2022, DDOS, Hacking and Internet - Cyber Security Informer

DDoS attacks in Q3 2022

SecureList

NOVEMBER 7, 2022

In Q3 2022, DDoS attacks were, more often than not, it seemed, politically motivated. As before, most news was focused on the conflict between Russia and Ukraine, but other high-profile events also affected the DDoS landscape this quarter. The attackers stated on Telegram that they were “testing a new DDoS method.”

DDOS

DDOS Computers and Electronics Internet Internet

DDoS attacks in Q2 2022

SecureList

AUGUST 3, 2022

Politically-motivated cyberattacks dominated the DDoS landscape in the second quarter of 2022 just as they did in the previous reporting period. The pro-Russian hacktivists Killnet, which first surfaced in January 2022, claimed responsibility for DDoS attacks on the websites of various European organizations from April through June.

DDOS

DDOS Government Marketing IoT

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. Image: SentinelOne.com.

DDOS

DDOS Internet Internet Government

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

DDoS attacks in Q1 2022

SecureList

APRIL 25, 2022

The DDoS landscape in Q1 2022 was shaped by the ongoing conflict between Russia and Ukraine: a significant part of all DDoS-related news concerned these countries. In mid-January, the website of Kyiv Mayor Vitali Klitschko was hit by a DDoS attack, and the websites of a number of Ukrainian ministries were defaced.

DDOS

DDOS Cybercrime Media Internet

Akamai blocked the largest DDoS attack ever on its European customers

Security Affairs

JULY 28, 2022

This month Akamai blocked the largest distributed denial-of-service (DDoS) attack that hit an organization in Europe. On July 21, 2022, Akamai mitigated the largest DDoS attack that ever hit one of its European customers. SecurityAffairs – hacking, DDoS). Gbps and 659.6 Mpps over 14 hours.” Gbps and 659.6

DDOS

DDOS Internet Internet Hacking

FBI seized 13 domains linked to DDoS-for-hire platforms

Security Affairs

MAY 9, 2023

DoJ announced the seizure of 13 new domains associated with DDoS-for-hire platforms as part of Operation PowerOFF. Justice Department announced the seizure of 13 domains linked to DDoS-for-hire services as part of a coordinated international law enforcement effort known as Operation PowerOFF. com, ragebooter(.)com, com, downthem(.)org

DDOS

DDOS Internet Internet Hacking

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Security Affairs

OCTOBER 11, 2023

A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. The botnet supports multiple DDoS attacks, including UDP, HTTP Flood, UDP Plain, and TCP SYN. ” reads the analysis published by Fortinet. ” concludes the analysis.

DDOS

DDOS Wireless Architecture IoT

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

Mirai Botnet launched the DDoS attack on Minecraft Server Wynncraft

CyberSecurity Insiders

OCTOBER 16, 2022

Cloudflare, a web performance and security company, revealed the news in its latest ‘DDoS Threat Report’ that included insights and trends that are being followed in the distributed denial of service attacks threat landscape in 2022. Russian Killnet Hacking group, funded by the Kremlin, is suspected of the incident.

DDOS

DDOS Threat Detection Threat Reports Internet

Mantis botnet powered the largest HTTPS DDoS attack in June

Security Affairs

JULY 14, 2022

The largest HTTPS DDoS attack recently mitigated by Cloudflare was launched by the Mantis botnet. In June 2022, DDoS mitigation firm Cloudflare announced it has mitigated the largest HTTPS DDoS attack that was launched by a botnet they have called Mantis. SecurityAffairs – hacking, Mantis). Pierluigi Paganini.

DDOS

DDOS Telecommunications Media Internet

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

At this point, it has become cliché to say that nothing in 2022 turned out the way we expected. Similarly, at the beginning of February 2022, we noticed a huge spike in the amount of activity related to Gamaredon C&C servers. Protection and continuity planning are of utmost importance for this communications infrastructure.

DDOS

DDOS Ransomware Government Energy and Utilities

The largest Russian bank Sberbank hit by a massive DDoS attack

Security Affairs

NOVEMBER 9, 2023

The largest and oldest bank in Russia Sberbank faced the record-breaking DDoS attack that reached 1 million RPS. Sberbank , the Russian banking and financial services giant, announced that it was recently hit by a record-breaking distributed denial of service (DDoS) attack that reached 1 million RPS.

DDOS

DDOS Banking Cyber Attacks Financial Services

SLP flaw allows DDoS attacks with an amplification factor as high as 2200 times

Security Affairs

APRIL 25, 2023

A flaw in the Service Location Protocol (SLP), tracked as CVE-2023-29552, can allow to carry out powerful DDoS attacks. impacting the Service Location Protocol ( SLP ) can be exploited by threat actors to conduct powerful volumetric DDoS attacks. A high-severity security vulnerability (CVE-2023-29552, CVSS score: 8.6)

DDOS

DDOS Internet Internet Firewall

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

Upon compromising the IP camera, an attacker can also use the hacked device to access internal networks posing a risk to the infrastructure that use the devices. Since its public disclosure, two exploits for CVE-2021-36260 were publicly released, in October 2021 and in February 2022 respectively. Pierluigi Paganini.

