2020, DDOS and Information Security - Cyber Security Informer

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Security Affairs

OCTOBER 11, 2023

A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. Below is the list of exploit payloads added to the bot: D-Link: CVE-2015-1187 , CVE-2016-20017 , CVE-2020-25506 , and CVE-2021-45382. ” concludes the analysis.

DDOS

DDOS Wireless Architecture IoT

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

eSecurity Planet

JANUARY 28, 2022

Microsoft in November fended off a massive distributed denial-of-service (DDoS) attack in its Azure cloud that officials said was the largest ever recorded, the latest in a wave of record attacks that washed over the IT industry in the second half of 2021. Also read: How to Stop DDoS Attacks: 6 Tips for Fighting DDoS Attacks.

DDOS

DDOS IoT Engineering DNS

Dutch police warn customers of a popular DDoS booter service

Security Affairs

OCTOBER 13, 2021

Dutch police warn customers of a distributed denial-of-service (DDoS) website of stopping using the service to avoid prosecution. Dutch police warn customers of a booter service, abused to carry out distributed denial-of-service (DDoS) attacks, of to stop using it to avoid prosecution. by carrying out DDoS attacks on March 19.

DDOS

DDOS Cybercrime IoT Hacking

Microsoft mitigated a record 2.4 Tbps DDoS attack in August

Security Affairs

OCTOBER 12, 2021

Microsoft Azure cloud service mitigated a massive DDoS attack of 2.4 terabytes per second (Tbps) at the end of August, it is the largest DDoS attack to date. terabytes per second (Tbps) DDoS attack at the end of August, it represents the largest DDoS attack recorded to date. ” reads the post published by Microsoft.

DDOS

DDOS Internet Internet Hacking

DDoS amplify attack targets Citrix Application Delivery Controllers (ADC)

Security Affairs

DECEMBER 24, 2020

Citrix confirmed that a DDoS attack is targeting Citrix Application Delivery Controller (ADC) networking equipment. The threat actors are using the Datagram Transport Layer Security (DTLS) protocol as an amplification vector in attacks against Citrix appliances with EDT enabled. — Marius Sandbu (@msandbu) December 20, 2020.

DDOS

DDOS System Administration VPN Authentication

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020.

Cybercrime

Cybercrime Ransomware DDOS Encryption

T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

Security Affairs

JUNE 16, 2020

Wireless carrier T-Mobile suffered a major outage in the United States, that impacted service at other carriers, due to a “massive” DDoS attack. Wireless carrier T-Mobile suffered a massive DDoS attack that caused a major outage in the United States that impacted service at other carriers due to a “massive” DDoS attack.

DDOS

DDOS Mobile Wireless Advertising

Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date

Security Affairs

NOVEMBER 15, 2021

Cloudflare announced to have mitigated a distributed denial-of-service (DDoS) attack that peaked at almost 2 terabytes per second (Tbps). is an American web infrastructure and website security company that provides content delivery network and DDoS mitigation services. SecurityAffairs – hacking, DDoS). Cloudflare, Inc.

DDOS

DDOS DNS IoT Internet

HelloKitty ransomware gang also targets victims with DDoS attacks

Security Affairs

NOVEMBER 1, 2021

According to the alert, the ransomware gang is launching distributed denial-of-service (DDoS) attacks as part of its extortion activities. In some cases, if the victim does not respond quickly or does not pay the ransom, the threat actors will launch a Distributed Denial of Service (DDoS) attack on the victim company’s public facing website.”

DDOS

DDOS Ransomware Cybercrime Encryption

Akamai mitigated the largest ever PPS DDoS attack

Security Affairs

JUNE 25, 2020

Akamai announced to have mitigated a record distributed denial-of-service (DDoS) attack that hit a European bank. Akamai revealed that a bank in Europe was hit by a massive distributed denial-of-service (DDoS) attack that peaked a record 809 million packets per second (PPS). SecurityAffairs – hacking, DDoS). RPS, which is 2.7

DDOS

DDOS Banking Advertising Hacking

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

FEBRUARY 9, 2020

local time (08:15 UTC); real-time network data show national connectivity fall to 75% after authorities reportedly activated "Digital Fortress" isolation mechanism; incident ongoing [link] pic.twitter.com/bsETg1Sfxb — NetBlocks.org (@netblocks) February 8, 2020. link] — Khosro Kalbasi (@KhosroKalbasi) February 8, 2020.

DDOS

DDOS Internet Internet Telecommunications

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

Security Affairs

APRIL 28, 2020

Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. Just like many other DDoS attacks we have seen in the past against Azeri media, the attacker monitors the success of the floods using the HostTracker service.

DDOS

DDOS Media VPN Advertising

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Security Affairs

JUNE 26, 2020

Upon infecting a system the bot turns it into a cryptomining client and could use it to launch distributed denial-of-service (DDoS) attacks. The malware author named the bot Satan DDoS, but Palo Alto Network’s Unit42 researchers dubbed it Lucifer because there’s another malware with the same name, the Satan Ransomware.

DDOS

DDOS Malware Advertising Passwords

Major blackouts across Puerto Rico. Are the DDoS and the fire linked?

