2022, DDOS, Information Security and Internet

Akamai blocked the largest DDoS attack ever on its European customers

Security Affairs

JULY 28, 2022

This month Akamai blocked the largest distributed denial-of-service (DDoS) attack that hit an organization in Europe. On July 21, 2022, Akamai mitigated the largest DDoS attack that ever hit one of its European customers. SecurityAffairs – hacking, DDoS). Gbps and 659.6 Mpps over 14 hours.” Gbps and 659.6

DDOS

DDOS Internet Internet Hacking

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

eSecurity Planet

JANUARY 28, 2022

Microsoft in November fended off a massive distributed denial-of-service (DDoS) attack in its Azure cloud that officials said was the largest ever recorded, the latest in a wave of record attacks that washed over the IT industry in the second half of 2021. Also read: How to Stop DDoS Attacks: 6 Tips for Fighting DDoS Attacks.

DDOS

DDOS IoT Engineering DNS

FBI seized 13 domains linked to DDoS-for-hire platforms

Security Affairs

MAY 9, 2023

DoJ announced the seizure of 13 new domains associated with DDoS-for-hire platforms as part of Operation PowerOFF. Justice Department announced the seizure of 13 domains linked to DDoS-for-hire services as part of a coordinated international law enforcement effort known as Operation PowerOFF. com, ragebooter(.)com, com, downthem(.)org

DDOS

DDOS Internet Internet Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Security Affairs

OCTOBER 11, 2023

A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. The botnet supports multiple DDoS attacks, including UDP, HTTP Flood, UDP Plain, and TCP SYN. “The exposure of vulnerable devices can result in severe security risks.

DDOS

DDOS Wireless Architecture IoT

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

DDoS attacks in Q3 2021

SecureList

NOVEMBER 8, 2021

Q3 2021 brought two new DDoS attack vectors, potentially posing a serious threat, including for major web resources. ris , a new botnet capable of carrying out powerful DDoS attacks. For instance, a DDoS attack on a Cloudflare customer (attributed to M?ris) We won't let our #DDoS stop us doing what we love!

DDOS

DDOS Marketing Cryptocurrency IoT

Mantis botnet powered the largest HTTPS DDoS attack in June

Security Affairs

JULY 14, 2022

The largest HTTPS DDoS attack recently mitigated by Cloudflare was launched by the Mantis botnet. In June 2022, DDoS mitigation firm Cloudflare announced it has mitigated the largest HTTPS DDoS attack that was launched by a botnet they have called Mantis. Follow me on Twitter: @securityaffairs and Facebook.

DDOS

DDOS Telecommunications Media Internet

SLP flaw allows DDoS attacks with an amplification factor as high as 2200 times

Security Affairs

APRIL 25, 2023

A flaw in the Service Location Protocol (SLP), tracked as CVE-2023-29552, can allow to carry out powerful DDoS attacks. A high-severity security vulnerability (CVE-2023-29552, CVSS score: 8.6) impacting the Service Location Protocol ( SLP ) can be exploited by threat actors to conduct powerful volumetric DDoS attacks.

DDOS

DDOS Internet Internet Firewall

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack.

Scams

Scams DDOS Cryptocurrency Accountability

The Data Breach Perception Problem in 2022

Approachable Cyber Threats

DECEMBER 13, 2022

The 2022 update to our research on the perception of data breach causes that’s helped organizations re-evaluate how they are at risk for a data breach instead of what feels right. In their 2022 report, System Intrusion took the lead, accounting for 40% of all breach events. You may be asking “Why data from 2021 when it’s 2022?”

Data breaches

Data breaches Social Engineering Engineering Phishing

Pro-Russia group NoName took down multiple France sites, including the French Senate one

Security Affairs

MAY 5, 2023

The French Senate’s website was taken offline by a DDoS attack launched by the pro-Russian hacker group NoName. The pro-Russia hacker group NoName is claiming responsibility for a DDoS attack that took the website of the French Senate offline. We apologize for the inconvenience caused.” We are in the final!

DDOS

DDOS Cyber Attacks Mobile Internet

Estonia blocked cyberattacks claimed by Pro-Russia Killnet group

Security Affairs

AUGUST 19, 2022

Undersecretary for Digital Transformation Luukas Ilves announced that Estonia was hit by the most extensive wave of DDoS attacks it has faced since 2007. The DDoS attacks targeted both public institutions and the private sector. Attempted DDoS attacks targeted both public institutions and the private sector. (1/4)

DDOS

DDOS Computers and Electronics Digital transformation Government

OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death

Security Affairs

SEPTEMBER 25, 2022

The authorities claimed Amini died of natural causes after suffering heart failure while it was at the police station, but citizens don’t believe this is the truth and moved the protests to the streets (September 2022 Iranian protests). OpIran pic.twitter.com/FuFbl5tuy7 — hadieh.poorhosseini (@hadiehp) September 25, 2022.

Internet

Internet Internet Hacking Government

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December.

