Security Affairs

AUGUST 20, 2021

Web infrastructure and website security company Cloudflare announced to have mitigated the largest ever volumetric DDoS attack to date. Cloudflare, the web infrastructure and website security company, announced that it has mitigated the largest ever volumetric distributed denial of service (DDoS) attack to date.

DDOS 122

DDOS Telecommunications Internet Internet 122

Security Affairs

DECEMBER 8, 2021

The Mirai -based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260 , in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware.

Firmware 122

Firmware DDOS Malware IoT 122

Security Affairs

FEBRUARY 24, 2022

Cybersecurity experts discovered a new data wiper malware that was used in attacks against hundreds of machines in Ukraine. Researchers from cybersecurity firms ESET and Broadcom’s Symantec discovered a new data wiper malware that was employed in a recent wave of attacks that hit hundreds of machines in Ukraine.

Malware 116

Malware DDOS Banking Government 116

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Experts pointed out that the malware is being actively developed.

Malware 142

Malware DDOS IoT Cybercrime 142

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.”

DDOS 84

DDOS Digital transformation Malware Advertising 84

Security Affairs

JANUARY 26, 2023

Experts warn of a spike in the attacks that between August and October 2022 attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394). Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE ( CVE-2021-35394 ) (CVSS score 9.8)

DDOS 93

DDOS IoT Manufacturing Malware 93

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 203

Malware VPN Internet Internet 203

Security Affairs

JUNE 22, 2021

DirtyMoe is a Windows botnet that is rapidly growing, it passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

DNS 128

DNS Cryptocurrency Internet Internet 128

Security Affairs

OCTOBER 16, 2021

The operators behind the infamous TrickBot (ITG23 and Wizard Spider) malware have resurfaced with new distribution channels to deliver malicious payloads, such as Conti ransomware. “As of mid-2021, X-Force observed ITG23 partner with two additional malware distribution affiliates — Hive0106 (aka TA551) and Hive0107. .

Malware 103

Malware Cybercrime DDOS Social Engineering 103

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020.

Cybercrime 119

Cybercrime Ransomware DDOS Encryption 119

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa. SecurityAffairs – hacking, African Cyberthreat Assessment Report 2021).

Cybercrime 79

Cybercrime Scams DDOS Banking 79

Security Affairs

APRIL 3, 2023

FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. The ShellBot , also known as PerlBot, is a Perl-based DDoS bot that uses IRC protocol for C2 communications. ” concludes the report.

DDOS 82

DDOS Malware Hacking Education 82

Security Affairs

MAY 18, 2021

Uptycs’ threat research team discovered a new botnet, tracked as Simps botnet, attributed to Keksec group, which is focused on DDOS activities. Uptycs’ threat research team has discovered a new Botnet named ‘Simps’ attributed to Keksec group primarily focussed on DDOS activities. Discovery of Simps Botnet. see Figure 7).

DDOS 130

DDOS Malware Architecture IoT 130

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 88

DDOS Cybercrime Spyware Malware 88

Security Affairs

APRIL 2, 2022

Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. CVE-2017-17215 targets Huawei HG532 routers.

DDOS 85

DDOS Firmware Surveillance IoT 85

Security Affairs

DECEMBER 22, 2022

Zerobot operators are offering the botnet as a malware-as-a-service model, one domain (zerostresser[.]com) com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT 116

IoT DDOS Malware Firmware 116

Security Affairs

JANUARY 14, 2022

The gang was targeting organizations via spam campaigns to spread ransomware, however, the police did not disclose the malware family used by the group in its attacks. The group was also carrying out DDoS attacks to paralyze the networks of the victims and force them to pay the ransom. ” continues the press release.

Ransomware 113

Ransomware DDOS Telecommunications Malware 113

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. “Consider salaries in Russia,” Quotpw said. billion last year.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

JUNE 15, 2022

Privacy Affairs published the Dark Web Index, an analysis of prices for illegal services/products available in the black marketplaces and related to the period between February 2021 and June 2022. The document updates the information provided in the Dark Web Index 2022 report. verified account goes for $170 ($710 in 2021).

Identity Theft 93

Identity Theft Accountability DDOS Cybercrime 93

Security Affairs

MAY 23, 2022

Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. This release noted that DDoS “is only one of the many capabilities of the system.” “Nisos research focused on the distribution of the numerous content types.

DDOS 113

DDOS Media Hacking Engineering 113

Security Affairs

JULY 14, 2023

A new malware dubbed AVrecon targets small office/home office (SOHO) routers, it infected over 70,000 devices from 20 countries. Lumen Black Lotus Labs uncovered a long-running hacking campaign targeting SOHO routers with a strain of malware dubbed AVrecon. “Based on information associated with their x.509

Malware 81

Malware Advertising Cybercrime Passwords 81

Security Affairs

MARCH 22, 2023

The report covers incidents in aviation, maritime, railway, and road transport industries between January 2021 and October 2022. The report warns that hacktivist activity targeting the transport sector, including DDoS attacks, is likely to continue. Most of the attacks on the transport sector (54%) are carried out by cybercriminals.