Security Affairs

JUNE 14, 2021

The same day the blackout took place, the company announced that a major DDoS attack disrupted its online services. LUMA descubrió un ataque de denegación de servicio distribuido (DDoS, por sus siglas en inglés) dirigido al portal de clientes y la aplicación móvil Mi LUMA. Are the DDoS and the fire linked? ” reported NPR.

DDOS

DDOS Mobile Hacking Accountability

DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. c25e6559668942[.]xyz.

Malware

Malware DDOS Hacking Cybercrime

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

Security Affairs

AUGUST 4, 2022

Major Taiwan government websites were temporarily forced offline by distributed denial of service (DDoS) attacks attacks during the visit to Taipei of US House Speaker Nancy Pelosi. The post Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit appeared first on Security Affairs. Pierluigi Paganini.

DDOS

DDOS Government Cyber Attacks Hacking

Analysis of the 2020 Verizon Data Breach Report

Daniel Miessler

MAY 19, 2020

TOPIC: In this episode, Daniel takes a look at the 2020 Verizon Data Breach Investigations Report. DDoS is way up, both in numbers of attacks and the weight of them. He looks at the key findings and talks about what they might mean to us going forward. The newsletter serves as the show notes for the podcast. The Dataviz Game on Point.

Data breaches

Data breaches Phishing Malware Hacking

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. In May 2020, Zipper told another Lolzteam member that quot[.]pw pw was their domain.

Scams

Scams DDOS Cryptocurrency Accountability

Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS

DDOS Cybercrime Spyware Malware

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Krebs on Security

MARCH 7, 2022

In 2020, researchers from Athens University School of Information Sciences and Technology in Greece showed (PDF) how ransomware-as-a-service offerings might one day be executed through smart contracts. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., We release ddos.

Ransomware

Ransomware Cryptocurrency DDOS Scams

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

.” In June 2021, researchers from Avast warned of the rapid growth of the DirtyMoe botnet ( PurpleFox , Perkiler , and NuggetPhantom ), which passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

Malware

Malware Internet Internet DDOS

Necro botnet now targets Visual Tools DVRs

Security Affairs

OCTOBER 12, 2021

The botnet appeared on the threat landscape in November 2020, the attacks aimed at compromising the target systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaigns. from visual-tools.com. CVE-2021-2900 – Genexis PLATINUM 4410 2.1 P4410-V2-1.28

DDOS

DDOS Surveillance Hacking Internet

FreakOut botnet target 3 recent flaws to compromise Linux devices

Security Affairs

JANUARY 19, 2021

The botnet appeared in the threat landscape in November 2020, in some cases the attacks leveraged recently disclosed vulnerabilities to inject OS commands. CVE-2020-7961 – Java unmarshalling flaw via JSONWS in Liferay Portal (in versions prior to 7.2.1 CE GA2) (disclosed on March 20, 2020).

DDOS

DDOS DNS Malware Internet

Abcbot and Xanthe botnets have the same origin, experts discovered

Security Affairs

JANUARY 10, 2022

Experts linked the C2 infrastructure behind an the Abcbot botnet to a cryptocurrency-mining botnet attack that was uncovered in December 2020. Experts linked the infrastructure used by the Abcbot DDoS botnet to the operations of a cryptocurrency-mining botnet that was uncovered in December 2020.

Cryptocurrency

Cryptocurrency DDOS Malware Software

Puerto Rico was hit by a major cyberattack

Security Affairs

JANUARY 27, 2022

The same day the blackout took place, the company announced that a major DDoS attack disrupted its online services. It is still unclear whether the fire and DDoS attack are connected. In October 2020, Puerto Rico’s firefighting department disclosed a security breach , hackers breached its database and demanded a $600,000 ransom.

Energy and Utilities

Energy and Utilities DDOS Internet Internet

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

Malware

Malware DDOS IoT Cybercrime

Google warned users of 33,015 nation-state attacks since January

Security Affairs

OCTOBER 17, 2020

Google delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of attacks from nation-state actors. Google delivered 33,015 alerts to its users during the first three quarters of 2020 to warn them of phishing attacks, launched by nation-state actors, targeting their accounts.

DDOS

DDOS Phishing Advertising Accountability

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

Once the attacker gains control of a vulnerable device in this manner, they could take advantage by including the newly compromised devices in their botnet to conduct further attacks such as DDoS.” ” concludes the report. “Therefore, it is highly recommended that patches and updates are applied when possible.”

IoT

IoT DDOS Encryption Malware

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The Go-based botnet spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT

IoT DDOS Malware Firmware

FBI arrested a Russian national for recruiting employee of US firm to plant malware

Security Affairs

AUGUST 26, 2020

22, 2020, in Los Angeles and had his initial appearance before U.S. “According to the complaint and statements made in court, from about July 15, 2020 to about Aug. 22, 2020, Kriuchkov conspired with associates to recruit an employee of a company to introduce malware.” He was arrested on Aug. MacKinnon in U.S.

