Security Affairs

MARCH 7, 2021

The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. Malware #Ransomware #REvil REvil Ransomware launched a service for contact to news media, companies for the best pressure at no cost, and DDoS (L3, L7) as a paid service.

DDOS 134

DDOS Ransomware Media Malware 134

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing 98

Marketing Cybercrime DDOS Internet 98

Security Affairs

NOVEMBER 10, 2023

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. “ To be clear, there was no Cloudflare breach.

DDOS 129

DDOS Cryptocurrency Accountability Media 129

Security Affairs

JUNE 2, 2021

Group-IB discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum. The database supposedly contains information about DDoS-Guard’s customers, including their names, IP-addresses, and payment information. They were almost impossible to take down.

DDOS 105

DDOS Cybercrime Authentication Accountability 105

Security Affairs

DECEMBER 8, 2021

The Mirai -based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260 , in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware.

Firmware 120

Firmware DDOS Malware IoT 120

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” 35) on port 6666.

DDOS 83

DDOS Digital transformation Malware Advertising 83

Krebs on Security

MARCH 7, 2022

In 2020, researchers from Athens University School of Information Sciences and Technology in Greece showed (PDF) how ransomware-as-a-service offerings might one day be executed through smart contracts. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., We release ddos.

Ransomware 217

Ransomware Cryptocurrency DDOS Scams 217

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 87

DDOS Cybercrime Spyware Malware 87

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. A DIRECT QUOT The domain quot[.]pw I waited until it expired and forgot to buy it.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. ” reads the post published by IBM X-Force.

Malware 102

Malware Cybercrime DDOS Social Engineering 102

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Upon installing the threat, the bot drops a file in /tmp/.pwned

Malware 141

Malware DDOS IoT Cybercrime 141

Security Affairs

JUNE 15, 2022

Privacy Affairs published the Dark Web Index, an analysis of prices for illegal services/products available in the black marketplaces and related to the period between February 2021 and June 2022. The document updates the information provided in the Dark Web Index 2022 report. verified account goes for $170 ($710 in 2021).

Identity Theft 92

Identity Theft Accountability DDOS Cybercrime 92

Security Affairs

JANUARY 14, 2022

The group was also carrying out DDoS attacks to paralyze the networks of the victims and force them to pay the ransom. The gang was targeting organizations via spam campaigns to spread ransomware, however, the police did not disclose the malware family used by the group in its attacks.

Ransomware 112

Ransomware DDOS Telecommunications Malware 112

Security Affairs

APRIL 3, 2023

FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. The ShellBot , also known as PerlBot, is a Perl-based DDoS bot that uses IRC protocol for C2 communications. also support backdoor capabilities.

DDOS 81

DDOS Malware Hacking Education 81

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime 125

Cybercrime Hacking Mobile DDOS 125

Krebs on Security

JULY 25, 2023

In a report released July 12, researchers at Lumen’s Black Lotus Labs called the AVrecon botnet “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history,” and a crime machine that has largely evaded public attention since first being spotted in mid-2021. com, super-socks[.]com,

Malware 203

Malware VPN Internet Internet 203

Security Affairs

APRIL 2, 2022

Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. CVE-2017-17215 targets Huawei HG532 routers.

DDOS 84

DDOS Firmware Surveillance IoT 84

Security Affairs

SEPTEMBER 7, 2022

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. ” At the time of the analysis, the C2 server was offline. Pierluigi Paganini.

DDOS 101

DDOS Encryption Passwords Hacking 101

Security Affairs

OCTOBER 12, 2021

The POC exploit code for this vulnerability is publicly available since July 2021. The botnet appeared on the threat landscape in November 2020, the attacks aimed at compromising the target systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaigns.

DDOS 94

DDOS Surveillance Hacking Internet 94

Security Affairs

MAY 9, 2021

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S.

Data breaches 87

Data breaches DDOS VPN Hacking 87

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 86

Data breaches Cybercrime Ransomware Passwords 86

Security Affairs

DECEMBER 15, 2021

.” The HelloKitty gang has been active since January 2021 and it is still active. According to the alert, the ransomware gang is launching distributed denial-of-service (DDoS) attacks as part of its extortion activities. The ransomware gang targets their victims’ websites with DDoS attacks if they refuse to pay the ransom.