Ransomware 83

Ransomware DDOS Cyber threats Phishing 83

Security Affairs

NOVEMBER 30, 2021

Researchers have identified 3 versions of the malware, the bot was mainly used to launch DDoS attacks ad to establish a backdoor on infected devices to gather sensitive information, such as call logs. ” reads the analysis published by Qihoo 360. .” ” continues the report.

DDOS 133

DDOS Backups Engineering Encryption 133

Security Affairs

DECEMBER 21, 2021

Uptycs researchers have observed attacks related to miners, DDOS malware and some variants of ransomware actively leveraging LogforShell flaw in log4j. So far we have observed attacks related to coinminers, DDOS malware and some variants of ransomware actively leveraging this vulnerability. DDoS botnet payloads.

DDOS 89

DDOS Malware Ransomware Cryptocurrency 89

Security Affairs

MAY 1, 2022

TB of Russian data Apr 17 – Apr 23 Ukraine – Russia the silent cyber conflict. TB of Russian data Apr 17 – Apr 23 Ukraine – Russia the silent cyber conflict. TB of Russian data Apr 17 – Apr 23 Ukraine – Russia the silent cyber conflict.

DDOS 69

DDOS Surveillance Hacking Ransomware 69

Security Affairs

MARCH 19, 2022

. “As a result, AvosLocker indicators of compromise (IOCs) vary between indicators specific to AvosLocker malware and indicators specific to the individual affiliate responsible for the intrusion.” In some cases, the gang also threatened and conducted distributed denial-of-service (DDoS) attacks during negotiations.

Ransomware 98

Ransomware DDOS Passwords Backups 98

Security Affairs

JANUARY 19, 2021

The attacks aimed at compromising the tarted systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaign. CVE-2021-3007 – deserialization flaw that affects the Zend Framework (disclosed on January 3, 2021).

DDOS 139

DDOS DNS Malware Internet 139

Security Affairs

SEPTEMBER 7, 2022

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. ” At the time of the analysis, the C2 server was offline. Pierluigi Paganini.

DDOS 102

DDOS Encryption Passwords Hacking 102

Security Affairs

AUGUST 23, 2022

Security researchers from CYFIRMA have discovered over 80,000 Hikvision cameras affected by a critical command injection vulnerability tracked as CVE-2021-36260. The Chinese vendor addressed the issue in September 2021, but tens of thousands of devices are yet to be patched. wrote the expert. “.

Hacking 115

Hacking Firmware Internet Internet 115

Security Affairs

DECEMBER 18, 2022

years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M Samba addressed multiple high-severity vulnerabilities Former Twitter employee sentenced to 3.5

Data breaches 92

Data breaches Hacking DDOS VPN 92

Security Affairs

OCTOBER 12, 2021

The POC exploit code for this vulnerability is publicly available since July 2021. The botnet appeared on the threat landscape in November 2020, the attacks aimed at compromising the target systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaigns.

DDOS 95

DDOS Surveillance Hacking Internet 95

Security Affairs

JULY 31, 2022

increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? and Blackmatter ransomware U.S. and Blackmatter ransomware U.S. and Blackmatter ransomware U.S.

Firmware 71

Firmware Surveillance Malware DDOS 71

Security Affairs

JANUARY 5, 2022

Threat actors continue to attempt to exploit Apache Log4J vulnerabilities in their campaigns to deploy malware on target systems, Microsoft warns. We have observed many existing attackers adding exploits of these vulnerabilities in their existing malware kits and tactics, from coin miners to hands-on-keyboard attacks.”

DNS 101

DNS Malware DDOS Cryptocurrency 101

Security Affairs

FEBRUARY 7, 2021

Hackers abuse Plex Media servers for DDoS amplification attacks TeamTNT group uses Hildegard Malware to target Kubernetes Systems Experts found critical flaws in Realtek Wi-Fi Module Packaging giant WestRock is still working to resume after recent Ransomware Attack Watch out! The Great Suspender Chrome extension contains Malware.

DDOS 66

DDOS Firewall Ransomware Encryption 66

Security Affairs

FEBRUARY 24, 2022

Yesterday, researchers from cybersecurity firms ESET and Broadcom’s Symantec discovered a new data wiper malware that was employed in a recent wave of attacks that hit hundreds of machines in Ukraine. The malicious binary was signed using a code signing certificate issued to Hermetica Digital Ltd. .”

Ransomware 92

Ransomware DDOS Malware Cyber Attacks 92

Security Affairs

JANUARY 3, 2023

Experts warn of a new malware campaign using sensitive information stolen from a bank as a lure to spread the remote access trojan BitRAT. Qualys experts spotted a new malware campaign spreading a remote access trojan called BitRAT using sensitive information stolen from a bank as a lure in phishing messages. Keylogging.

Banking 89

Banking Malware Phishing DDOS 89

Security Affairs

DECEMBER 11, 2020

Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year.” CISA and the FBI also warn of commodity malware that was employed in opportunistic attacks aimed at US K-12 organizations. ” “ reads the alert issued by CISA.

Education 123

Education Ransomware Cyber Attacks DDOS 123