Malware

Malware DDOS Advertising Hacking

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

DirtyMoe is a Windows botnet that is rapidly growing, it passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018.

DNS

DNS Cryptocurrency Internet Internet

Russia-linked Fronton botnet could run disinformation campaigns

Security Affairs

MAY 23, 2022

Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. In March 2020, the collective of hacktivists called “ Digital Revolution ” claimed to have hacked a subcontractor to the Russian FSB.

DDOS

DDOS Media Hacking Engineering

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. .” The vulnerability was detailed in July 2020 by the security researchers Sanjana Sarda.

IoT

IoT Firmware DNS Advertising

Security Affairs newsletter Round 282

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Ransomware Data breaches Advertising

Threat actors target K-12 distance learning education, CISA and FBI warn

Security Affairs

DECEMBER 11, 2020

The number of attacks surged at the beginning of the 2020 school year. Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year.” ” “ reads the alert issued by CISA. ” states the alert.

Education

Education Ransomware Cyber Attacks DDOS

German police identified a gang that stole €4 million via phishing attacks

Security Affairs

OCTOBER 2, 2022

The phishing campaigns were conducted between October 3, 2020, and May 29, 2021, the gang sent to the victims messaging posing as coming from German banks. According to the German BKA, the suspects also carried out DDoS (distributed denial of service) attackers against the banks to cover up their fraudulent activities.

Phishing

Phishing Banking DDOS Accountability

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

According to the DHS, threat actors will likely interfere with the upcoming 2020 US Presidential election, as well as to compromise the 2020 US Census. ” reads the DHS HTA. ” reads the DHS HTA. The report mentions multiple attempts of gaining access to systems on the US Census network.

Government

Government Advertising Data collection Hacking

We infiltrated an IRC botnet. Here’s what we found

Security Affairs

NOVEMBER 19, 2020

Infiltrating a cybercriminal operation can provide valuable data about different types of malicious activities, including DDoS attacks , malware distribution, and more. This really piqued our interest, because IRC botnets, while relatively widespread in the past, are considered a rarity in 2020. How we found the IRC botnet.

DDOS

DDOS IoT Malware Internet

Hackers, nation-states target US black community to commit fraud, sow division

SC Magazine

MARCH 3, 2021

DDoS attacks are an issue. The official BlackLivesMatter (BLM) website has been repeatedly targeted by distributed denial-of-service (DDoS) attacks following its registration in late 2014. Cyberattacks increase after major racial incidents.

DDOS

DDOS Cybersecurity Education Cyber threats

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers. Experts believe that vulnerability impacting Comtrend routers will likely be exploited by other DDoS botnets.

IoT

IoT Advertising DDOS Authentication

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

Security Affairs

JUNE 15, 2021

Researchers from AT&T Alien Lab have spotted a new variant of the Mirai botnet, tracked asu Moobot, which was scanning the Internet for the CVE-2020-10987 remote code-execution (RCE) issue in Tenda routers. cc, further investigations allowed the researchers to date some of the campaigns back at least to May 2020.

Malware

Malware Internet Internet DDOS

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). On 2020-01-02, CNCERT reported that “the number of Bot node IP addresses associated with this botnet exceeds 5 million. million devices.

Architecture

Architecture DDOS Advertising DNS

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. Are Maze operators behind the attack on the IT services giant Cognizant? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Hacking Advertising Antivirus

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

Trending Sources

Dutch police warn customers of a popular DDoS booter service

Microsoft mitigated a record 2.4 Tbps DDoS attack in August

DDoS amplify attack targets Citrix Application Delivery Controllers (ADC)

Enemybot, a new DDoS botnet appears in the threat landscape

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date

HelloKitty ransomware gang also targets victims with DDoS attacks

Akamai mitigated the largest ever PPS DDoS attack

Massive DDoS attack brought down 25% Iranian Internet connectivity

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Major blackouts across Puerto Rico. Are the DDoS and the fire linked?

DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

Analysis of the 2020 Verizon Data Breach Report

Interview With a Crypto Scam Investment Spammer

Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Conti Ransomware Group Diaries, Part IV: Cryptocrime

PurpleFox malware infected at least 2,000 computers in Ukraine

Necro botnet now targets Visual Tools DVRs

FreakOut botnet target 3 recent flaws to compromise Linux devices

Abcbot and Xanthe botnets have the same origin, experts discovered

Puerto Rico was hit by a major cyberattack

EnemyBot malware adds new exploits to target CMS servers and Android devices

Google warned users of 33,015 nation-state attacks since January

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

A new Zerobot variant spreads by exploiting Apache flaws

FBI arrested a Russian national for recruiting employee of US firm to plant malware

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Russia-linked Fronton botnet could run disinformation campaigns

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs newsletter Round 282

Threat actors target K-12 distance learning education, CISA and FBI warn

German police identified a gang that stole €4 million via phishing attacks

Hackers targeted the US Census Bureau network, DHS report warns

We infiltrated an IRC botnet. Here’s what we found

Hackers, nation-states target US black community to commit fraud, sow division

New Mirai variant includes exploit for a flaw in Comtrend Routers

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs newsletter Round 261

Stay Connected