Security Affairs

AUGUST 20, 2021

Web infrastructure and website security company Cloudflare announced to have mitigated the largest ever volumetric DDoS attack to date. Cloudflare, the web infrastructure and website security company, announced that it has mitigated the largest ever volumetric distributed denial of service (DDoS) attack to date. So peaking at 17.2

DDOS 122

DDOS Telecommunications Internet Internet 122

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing 99

Marketing Cybercrime DDOS Internet 99

Security Affairs

MARCH 7, 2021

The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. Malware #Ransomware #REvil REvil Ransomware launched a service for contact to news media, companies for the best pressure at no cost, and DDoS (L3, L7) as a paid service.

DDOS 135

DDOS Ransomware Media Malware 135

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa. of the overall number.

Cybercrime 80

Cybercrime Scams DDOS Banking 80

Krebs on Security

SEPTEMBER 10, 2021

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. But on Thursday DDoS protection firm Qrator Labs identified the culprit — “Meris” — a new IoT monster that first emerged at the end of June 2021. In its Aug.

IoT 290

IoT DDOS Internet Internet 290

The Last Watchdog

JULY 18, 2023

July 18, 2022 – Around 30,000 websites get hacked every day , with the majority of those cyberattacks due to human error. This has projected costs associated with cybercrimes to hit the tens of trillions by 2025, highlighting the vital need for web hosts to implement staunch security. Gainesville, Fla.,

Hacking 100

Hacking DDOS Small Business Spyware 100

Security Affairs

DECEMBER 8, 2021

The Mirai -based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260 , in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware.

Firmware 121

Firmware DDOS Malware IoT 121

Security Affairs

NOVEMBER 10, 2023

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. “ To be clear, there was no Cloudflare breach.

DDOS 130

DDOS Cryptocurrency Accountability Media 130

Security Affairs

JUNE 2, 2021

Group-IB discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum. The database supposedly contains information about DDoS-Guard’s customers, including their names, IP-addresses, and payment information. The seller registered this account on exploit[.]in

DDOS 106

DDOS Cybercrime Authentication Accountability 106

Security Affairs

JUNE 25, 2023

Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition appeared first on Security Affairs.

DDOS 87

DDOS Cybercrime Spyware Malware 87

Security Affairs

MARCH 10, 2022

Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” Liberator is advertised as a DDoS tool to launch attacks against “Russian propaganda websites.” SecurityAffairs – hacking, IT Army).

DDOS 83

DDOS Digital transformation Malware Advertising 83

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. SecurityAffairs – hacking, cyber security).

Malware 103

Malware Cybercrime DDOS Social Engineering 103

Krebs on Security

MARCH 7, 2022

The victim does not have to trust the person who hacked their computer because they can verify that the smart contract will fairly handle the exchange.” We release ddos. Or a variant of a letter to the creators about the possibility of a ransom if they want the ddos ??to ” Stern wrote. Crypto falls in price.

Ransomware 217

Ransomware Cryptocurrency DDOS Scams 217

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. In May 2020, Zipper told another Lolzteam member that quot[.]pw pw was their domain.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

SEPTEMBER 27, 2021

Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data and hacking tools. Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. Some channels have 10,000s of followers.”

Cybercrime 127

Cybercrime Hacking Mobile DDOS 127

Security Affairs

JUNE 15, 2022

Privacy Affairs published the Dark Web Index, an analysis of prices for illegal services/products available in the black marketplaces and related to the period between February 2021 and June 2022. The information for a cloned Mastercard (pin included) is passed from $25 (2021) to $20. verified account goes for $170 ($710 in 2021).

Identity Theft 92

Identity Theft Accountability DDOS Cybercrime 92

Security Affairs

JANUARY 14, 2022

The group was also carrying out DDoS attacks to paralyze the networks of the victims and force them to pay the ransom. The suspects face multiple criminal charges, including money laundering, unauthorized access to computers and networks, and the creation, use, distribution, and sale of malware and hacking tools. Pierluigi Paganini.

Ransomware 113

Ransomware DDOS Telecommunications Malware 113

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. SecurityAffairs – hacking, EnemyBot). Pierluigi Paganini.

Malware 142

Malware DDOS IoT Cybercrime 142

Security Affairs

APRIL 3, 2023

FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. The ShellBot , also known as PerlBot, is a Perl-based DDoS bot that uses IRC protocol for C2 communications.

DDOS 81

DDOS Malware Hacking Education 81

Security Affairs

MAY 21, 2023

X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S. X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S.

Data breaches 86

Data breaches Cybercrime Ransomware Passwords 86

Security Affairs

MAY 9, 2021

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S. Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S. Pierluigi Paganini.