Hacking

Hacking Firmware Internet Internet

OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death

Security Affairs

SEPTEMBER 25, 2022

The authorities claimed Amini died of natural causes after suffering heart failure while it was at the police station, but citizens don’t believe this is the truth and moved the protests to the streets (September 2022 Iranian protests). OpIran pic.twitter.com/FuFbl5tuy7 — hadieh.poorhosseini (@hadiehp) September 25, 2022.

Internet

Internet Internet Hacking Government

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network. SecurityAffairs – hacking, DrayTek Vigor).

Hacking

Hacking Internet Internet Passwords

Security Affairs newsletter Round 397

Security Affairs

DECEMBER 11, 2022

Samsung S22 hacked Sophos fixed a critical flaw in its Sophos Firewall version 19.5 Samsung S22 hacked Sophos fixed a critical flaw in its Sophos Firewall version 19.5 Samsung S22 hacked Sophos fixed a critical flaw in its Sophos Firewall version 19.5 SecurityAffairs – hacking, newsletter ). Pierluigi Paganini.

Firewall

Firewall Banking Hacking DDOS

Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Security Affairs

MARCH 14, 2022

Anonymous claims to have hacked the systems of the German subsidiary of Russian energy giant Rosneft and stole 20TB of data. The Anonymous hacker collective claimed to have hacked the German branch of the Russian energy giant Rosneft. Und "Geräte wurden umgestaltet" [link] — Oliver (@oliver_schafeld) March 13, 2022.

Hacking

Hacking DDOS Internet Internet

Pro-Russia group NoName took down multiple France sites, including the French Senate one

Security Affairs

MAY 5, 2023

The French Senate’s website was taken offline by a DDoS attack launched by the pro-Russian hacker group NoName. The pro-Russia hacker group NoName is claiming responsibility for a DDoS attack that took the website of the French Senate offline. We apologize for the inconvenience caused.” We are in the final!

DDOS

DDOS Cyber Attacks Mobile Internet

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack.

Scams

Scams DDOS Cryptocurrency Accountability

IT threat evolution in Q3 2022. Non-mobile statistics

SecureList

NOVEMBER 18, 2022

IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. According to Kaspersky Security Network, in Q3 2022: Kaspersky solutions blocked 956,074,958 attacks from online resources across the globe. Number of unique users attacked by financial malware, Q3 2022 ( download ).

Mobile

Mobile Malware Ransomware IoT

Estonia blocked cyberattacks claimed by Pro-Russia Killnet group

Security Affairs

AUGUST 19, 2022

Undersecretary for Digital Transformation Luukas Ilves announced that Estonia was hit by the most extensive wave of DDoS attacks it has faced since 2007. The DDoS attacks targeted both public institutions and the private sector. Attempted DDoS attacks targeted both public institutions and the private sector. (1/4)

DDOS

DDOS Computers and Electronics Digital transformation Government

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December.

IoT

IoT DDOS Malware Firmware

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Malware

Malware VPN Internet Internet

CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

Security Affairs

MARCH 8, 2023

A proof of concept (PoC) exploit code for this vulnerability was published on GitHub since December 2022. The CVE-2022-33891 flaw is a command injection vulnerability in the Apache Spark. The third vulnerability added to the catalog, tracked as CVE-2022-28810, is a remote code execution issue in Zoho ManageEngine ADSelfService Plus.

DDOS

DDOS IoT Software Internet

APT trends report Q2 2022

SecureList

JULY 28, 2022

This is our latest installment, focusing on activities that we observed during Q2 2022. We discovered a highly active campaign, starting in March 2022, targeting stock and cryptocurrency investors in South Korea. They are designed to highlight the significant events and findings that we feel people should be aware of.

Malware

Malware Firmware Phishing Cryptocurrency

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Security Affairs

JUNE 6, 2022

The responsibility of the new division includes “cyber sabotage”, disruption of Internet resources, data theft and financial intelligence focused on NATO, their members and allies. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Government

Government DDOS Cyber Attacks Hacking

IT threat evolution in Q1 2022. Non-mobile statistics

SecureList

MAY 27, 2022

IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. According to Kaspersky Security Network, in Q1 2022: Kaspersky solutions blocked 1,216,350,437 attacks from online resources across the globe. Number of unique users attacked by financial malware, Q1 2022 ( download ).

Mobile

Mobile Adware Ransomware Malware

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

Security Affairs

NOVEMBER 4, 2022

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2022 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape. This is the 10 th edition of the annual report and analyzes events that took place between July 2021 and July 2022. ENISA Threat Landscape Report 2022.

Cyber threats

Cyber threats Phishing Social Engineering Ransomware

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

In November, Akamai warned of a new Mirai -based DDoS botnet, named InfectedSlurs , actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022.

