2019, DDOS, DNS and Hacking - Cyber Security Informer

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

MAY 1, 2024

The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophisticated DNS activities since 2019 to bypass traditional security measures and probe networks worldwide.

DNS

DNS Firewall DDOS Hacking

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

The FBI issued an alert last week warning about the discovery of new network protocols that have been exploited to launch large-scale DDoS attacks. The Federal Bureau of Investigation sent an alert last week warning about large-scale distributed denial of service (DDoS) attacks that abused new network protocols. continues the report.

DDOS

DDOS IoT Internet Internet

DDoS Attack on Amazon Web Services caused intermittently outage

Security Affairs

OCTOBER 25, 2019

This week Amazon Web Services (AWS) suffered a major distributed denial-of-service (DDoS) attack that made it unavailable for some customers. This week, threat actors launched a massive DDoS attack against Amazon Web Services (AWS) causing the inability of some customers to access their AWS S3 buckets. SecurityAffairs – Amazon, DDoS).

DDOS

DDOS DNS Advertising Engineering

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH)

Security Affairs

JULY 4, 2019

The peculiarity of this new piece of malware is the ability to communicate with C2 servers via DNS over HTTPS ( DoH ). The DoH protocol was a new standard proposed in October 2018 and it is currently supported by several publicly available DNS servers. com domain. ” states the analysis. ” states the analysis.

DNS

DNS Malware Advertising DDOS

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

The experts are monitoring the Mirai-based botnet since November 2019 and observed it exploiting two Tenda router 0-day vulnerabilities to spread a Remote Access Trojan (RAT). ” When the botnet was first detected in 2019, experts noticed it was exploiting the Tenda zero-day flaw tracked as CVE-2020-10987. Pierluigi Paganini.

IoT

IoT Firmware DNS Advertising

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. SecurityAffairs – hacking, Mozi botnet). Pierluigi Paganini.

IoT

IoT DNS Manufacturing Firmware

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). ” The experts first analyzed the bot on November 21, 2019 after they received a sample from the security community. SecurityAffairs – hacking, Pink botnet).

Architecture

Architecture DDOS Advertising Firmware

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

“Fast forwarded to October 11, 2019, our Anglerfish honeypot captured another suspicious ELF sample, and it turned out to be the Downloader of the previous suspicious ELF sample.” It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more.

DDOS

DDOS System Administration Advertising DNS

Mozi infections will slightly decrease but it will stay alive for some time to come

Security Affairs

SEPTEMBER 1, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. SecurityAffairs – hacking, Mozi botnet). Pierluigi Paganini.

IoT

IoT DNS Manufacturing Passwords

Security Affairs newsletter Round 210 – News of the week

Security Affairs

APRIL 21, 2019

Attackers hacked support agent to access Microsoft Outlook email accounts. A new DDoS technique abuses HTML5 Hyperlink Audit Ping in massive attacks. Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise. CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor. Once again thank you!

Computers and Electronics

Computers and Electronics Spyware Data breaches Advertising

Trend Micro observed notable malware activity associated with the Momentum Botnet

Security Affairs

DECEMBER 18, 2019

Experts revealed details on the tools and techniques used by the botnet to compromise Linux devices and recruit them in launching distributed denial-of-service (DDoS) attacks. The C&C servers were live as recently as November 18 2019.” ” reads the analysis published by TrendMicro. ” concludes the analysis.

Malware

Malware DDOS DNS Advertising

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. In December, Canada’s Laurentian University reported a DDoS attack. In early October, a DDoS attack was reported by the PUBG Mobile team.

DDOS

DDOS Cryptocurrency Marketing Internet

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

31, 2019, Rezvesz said his company recently was the subject of an international search warrant executed jointly by the Royal Canadian Mounted Police (RCMP) and the Canadian Radio-television and Telecommunications Commission (CRTC). In an “official press release” posted to pastebin.com on Mar. 2017 analysis of the RAT.

Advertising

Advertising Malware Marketing Software

How to Mitigate DDoS Attacks with Log Analytics

CyberSecurity Insiders

APRIL 30, 2021

Is your organization prepared to mitigate Distributed Denial of Service (DDoS) attacks against mission-critical cloud-based applications? A DDoS attack is a cyber attack that uses bots to flood the targeted server or application with junk traffic, exhausting its resources and disrupting service for real human users. Source: Testbytes.

DDOS

DDOS Cyber Attacks DNS Threat Detection

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. As for 2019, it has become the year of covert military operations in cyberspace.

Banking

Banking Telecommunications Marketing Internet

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). The group uses various malware families, including Wroba, and attack methods that include phishing, mining, smishing and DNS poisoning. Lapsus$ group hacks Okta.

Phishing

Phishing Spyware Firmware Malware

Episode 161: 3 Years after Mirai, IoT DDoS Problem may get Worse

The Security Ledger

SEPTEMBER 9, 2019

Three years after the Mirai botnet launched some of the biggest denial of service attacks ever seen, DDoS is a bigger problem and ever. Three years after the Mirai botnet launched some of the biggest denial of service attacks ever seen, DDoS is a bigger problem and ever. In this podcast, we speak with Hardik Modi, the senior director.

DDOS

DDOS IoT Internet Internet

[SI-LAB] #OpJerusalem 2019 – JCry ransomware is now infecting Windows users

Security Affairs

MARCH 6, 2019

The new ransomware dubbed JCry (extension used to rename encrypted files.jcry ) is part of the OpIsrael 2019 — an annual coordinated cyber attack against the Israeli government and private websites created with the stated goal of “erasing Israel from the Internet” in protest against the Israeli government’s conduct in the Israel-Palestine conflict.

Ransomware

Ransomware Encryption Malware Cyber Attacks

[SI-LAB] #OpJerusalem 2019 – JCry ransomware is now infecting Windows users

Security Affairs

MARCH 6, 2019

The new ransomware dubbed JCry (extension used to rename encrypted files.jcry ) is part of the OpIsrael 2019 — an annual coordinated cyber attack against the Israeli government and private websites created with the stated goal of “erasing Israel from the Internet” in protest against the Israeli government’s conduct in the Israel-Palestine conflict.

Ransomware

Ransomware Encryption Malware Cyber Attacks

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1834 — French Telegraph System — A pair of thieves hack the French Telegraph System and steal financial market information, effectively conducting the world’s first cyberattack. 1870 — Switchboard Hack — A teenager hired as a switchboard operator is able to disconnect and redirect calls and use the line for personal usage. .

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Cyber Security Informer

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Webinars

Trending Sources

DDoS Attack on Amazon Web Services caused intermittently outage

Webinars

Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH)

New Ttint IoT botnet exploits two zero-days in Tenda routers

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Roboto, a new P2P botnet targets Linux Webmin servers

Mozi infections will slightly decrease but it will stay alive for some time to come

Security Affairs newsletter Round 210 – News of the week

Trend Micro observed notable malware activity associated with the Momentum Botnet

DDoS attacks in Q4 2020

Canadian Police Raid ‘Orcus RAT’ Author

How to Mitigate DDoS Attacks with Log Analytics

Group-IB presents its annual report on global threats to stability in cyberspace

IT threat evolution Q1 2022

Episode 161: 3 Years after Mirai, IoT DDoS Problem may get Worse

[SI-LAB] #OpJerusalem 2019 – JCry ransomware is now infecting Windows users

[SI-LAB] #OpJerusalem 2019 – JCry ransomware is now infecting Windows users

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Stay Connected