Data breaches 87

Data breaches DDOS VPN Hacking 87

Security Affairs

JUNE 20, 2021

Are the DDoS and the fire linked? SecurityAffairs – hacking, newsletter ). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. The post Security Affairs newsletter Round 319 appeared first on Security Affairs.

Data breaches 99

Data breaches DDOS Small Business Ransomware 99

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware 203

Malware VPN Internet Internet 203

Security Affairs

DECEMBER 15, 2021

. “On October 21, the FBI notified OAG that it had seized an account belonging to HelloKitty, a Ukrainian hacking group, which contained OAG patient and employee files. ” The HelloKitty gang has been active since January 2021 and it is still active. SecurityAffairs – hacking, HelloKitty ransomware).

Ransomware 88

Ransomware Data breaches DDOS Healthcare 88

Security Affairs

SEPTEMBER 7, 2022

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. SecurityAffairs – hacking, D-Link). ” concludes the report.

DDOS 102

DDOS Encryption Passwords Hacking 102

Security Affairs

APRIL 2, 2022

Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. SecurityAffairs – hacking, Beastmode botnet).

DDOS 84

DDOS Firmware Surveillance IoT 84

Security Affairs

JULY 14, 2023

Lumen Black Lotus Labs uncovered a long-running hacking campaign targeting SOHO routers with a strain of malware dubbed AVrecon. The malware was spotted the first time in May 2021, but has been operating under the radar for more than two years. “Based on information associated with their x.509 ” continues the report.

Malware 80

Malware Advertising Cybercrime Passwords 80

Security Affairs

OCTOBER 12, 2021

The POC exploit code for this vulnerability is publicly available since July 2021. The botnet appeared on the threat landscape in November 2020, the attacks aimed at compromising the target systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaigns.

DDOS 95

DDOS Surveillance Hacking Internet 95

Security Affairs

NOVEMBER 20, 2021

SecurityAffairs – hacking, newsletter). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. The post Security Affairs newsletter Round 341 appeared first on Security Affairs.

Banking 68

Banking Small Business Data breaches Firmware 68

SecureList

NOVEMBER 23, 2021

Then we will go through the key events of 2021 relating to attacks on financial organizations. Analysis of forecasts for 2021. The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. Cracking down hard on the cybercrime world.

Cryptocurrency 106

Cryptocurrency Banking Cybercrime Ransomware 106

Security Affairs

DECEMBER 22, 2022

com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The most recent variant spotted by Microsoft spreads by exploiting vulnerabilities in Apache and Apache Spark ( CVE-2021-42013 and CVE-2022-33891 respectively) and also supports new DDoS attack capabilities.

IoT 116

IoT DDOS Malware Firmware 116

Security Affairs

FEBRUARY 24, 2022

This follows the DDoS attacks against several Ukrainian websites earlier today 1/n — ESET research (@ESETresearch) February 23, 2022. According to the security firm, the infections followed the DDoS attacks against several Ukrainian websites, including Ministry of Foreign Affairs, Cabinet of Ministers, and Rada.

Malware 117

Malware DDOS Banking Government 117

Security Affairs

DECEMBER 18, 2022

SecurityAffairs – hacking, newsletter). Samba addressed multiple high-severity vulnerabilities Former Twitter employee sentenced to 3.5 years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M Samba addressed multiple high-severity vulnerabilities Former Twitter employee sentenced to 3.5

Data breaches 91

Data breaches Hacking DDOS VPN 91

SecureList

JULY 28, 2021

In terms of big news, Q2 2021 was relatively calm, but not completely eventless. For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected devices. Another new DDoS vector has yet to be harnessed by cybercriminals.

DDOS 131

DDOS DNS IoT Marketing 131

Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. But on Dec. AWM Proxy’s online storefront disappeared that same day.

Passwords 242

Passwords Malware Internet Internet 242

Security Affairs

AUGUST 22, 2021

million customers Adobe addresses two critical vulnerabilities in Photoshop Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR Kalay cloud platform flaw exposes millions of IoT devices to hack Fortinet FortiWeb OS Command Injection allows takeover servers remotely 1.9 SecurityAffairs – hacking, newsletter).

Data breaches 100

Data breaches Mobile Ransomware DNS 100

Security Affairs

FEBRUARY 27, 2022

February 19 – White House and UK Gov attribute DDoS attacks on Ukraine to Russia’s GRU. The White House has linked the recent DDoS attacks against Ukraine ‘s banks and defense agencies to Russia’s GRU. Ukraine ‘s defense agencies and two state-owned banks were hit by Distributed Denial-of-Service (DDoS) attacks.

DDOS 87

DDOS Banking Phishing Ransomware 87