IoT

IoT DDOS Malware Firmware

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

Security Affairs

NOVEMBER 4, 2022

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2022 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape. This is the 10 th edition of the annual report and analyzes events that took place between July 2021 and July 2022. ENISA Threat Landscape Report 2022.

Cyber threats

Cyber threats Phishing Social Engineering Ransomware

Security Affairs newsletter Round 397

Security Affairs

DECEMBER 11, 2022

If you want to also receive for free the newsletter with the international press subscribe here. Samsung S22 hacked Sophos fixed a critical flaw in its Sophos Firewall version 19.5 Samsung S22 hacked Sophos fixed a critical flaw in its Sophos Firewall version 19.5

Firewall

Firewall Banking Hacking DDOS

CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

Security Affairs

MARCH 8, 2023

A proof of concept (PoC) exploit code for this vulnerability was published on GitHub since December 2022. The CVE-2022-33891 flaw is a command injection vulnerability in the Apache Spark. The third vulnerability added to the catalog, tracked as CVE-2022-28810, is a remote code execution issue in Zoho ManageEngine ADSelfService Plus.

DDOS

DDOS IoT Software Internet

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Malware

Malware VPN Internet Internet

New Go-based Redigo malware targets Redis servers

Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. In March 2022, the U.S.

Malware

Malware DDOS Architecture Cryptocurrency

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

Malware

Malware DDOS IoT Cybercrime

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

In November, Akamai warned of a new Mirai -based DDoS botnet, named InfectedSlurs , actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022.

Firmware

Firmware Wireless DDOS IoT

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Security Affairs

JUNE 6, 2022

The responsibility of the new division includes “cyber sabotage”, disruption of Internet resources, data theft and financial intelligence focused on NATO, their members and allies. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Government

Government DDOS Cyber Attacks Hacking

The Data Breach Perception Problem in 2022

Approachable Cyber Threats

DECEMBER 13, 2022

The 2022 update to our research on the perception of data breach causes that’s helped organizations re-evaluate how they are at risk for a data breach instead of what feels right. In their 2022 report, System Intrusion took the lead, accounting for 40% of all breach events. You may be asking “Why data from 2021 when it’s 2022?”

Data breaches

Data breaches Social Engineering Engineering Phishing

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022. ” concludes the report.

IoT

IoT DDOS Encryption Malware

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

Security Affairs

JANUARY 26, 2023

Experts warn of a spike in the attacks that between August and October 2022 attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394). Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE ( CVE-2021-35394 ) (CVSS score 9.8)

DDOS

DDOS IoT Manufacturing Malware

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022.

DDOS

DDOS Wireless Security Intelligence Authentication

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

OCTOBER 19, 2023

This is the 11th edition of the annual report and analyzes events that took place between July 2022 and July 2023. In the latter part of 2022 and the first half of 2023, the cybersecurity landscape witnessed a significant increase in both the variety and quantity of cyberattacks and their consequences.

Social Engineering

Social Engineering Artificial Intelligence Engineering Ransomware

Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Security Affairs

MARCH 14, 2022

It is confirmed to have caused extensive damage The attack captured a total of 20TB of data #Rosneft is Russia's largest oil producer and is also involved in critical infrastructure in Germany #OpRussia [link] — Anonymous • News (@Anonymous_Link) March 14, 2022. Anonymous hackt Rosneft Deutschland. ” reported the WELT.

Hacking

Hacking DDOS Internet Internet

Security Affairs newsletter Round 405 by Pierluigi Paganini

Security Affairs

FEBRUARY 5, 2023

CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog GoAnywhere MFT zero-day flaw actively exploited CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers Tallahassee Memorial HealthCare, Florida, has taken IT systems offline after cyberattack Exploitation attempts for Oracle E-Business Suite flaw (..)

Healthcare

Healthcare Data breaches Malware Ransomware

Russia-linked Fronton botnet could run disinformation campaigns

Security Affairs

MAY 23, 2022

Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. This release noted that DDoS “is only one of the many capabilities of the system.” . As of April 2022, 0day technologies has changed its domain from 0day[.]ru ru to 0day[.]llc.

DDOS

DDOS Media Hacking Engineering

BlackCat ransomware targets another healthcare facility

Malwarebytes

FEBRUARY 22, 2023

In December, 2022, the Office of Information Security and Health Sector Cybersecurity Coordination Center issued an extensive Analyst Note which identified BlackCat as a "relatively new but highly-capable" ransomware threat to health care providers. How to avoid ransomware Block common forms of entry.

Healthcare

Healthcare Ransomware Backups DDOS

Security Affairs newsletter Round 385

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3

Cryptocurrency

Cryptocurrency Data breaches DNS DDOS

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network. ” reads the advisory published by Trellix.

Hacking

Hacking Internet Internet Passwords

Anonymous launched its offensive on Russia in response to the invasion of Ukraine

Security Affairs

FEBRUARY 25, 2022

Anonymous #Ukraine — Anonymous (@YourAnonOne) February 24, 2022. — Anonymous (@YourAnonOne) February 24, 2022. cont) — Anonymous (@YourAnonNews) February 24, 2022. ” RT.com, a Russia-owned media outlet confirmed that it was hit by a massive denial-of-service (DDoS) attack. We are a legion.

