of Defense announced that Lithuanian state institutions and companies are under a massive DDoS attack. Lithuanian state institutions and companies are under intense DDoS attack. pic.twitter.com/7onnYtceJi — Lithuanian MOD (@Lithuanian_MoD) June 27, 2022.

Government

Government DDOS Media IoT

The Data Breach Perception Problem in 2022

Approachable Cyber Threats

DECEMBER 13, 2022

The 2022 update to our research on the perception of data breach causes that’s helped organizations re-evaluate how they are at risk for a data breach instead of what feels right. In their 2022 report, System Intrusion took the lead, accounting for 40% of all breach events. What influences our perception of cybersecurity breach causes?

Data breaches

Data breaches Social Engineering Engineering Phishing

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

Malware

Malware DDOS IoT Cybercrime

CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

Security Affairs

MARCH 8, 2023

A proof of concept (PoC) exploit code for this vulnerability was published on GitHub since December 2022. Most of the attacks observed by cybersecurity firm GreyNoise originated from the U.S. The CVE-2022-33891 flaw is a command injection vulnerability in the Apache Spark. and the Netherlands.

DDOS

DDOS IoT Software Internet

The LEGION collective calls to action to attack the final of the Eurovision song contest

Security Affairs

MAY 14, 2022

The Pro-Russian volunteer movement known as LEGION is calling to launch DDoS attacks against the final of the Eurovision song contest. The LEGION is a Pro-Russian volunteer movement that focuses on DDOS attacks. Task #2: Task #2 make a DDOS attack on the discovered servers and keep them until 07:00 Moscow time.

DDOS

DDOS Hacking Government Cybersecurity

Moobot botnet spreads by targeting Cacti and RealTek flaws

Security Affairs

APRIL 3, 2023

FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. The ShellBot , also known as PerlBot, is a Perl-based DDoS bot that uses IRC protocol for C2 communications. also support backdoor capabilities.

DDOS

DDOS Malware Hacking Education

New Go-based Redigo malware targets Redis servers

Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. In March 2022, the U.S.

Malware

Malware DDOS Architecture Cryptocurrency

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

OCTOBER 19, 2023

I’m proud to announce the release of the 11th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape.

Social Engineering

Social Engineering Artificial Intelligence Engineering Ransomware

A new Mirai botnet variant targets TP-Link Archer A21

Security Affairs

APRIL 25, 2023

The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event. Working exploits for LAN and WAN interface accesses were respectively reported by Team Viettel and Qrious Security. This can be used to launch a Valve Source Engine (VSE) distributed denial-of-service (DDoS) attack against game servers.”

DDOS

DDOS Engineering Firmware Architecture

Ukraine IT Army hit EGAIS portal impacting Russia’s alcohol distribution

Security Affairs

MAY 6, 2022

Ukraine IT Army launched massive DDoS attacks on the EGAIS portal that has a crucial role in Russia’s alcohol distribution. ” reported Vedomosti “Apparently, we are talking about DDoS attacks.” At the time of writing this, the EGAIS portal is still unreachable.

DDOS

DDOS Retail Accountability Marketing

BlackCat ransomware targets another healthcare facility

Malwarebytes

FEBRUARY 22, 2023

In December, 2022, the Office of Information Security and Health Sector Cybersecurity Coordination Center issued an extensive Analyst Note which identified BlackCat as a "relatively new but highly-capable" ransomware threat to health care providers. million in previous cybersecurity attacks against the healthcare sector.

Healthcare

Healthcare Ransomware Backups DDOS

Russia-linked Fronton botnet could run disinformation campaigns

Security Affairs

MAY 23, 2022

Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. This release noted that DDoS “is only one of the many capabilities of the system.” . As of April 2022, 0day technologies has changed its domain from 0day[.]ru ru to 0day[.]llc.

DDOS

DDOS Media Hacking Engineering

CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine

Security Affairs

FEBRUARY 24, 2023

Cybersecurity and Infrastructure Security Agency (CISA) warns organizations to increase vigilance. Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations and individuals to increase vigilance. One year after Russia’s invasion of Ukraine, the U.S. ” reads the alert.

DDOS

DDOS Cybersecurity Government Hacking

LilithBot Malware, a new MaaS offered by the Eternity Group

Security Affairs

OCTOBER 6, 2022

The Eternity group operates a homonymous malware-as-a-service (MaaS), it is linked to the Russian “Jester Group,” which is active since at least January 2022. According to Cyble, the operators behind the Eternity Project are also developing a DDoS Bot malware borrowing code from the existing Github repository.

Malware

Malware DDOS Ransomware Cryptocurrency

Security Affairs newsletter Round 437 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 17, 2023

Financial Company Geolocating a Traveler via OSINT techniques Telegram Hit by a DDoS Attack: What Is the Cause Behind It?

Spyware

Spyware DDOS Cybercrime Ransomware

Akamai prevented the largest DDoS attack on a US financial company

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

Webinars

Trending Sources

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

Webinars

Imperva blocked a record DDoS attack with 25.3 billion requests

Enemybot, a new DDoS botnet appears in the threat landscape

FBI seized 13 domains linked to DDoS-for-hire platforms

Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet

Dark Frost Botnet targets the gaming sector with powerful DDoS

Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites

Lockbit leak sites hit by mysterious DDoS attack after Entrust hack

A DDoS attack took down Finnish govt sites as Ukraine’s President addresses MPs

The Cybersecurity Perception Problem in 2023

ENISA: Ransomware became a prominent threat against the transport sector in 2022

CloudFlare blocked a record HTTPs DDoS attack peaking at 15 rps

SLP flaw allows DDoS attacks with an amplification factor as high as 2200 times

Ongoing DDoS attacks from compromised sites hit Ukraine

The Data Breach Perception Problem in 2022

Let’s give a look at the Dark Web Price Index 2022

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

The Cybersecurity Perception Problem in 2023

Ukraine: Military defense agencies and banks hit by cyberattacks

Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable

Spotlight on Cybersecurity Leaders: Randy Raw

Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

Pro-Russia group NoName took down multiple France sites, including the French Senate one

New Wiper Malware HermeticWiper targets Ukrainian systems

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

Pro-Russia hackers launched a massive attack against the EUROCONTROL agency

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

The government of Lithuania confirmed it had been hit by an intense cyberattack

The Data Breach Perception Problem in 2022

EnemyBot malware adds new exploits to target CMS servers and Android devices

CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

The LEGION collective calls to action to attack the final of the Eurovision song contest

Moobot botnet spreads by targeting Cacti and RealTek flaws

New Go-based Redigo malware targets Redis servers

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

A new Mirai botnet variant targets TP-Link Archer A21

Ukraine IT Army hit EGAIS portal impacting Russia’s alcohol distribution

BlackCat ransomware targets another healthcare facility

Russia-linked Fronton botnet could run disinformation campaigns

CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine

LilithBot Malware, a new MaaS offered by the Eternity Group

Security Affairs newsletter Round 437 by Pierluigi Paganini – International edition

Stay Connected