Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime 140

Cybercrime Ransomware DDOS Encryption 140

eSecurity Planet

FEBRUARY 16, 2023

Cloudflare mitigated dozens of hyper-volumetric DDoS attacks last weekend, most of them ranging from 50 to 70 million requests per second (RPS) – and the largest one exceeding 71 million RPS. DDoS attacks, on the other hand, don’t require infiltration to be effective and thus are growing in frequency and intensity.

DDOS 117

DDOS Ransomware Backups Cryptocurrency 117

Krebs on Security

APRIL 30, 2024

Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. After being charged with the attack in October 2022, Kivimäki fled the country. Kivimäki was 15 years old at the time.

DDOS 317

DDOS Cybercrime Hacking Passwords 317

Security Affairs

OCTOBER 11, 2023

A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. The experts observed a surge in botnet activity in September 2023 and reported that it “has aggressively updated its arsenal of exploits.” ” concludes the analysis.

DDOS 135

DDOS Wireless Architecture IoT 135

Security Affairs

JUNE 17, 2023

Polish police, as part of the international law enforcement operation PowerOFF, dismantled a DDoS-for-hire service that has been active since at least 2013. An international operation codenamed PowerOff led to the shutdown of a DDoS-for-hire service that has been active since at least 2013. Viewer discretion is advised.

DDOS 98

DDOS Computers and Electronics Cybercrime Cryptocurrency 98

Krebs on Security

OCTOBER 31, 2023

” Infoblox determined that until May 2023, domains ending in.info accounted for the bulk of new registrations tied to the malicious link shortening service, which Infoblox has dubbed “ Prolific Puma.” domains were the worst in the world for spam, botnet (attack infrastructure for DDOS etc.) US phishing domains.

Phishing 337

Phishing Telecommunications Malware Scams 337

Security Affairs

OCTOBER 17, 2024

The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The collective Anonymous Sudan has been active since January 2023, it claims to target any country that is against Sudan. The feds also seized the accounts containing the source code for their DDoS tools.

DDOS 123

DDOS Cybercrime Government Hacking 123

Security Affairs

NOVEMBER 17, 2024

that reboots locked devices Ymir ransomware, a new stealthy ransomware grow in the wild Amazon discloses employee data breach after May 2023 MOVEit attacks A new fileless variant of Remcos RAT observed in the wild A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine U.S.

Cryptocurrency 111

Cryptocurrency Hacking Malware Data breaches 111

Security Affairs

JUNE 22, 2025

CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog Attackers target Zyxel RCE vulnerability CVE-2023-28771 India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M Million people Watch out, Veeam fixed a new critical bug in Backup & Replication product U.S.

61

61

Security Affairs

NOVEMBER 2, 2023

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. before 5.18.3 before 5.17.6

Ransomware 132

Ransomware Cybercrime Software Encryption 132

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 283

Cybercrime Banking Computers and Electronics DDOS 283

Security Affairs

MAY 9, 2023

A DDoS botnet dubbed AndoryuBot has been observed exploiting an RCE, tracked as CVE-2023-25717, in Ruckus access points. FortiGuard Labs researchers have recently observed a spike in attacks attempting to exploit the Ruckus Wireless Admin remote code execution vulnerability tracked as CVE-2023-25717. We are in the final!

DDOS 98

DDOS Wireless Architecture Advertising 98

SecureList

DECEMBER 16, 2024

Number of dark web posts distributing databases on one popular forum, August 2023-November 2024 ( download ) While some of this growth may be attributed to the reposting or combining of older leaks, cybercriminals are clearly interested in distributing leaked data whether new, old, or even fake. times compared to 2023.

Marketing 105

Marketing Data breaches Cryptocurrency Malware 105

Security Affairs

JANUARY 29, 2025

A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Aquabot is a Mirai-based botnet designed for DDoS attacks. Named after the Aqua filename, it was first reported in November 2023.

DDOS 68

DDOS Firmware Malware Firewall 68

Security Affairs

JUNE 21, 2023

“FortiGuard Labs encountered recent samples of a DDoS -as-a-service botnet calling itself Condi. It attempted to spread by exploiting TP-Link Archer AX21 (AX1800) routers vulnerable to CVE-2023-1389 , which was disclosed in mid-March of this year.” The researchers observed a surge in attacks in May 2023.

DDOS 98

DDOS Malware Advertising Hacking 98

Krebs on Security

APRIL 4, 2024

Throughout 2023, Tornote was hosted with the Russian provider DDoS-Guard , at the Internet address 186.2.163[.]216. In keeping with the overall theme, these phishing domains appear focused on stealing usernames and passwords to some of the cybercrime underground’s busiest shops, including Brian’s Club.