Firmware

Firmware Wireless DDOS IoT

Router security in 2021

SecureList

JUNE 8, 2022

A router is a gateway from the internet to a home or office — despite being conceived quite the opposite. Routers are forever being hacked and infected, and used to infiltrate local networks. Number of router vulnerabilities according to cve.mitre.org, 2010–2022 ( download ). Researchers named the botnet Meris.

DDOS

DDOS Passwords IoT Firmware

Cybersecurity Outlook 2022: Third-party, Ransomware and AI Attacks Will Get Worse

eSecurity Planet

JANUARY 6, 2022

About the only consensus on cybersecurity in 2022 is that things will get uglier, but in what ways? Here are some of the more interesting predictions for 2022 we’ve seen from cybersecurity researchers. Here are some of the more interesting predictions for 2022 we’ve seen from cybersecurity researchers.

Ransomware

Ransomware Cybersecurity Artificial Intelligence CISO

Cyberthreats to financial organizations in 2022

SecureList

NOVEMBER 23, 2021

Finally, we will make some forecasts about financial attacks in 2022. If not ransomware, then DDoS or possibly both. Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency. Cybercriminals also found a host of new tools for amplifying DDoS attacks. Forecasts for 2022.

Cryptocurrency

Cryptocurrency Banking Cybercrime Ransomware

New Go-based Redigo malware targets Redis servers

Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Threat actors are exploiting a critical vulnerability, tracked as CVE-2022-0543 , in Redis (Remote Dictionary Server) servers. In March 2022, the U.S. SecurityAffairs – hacking, Redis).

Malware

Malware DDOS Architecture Cryptocurrency

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

Malware

Malware DDOS IoT Cybercrime

IT threat evolution in Q2 2022. Non-mobile statistics

SecureList

AUGUST 15, 2022

IT threat evolution in Q2 2022. IT threat evolution in Q2 2022. IT threat evolution in Q2 2022. According to Kaspersky Security Network, in Q2 2022: Kaspersky solutions blocked 1,164,544,060 attacks from online resources across the globe. Number of unique users attacked by financial malware, Q2 2022 ( download ).

Mobile

Mobile Adware Malware Ransomware

Russia-linked Fronton botnet could run disinformation campaigns

Security Affairs

MAY 23, 2022

Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. In March 2020, the collective of hacktivists called “ Digital Revolution ” claimed to have hacked a subcontractor to the Russian FSB. SecurityAffairs – hacking, Fronton botnet).

DDOS

DDOS Media Hacking Engineering

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022. ” concludes the report.

IoT

IoT DDOS Encryption Malware

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022.

DDOS

DDOS Wireless Security Intelligence Authentication

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. Here are a few takeaways: Minimum requirements A few years back, a spate of seminal IoT hacks grabbed the full attention of governments worldwide. I’ll keep watch and keep reporting.

IoT

IoT Government Internet Internet

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog. We are in the final !

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

Security Affairs

JANUARY 26, 2023

Experts warn of a spike in the attacks that between August and October 2022 attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394). Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE ( CVE-2021-35394 ) (CVSS score 9.8)

DDOS

DDOS IoT Manufacturing Malware

Security Affairs newsletter Round 385

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3 SecurityAffairs – hacking, newsletter).

Cryptocurrency

Cryptocurrency Data breaches DNS DDOS

DDoS attacks in Q3 2022

DDoS attacks in Q2 2022

Webinars

Trending Sources

Stark Industries Solutions: An Iron Hammer in the Cloud

Webinars

DDoS attacks in Q1 2022

Akamai blocked the largest DDoS attack ever on its European customers

FBI seized 13 domains linked to DDoS-for-hire platforms

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Enemybot, a new DDoS botnet appears in the threat landscape

Mirai Botnet launched the DDoS attack on Minecraft Server Wynncraft

Mantis botnet powered the largest HTTPS DDoS attack in June

Reassessing cyberwarfare. Lessons learned in 2022

The largest Russian bank Sberbank hit by a massive DDoS attack

SLP flaw allows DDoS attacks with an amplification factor as high as 2200 times

Over 80,000 Hikvision cameras can be easily hacked

OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs newsletter Round 397

Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Pro-Russia group NoName took down multiple France sites, including the French Senate one

Interview With a Crypto Scam Investment Spammer

IT threat evolution in Q3 2022. Non-mobile statistics

Estonia blocked cyberattacks claimed by Pro-Russia Killnet group

Updated Kmsdx botnet targets IoT devices

A new Zerobot variant spreads by exploiting Apache flaws

Who and What is Behind the Malware Proxy Service SocksEscort?

CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

APT trends report Q2 2022

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

IT threat evolution in Q1 2022. Non-mobile statistics

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Router security in 2021

Cybersecurity Outlook 2022: Third-party, Ransomware and AI Attacks Will Get Worse

Cyberthreats to financial organizations in 2022

New Go-based Redigo malware targets Redis servers

EnemyBot malware adds new exploits to target CMS servers and Android devices

IT threat evolution in Q2 2022. Non-mobile statistics

Russia-linked Fronton botnet could run disinformation campaigns

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

New InfectedSlurs Mirai-based botnet exploits two zero-days

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

Security Affairs newsletter Round 385

Stay Connected