Government

Government DDOS Cyber Attacks Media

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

Cyber Insurance: US cyber insurance premiums soared by 50% in 2022, reaching $7.2 million unfilled cyber security jobs, showing a big need for skilled professionals. Market Size: The AI cyber security market was worth around $17.4 billion in 2022 and is expected to grow to about $102.78 million, up 15% in three years.

Social Engineering

Social Engineering Cyber Attacks Cyber Insurance IoT

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Nominate Pierluigi Paganini and Security Affairs here here: [link] Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. We are in the final !

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

New Mirai botnet targets tens of flaws in popular IoT devices

Security Affairs

JUNE 22, 2023

Since the beginning of the attacks observed in October 2022, threat actors have enhanced the botnet by integrating exploits for new vulnerabilities. The list of targeted devices includes routers, DVRs, access control systems, and Solar power generation monitoring systems.

IoT

IoT Malware Encryption DDOS

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. If you want to also receive for free the newsletter with the international press subscribe here. Is it fake news? Follow me on Twitter: @securityaffairs and Facebook.

Data breaches

Data breaches Firmware Hacking Ransomware

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

Since its public disclosure, two exploits for CVE-2021-36260 were publicly released, in October 2021 and in February 2022 respectively. This means that it is quite easy for threat actors to scan the Internet for vulnerable devices and compromise them. One payload in particular caught our attention.

Hacking

Hacking Firmware Internet Internet

The Cybersecurity Perception Problem in 2023

Approachable Cyber Threats

DECEMBER 6, 2023

For the past few years ( 2020 , 2022 ), we’ve shared our research on the data breach perception problem - pointing to the fact that how data breaches actually occur appears to vary from how people think they may occur. For example, DDoS attacks and unauthorized encryption (e.g. Keep reading below! Or download now!

Cybersecurity

Cybersecurity Social Engineering Data breaches Engineering

The latest variant of the RapperBot botnet adds cryptojacking capabilities

Security Affairs

MAY 14, 2023

Researchers from FortiGuard Labs first discovered the previously undetected RapperBot IoT botnet in August, and reported that it is active since mid-June 2022. In November, Fortinet researchers discovered new samples of RapperBot used to build a botnet to launch Distributed DDoS attacks against game servers.

IoT

IoT Malware Passwords Authentication

Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable

Security Affairs

SEPTEMBER 11, 2023

An investigation into indexed information from internet-connected devices provided a list of universities with compromised website security. That could allow arbitrary admin account creation and access to files and personal information. Researchers were able to confirm the entries were accurate.

Cybersecurity

Cybersecurity Penetration Testing Passwords DDOS

The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

Security Affairs

AUGUST 5, 2022

Dark Utilities was launched in early 2022, the platform that provides full-featured C2 capabilities to its users. Dark Utilities is advertised as a platform to enable remote access, command execution, conduct distributed denial-of-service (DDoS) attacks and cryptocurrency mining operations on infected systems.

Architecture

Architecture DDOS Internet Internet

Akamai blocked the largest DDoS attack ever on its European customers

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

Webinars

Trending Sources

FBI seized 13 domains linked to DDoS-for-hire platforms

Webinars

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Enemybot, a new DDoS botnet appears in the threat landscape

DDoS attacks in Q3 2021

Mantis botnet powered the largest HTTPS DDoS attack in June

SLP flaw allows DDoS attacks with an amplification factor as high as 2200 times

Interview With a Crypto Scam Investment Spammer

The Data Breach Perception Problem in 2022

Pro-Russia group NoName took down multiple France sites, including the French Senate one

Estonia blocked cyberattacks claimed by Pro-Russia Killnet group

OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death

A new Zerobot variant spreads by exploiting Apache flaws

Updated Kmsdx botnet targets IoT devices

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

Security Affairs newsletter Round 397

CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

Who and What is Behind the Malware Proxy Service SocksEscort?

New Go-based Redigo malware targets Redis servers

EnemyBot malware adds new exploits to target CMS servers and Android devices

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

The Data Breach Perception Problem in 2022

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

New InfectedSlurs Mirai-based botnet exploits two zero-days

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Security Affairs newsletter Round 405 by Pierluigi Paganini

Russia-linked Fronton botnet could run disinformation campaigns

BlackCat ransomware targets another healthcare facility

Security Affairs newsletter Round 385

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Anonymous launched its offensive on Russia in response to the invasion of Ukraine

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

New Mirai botnet targets tens of flaws in popular IoT devices

Security Affairs newsletter Round 357 by Pierluigi Paganini

Over 80,000 Hikvision cameras can be easily hacked

The Cybersecurity Perception Problem in 2023

The latest variant of the RapperBot botnet adds cryptojacking capabilities

Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable

The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

Stay Connected