Phishing 293

Phishing Cryptocurrency DDOS Internet 293

Security Affairs

MARCH 12, 2025

Cato CTRL researchers observed a new botnet, called Ballista botnet, which is exploiting a remote code execution (RCE) vulnerability, tracked as CVE-2023-1389 (CVSS score 8.8), in TP-Link Archer routers. Since early 2025, Cato CTRL has tracked the Ballista botnet targeting TP-Link Archer routers via CVE-2023-1389.

IoT 73

IoT Malware Encryption DDOS 73

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing 131

Marketing Cybercrime DDOS Internet 131

Security Affairs

NOVEMBER 10, 2023

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. “ To be clear, there was no Cloudflare breach.

DDOS 142

DDOS Cryptocurrency Accountability Media 142

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 130

DDOS VPN Data breaches Cybercrime 130

Security Affairs

JULY 5, 2024

Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks.

DDOS 138

DDOS DNS Encryption Malware 138

Thales Cloud Protection & Licensing

OCTOBER 11, 2023

Protect Your Organization from Cybercrime-as-a-Service Attacks madhav Thu, 10/12/2023 - 04:53 In years gone by, only large enterprises needed to be concerned with cybercrime. However, Cybercrime-as-a-Service (CaaS) offerings have essentially democratized cybercrime. What is Cybercrime-as-a-Service?

Cybercrime 77

Cybercrime Encryption DDOS Backups 77

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 98

DDOS Cybercrime Spyware Hacking 98

Security Affairs

NOVEMBER 22, 2023

Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. ” reads the analysis published by Akamai.

DDOS 136

DDOS Wireless Security Intelligence Authentication 136

Security Affairs

NOVEMBER 11, 2023

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2 Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon Info from 5.6

DDOS 128

DDOS Data breaches Ransomware Marketing 128

Security Affairs

OCTOBER 19, 2023

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape. This is the 11th edition of the annual report and analyzes events that took place between July 2022 and July 2023. appeared first on Security Affairs.

Social Engineering 134

Social Engineering Artificial Intelligence Engineering Ransomware 134

SecureList

JULY 27, 2023

This is our latest installment, focusing on activities that we observed during Q2 2023. Killnet, led by a person nicknamed “KillMilk”, is one of the leaders of the hacktivist movement that uses DDoS as a means of disruption. This campaign remained active until March 2023.

Malware 98

Malware Government Phishing Social Engineering 98

Security Affairs

NOVEMBER 20, 2022

Ukraine Police dismantled a transnational fraud group that made €200 million per year Lockbit gang leaked data stolen from global high-tech giant Thales.

DDOS 98

DDOS Cybercrime Ransomware Phishing 98

Security Affairs

JANUARY 13, 2023

A Pro-Russian group named NoName057(16) is targeting organizations in Ukraine and NATO countries with DDoS attacks. A Pro-Russian cybercrime group named NoName057 (16) (aka 05716nnm or Nnm05716) is behind a wave of DDoS attacks against organizations in Ukraine and NATO countries, SentinelOne researchers reported.

DDOS 98

DDOS Telecommunications DNS Cybercrime 98

Security Affairs

JUNE 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9

Data breaches 98

Data breaches DDOS Backups Firewall 98

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 98

Cybercrime Malware Hacking Accountability 98

Security Affairs

FEBRUARY 11, 2024

Now Cybersecurity expert says the next generation of identity theft is here: ‘Identity hijacking’ Were 3 Million Toothbrushes Really Used for a DDoS Attack? Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Spyware 125

Spyware Surveillance DDOS Identity Theft 125

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Cyber Attacks 122

Cyber Attacks Firewall Data breaches Telecommunications 122

Security Affairs

AUGUST 27, 2023

military procurement system Spoofing an Apple device and tricking users into sharing sensitive data Israel and US to Invest $3.85 Million in projects for critical infrastructure protection through the BIRD Cyber Program N.

Hacking 98

Hacking Cybercrime Cryptocurrency Ransomware 98

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 98

Data breaches DDOS Ransomware Hacking 98

Security Affairs

MARCH 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches 98

Data breaches DDOS Backups Ransomware 98

Security Affairs

SEPTEMBER 22, 2023

A few days ago, the Pro-Russia group NoName057(16) announced to have launched DDoS attacks on several Canadian organizations, including CBSA, the Canadian Air Transport Security Authority, and the Senate. The attacks severely impacted operations at several Canadian airports last week.

DDOS 138

DDOS Data breaches Cyber Attacks Mobile 138