Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains were the worst in the world for spam, botnet (attack infrastructure for DDOS etc.) US phishing domains.

Phishing 279

Phishing Telecommunications Malware Scams 279

Security Affairs

DECEMBER 12, 2021

The attack_init function is also discarded, and the ddos attack function is called directly by the command processing function. During this process, a number of DNS requests are generated.” The analysis of the ELF sample revealed that it supports DDoS and backdoor commands. ” reads the post published by NetLab 360.

DDOS 135

DDOS DNS Authentication Passwords 135

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks.

IoT 102

IoT DNS Manufacturing Firmware 102

Security Affairs

SEPTEMBER 25, 2022

gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3 gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3 Every week the best security articles from Security Affairs free for you in your email box.

Cryptocurrency 83

Cryptocurrency Data breaches DNS DDOS 83

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. 2017 analysis of the RAT.

Advertising 226

Advertising Malware Marketing Software 226

Security Affairs

APRIL 1, 2019

The popular expert unixfreaxjp analyzed a new China ELF DDoS’er malware tracked as “Linux/DDoSMan” that evolves from the Elknot malware to deliver new ELF bot. The code seems inspired from multiple source code of China basis DDoS client, like Elknot. But what kind of malware is this Elknot Trojan?

DDOS 83

DDOS Malware Encryption Penetration Testing 83

Security Affairs

APRIL 21, 2019

A new DDoS technique abuses HTML5 Hyperlink Audit Ping in massive attacks. Analyzing OilRigs malware that uses DNS Tunneling. Operator of Codeshop Cybercrime Marketplace Sentenced to 90 months in prison. Marcus Hutchins pleads guilty to two counts of banking malware creation. Pierluigi Paganini.

Computers and Electronics 60

Computers and Electronics Spyware Data breaches Advertising 60

Security Affairs

AUGUST 22, 2021

million customers Adobe addresses two critical vulnerabilities in Photoshop Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR Kalay cloud platform flaw exposes millions of IoT devices to hack Fortinet FortiWeb OS Command Injection allows takeover servers remotely 1.9

Data breaches 99

Data breaches Mobile Ransomware DNS 99

Security Affairs

AUGUST 8, 2018

Ramnit is one of the most popular banking malware families in existence today, it was first spotted in 2010 as a worm, in 2011, its authors improved it starting from the leaked Zeus source code turning the malware into a banking Trojan. DDoS attacks, ransomware-based campaigns, cryptocurrency mining campaigns).

Malware 47

Malware DNS Encryption Banking 47

Security Affairs

MARCH 20, 2022

EU and US agencies warn that Russia could attack satellite communications networks Avoslocker ransomware gang targets US critical infrastructure Crooks claims to have stolen 4TB of data from TransUnion South Africa Exotic Lily initial access broker works with Conti gang Emsisoft releases free decryptor for the victims of the Diavol ransomware China-linked (..)

DNS 87

DNS Antivirus DDOS Hacking 87

SecureList

MAY 27, 2022

Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce. Subsequently, DDoS attacks hit some government websites. Roaming Mantis reaches Europe.

Phishing 110

Phishing Spyware Firmware Malware 110

SecureList

APRIL 27, 2022

Disclaimer: when referring to APT groups as Russian-speaking, Chinese-speaking or other-“speaking” languages, we refer to various artefacts used by the groups (such as malware debugging strings, comments found in scripts, etc.) Subsequently, DDoS attacks hit several government websites.

Malware 135

Malware Firmware Government Phishing 135

SecureList

NOVEMBER 26, 2021

The PyInstaller module for Windows contains a script named “Guard” Interestingly, this malware was developed for both Windows and macOS operating systems. The malware tries to spread to other hosts on the network by infecting USB drives. After this, they were tricked into downloading previously unknown malware.

Malware 93

Malware Banking Energy and Utilities Accountability 93

Security Affairs

MARCH 4, 2019

Necurs botnet is currently the second largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. ” concludes the post.

DNS 78

DNS Banking Advertising Ransomware 78

Security Affairs

NOVEMBER 29, 2019

The past months have shown that the most dangerous hacks involved DNS hijacking, which helped attackers manipulate DNS records for MITM attacks. Such threats, including traffic manipulation and DDoS attacks, will become much more frequent and effective due to the large number of insecure devices connected and wide bandwidth.

Banking 83

Banking Telecommunications Marketing Internet 83