Ransomware 88

Ransomware Data breaches DDOS Healthcare 88

Security Affairs

DECEMBER 22, 2022

com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The Go-based botnet spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT 115

IoT DDOS Malware Firmware 115

Security Affairs

FEBRUARY 24, 2022

This follows the DDoS attacks against several Ukrainian websites earlier today 1/n — ESET research (@ESETresearch) February 23, 2022. According to the security firm, the infections followed the DDoS attacks against several Ukrainian websites, including Ministry of Foreign Affairs, Cabinet of Ministers, and Rada.

Malware 115

Malware DDOS Banking Government 115

Security Affairs

NOVEMBER 20, 2021

The post Security Affairs newsletter Round 341 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Banking 67

Banking Small Business Data breaches Firmware 67

Security Affairs

JULY 14, 2023

The malware was spotted the first time in May 2021, but has been operating under the radar for more than two years. “Based on information associated with their x.509 509 certificates, we assess that some of these second stage C2s have been active since at least October 2021. ” continues the report.

Malware 80

Malware Advertising Cybercrime Passwords 80

SecureList

NOVEMBER 8, 2021

Q3 2021 brought two new DDoS attack vectors, potentially posing a serious threat, including for major web resources. ris , a new botnet capable of carrying out powerful DDoS attacks. For instance, a DDoS attack on a Cloudflare customer (attributed to M?ris) We won't let our #DDoS stop us doing what we love!

DDOS 109

DDOS Marketing Cryptocurrency IoT 109

Security Affairs

FEBRUARY 27, 2022

February 19 – White House and UK Gov attribute DDoS attacks on Ukraine to Russia’s GRU. The White House has linked the recent DDoS attacks against Ukraine ‘s banks and defense agencies to Russia’s GRU. Ukraine ‘s defense agencies and two state-owned banks were hit by Distributed Denial-of-Service (DDoS) attacks.

DDOS 87

DDOS Banking Phishing Ransomware 87

Security Affairs

OCTOBER 2, 2022

The phishing campaigns were conducted between October 3, 2020, and May 29, 2021, the gang sent to the victims messaging posing as coming from German banks. According to the German BKA, the suspects also carried out DDoS (distributed denial of service) attackers against the banks to cover up their fraudulent activities.

Phishing 90

Phishing Banking DDOS Accountability 90

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN.

Ransomware 97

Ransomware DDOS Passwords Backups 97

Security Affairs

MARCH 22, 2023

The report covers incidents in aviation, maritime, railway, and road transport industries between January 2021 and October 2022. The report warns that hacktivist activity targeting the transport sector, including DDoS attacks, is likely to continue. Most of the attacks on the transport sector (54%) are carried out by cybercriminals.

Ransomware 82

Ransomware DDOS Cyber threats Phishing 82

Security Affairs

JUNE 20, 2021

Are the DDoS and the fire linked?

Data breaches 99

Data breaches DDOS Small Business Ransomware 99

Security Affairs

APRIL 3, 2021

The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. Over the months Avaddon ransomware operators continued to promote their services in cybercrime forums to recruit more people to the network of its affiliates. ” concludes the report.

Ransomware 96

Ransomware Encryption Malware Cybercrime 96

Security Affairs

DECEMBER 18, 2022

years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M Samba addressed multiple high-severity vulnerabilities Former Twitter employee sentenced to 3.5

Data breaches 91

Data breaches Hacking DDOS VPN 91

Security Affairs

AUGUST 22, 2021

million customers Adobe addresses two critical vulnerabilities in Photoshop Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR Kalay cloud platform flaw exposes millions of IoT devices to hack Fortinet FortiWeb OS Command Injection allows takeover servers remotely 1.9

Data breaches 99

Data breaches Mobile Ransomware DNS 99

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop?

Firmware 70

Firmware Surveillance Malware DDOS 70

Security Affairs

JANUARY 3, 2023

Qualys experts spotted a new malware campaign spreading a remote access trojan called BitRAT using sensitive information stolen from a bank as a lure in phishing messages. BitRAT is a relatively new threat advertised on underground marketplaces and forums since Feb 2021, it is offered for $20. Execution of payloads with bypasses.

Banking 88

Banking Malware Phishing DDOS 88