Penetration Testing

JUNE 7, 2025

A new Mirai botnet variant is exploiting CVE-2024-3721 to infect vulnerable DVRs. Learn how this sophisticated attack works and if your surveillance system is at risk.

Surveillance 118

Surveillance Risk DDOS IoT 118

Security Affairs

MAY 8, 2025

Polish police arrested 4 people behind DDoS-for-hire platforms used in global attacks, offering takedowns for as little as 10 via six stresser services. “ Stresser/booter services are online platforms that offer Distributed Denial of Service (DDoS) attacks as a paid service. .“ Europol, the U.S.,

DDOS 87

DDOS Marketing Government Hacking 87

Security Affairs

JANUARY 22, 2025

terabit-per-second (Tbps) distributed denial-of-service (DDoS) attack. Cloudflare announced that during the week of Halloween 2024, it autonomously detected and blocked a 5.6 Terabit per second (Tbps) DDoS attack, which is the largest attack ever reported. ” In 2024, Cloudflare blocked 21.3 reads the advisory.

DDOS 70

DDOS Malware Hacking Internet 70

Schneier on Security

JULY 17, 2024

From ZDNet : However, Distributed Denial of Service (DDoS) attacks continue to be cybercriminals’ weapon of choice, making up over 37% of all mitigated traffic. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique DDoS attacks. But it’s not just about the sheer volume of DDoS attacks.

Internet 339

Internet Internet DDOS Cybercrime 339

Penetration Testing

JULY 4, 2025

FortiGuard Labs exposes RondoDox, a stealthy botnet exploiting critical flaws (CVE-2024-3721, CVE-2024-12856) in TBK DVRs & Four-Faith routers to launch sophisticated DDoS attacks.

DDOS 57

DDOS IoT Malware Cybersecurity 57

Security Affairs

JANUARY 8, 2025

Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers to launch DDoS attacks since November 2024. The Gayfemboy botnet was first identified in February 2024, it borrows the code from the basic Mirai variant and now integrates N-day and 0-day exploits. Key targets include China, the U.S.,

DDOS 118

DDOS Hacking Government Cybercrime 118

Security Affairs

NOVEMBER 16, 2024

A botnet employed in DDoS or cryptomining attacks is exploiting a zero-day in end-of-life GeoVision devices to grow up. The GeoVision zero-day, tracked as CVE-2024-11120 (CVSS 9.8), is a pre-auth command injection vulnerability that was discovered by Shadowserver Foundation and verified with the help of TWCERT. .

DDOS 130

DDOS Internet Internet Hacking 130

Trend Micro

JANUARY 16, 2025

Since the end of 2024, we have been continuously monitoring large-scale DDoS attacks orchestrated by an IoT botnet exploiting vulnerable IoT devices such as wireless routers and IP cameras.

IoT 144

IoT DDOS Wireless Cyber threats 144

Security Affairs

OCTOBER 11, 2024

As of September 5, 2024, the Internet Archive held more than 42.1 HIBP permalink: [link] pic.twitter.com/Oc2Qvrh6Ov — HackManac (@H4ckManac) October 10, 2024 The threat actors that breached the popular website have shared a copy of the stolen data with the data breach notification service Have I Been Pwned data.

Data breaches 121

Data breaches Internet Internet DDOS 121

Security Boulevard

DECEMBER 31, 2024

January Release of the 2023 Global DDoS Landscape Report In the 2023 Global DDoS Landscape Report, NSFOCUS proposed important insights on global DDoS threats. The post Shining Moments for NSFOCUS DDoS Defense in 2024 appeared first on Security Boulevard.

DDOS 52

DDOS Cyber Attacks 52

Security Affairs

JULY 4, 2024

OVHcloud successfully mitigated a record-breaking DDoS attack in April, which reached 840 million packets per second (Mpps). The cloud services provider OVHcloud announced it has mitigated a record-breaking distributed denial of service (DDoS) attack earlier this year. ” reads the post published by OVHcloud.

DDOS 126

DDOS DNS Hacking Internet 126

The Hacker News

AUGUST 13, 2024

Monitoring evolving DDoS trends is essential for anticipating threats and adapting defensive strategies. The comprehensive Gcore Radar Report for the first half of 2024 provides detailed insights into DDoS attack data, showcasing changes in attack patterns and the broader landscape of cyber threats.

DDOS 112

DDOS Cyber threats 112

Security Affairs

MAY 16, 2025

HTTPBot is a Go-based botnet first detected in August 2024, however, its activity surged by April 2025. HTTPBot uses an attack ID for precise control and employs advanced DDoS tactics like HTTP Floods and obfuscation to bypass traditional detection methods. “DDoS Botnet families tend to congregate on Linux and IoT platforms.

DDOS 111

DDOS Education IoT Malware 111

Penetration Testing

MAY 23, 2024

Researchers from Tsinghua University have unveiled a potent new method for launching distributed denial-of-service (DDoS) attacks, dubbed DNSBomb (CVE-2024-33655).

DNS 145

DNS DDOS Internet Internet 145

Krebs on Security

MARCH 27, 2025

In August 2024, security researcher Artem Tamoian posted on Twitter/X about how he received startlingly different results when he searched for “Freedom of Russia legion” in Russia’s largest domestic search engine Yandex versus Google.com.

Phishing 236

Phishing Government Engineering Internet 236

Krebs on Security

DECEMBER 11, 2024

Selectel, Netwarm UK, Beget, Timeweb and DDoS-Guard). firms , including an entity created in February 2024 called Globopay UAB Ltd , and another called WS Management and Advisory Corporation Ltd. The analysis also showed nearly all 56 exchanges used services from Cloudflare , a global content delivery network based in San Francisco.

Cryptocurrency 293

Cryptocurrency Banking Cybercrime Advertising 293

BH Consulting

OCTOBER 24, 2024

Those are the seven threats ENISA enumerates in its latest Threat Landscape 2024 report. Denial of Service (DDoS) attacks and ransomware dominated, making up for more than half the observed incidents. Now in its 12th edition, the 2024 report is based on the analysis of more than 11,000 incidents.

Social Engineering 69

Social Engineering Passwords Cybersecurity Ransomware 69

The Last Watchdog

APRIL 30, 2025

With the acquisitions of DOSarrest in 2021 and Reblaze Technologies in 2024, Link11 has expanded its market position. The new Link11 WAAP (Web Application and API Protection) SaaS platform combines comprehensive DDoS protection against web attacks with ML-based adaptive security and API protection.

DDOS 130

DDOS Artificial Intelligence Technology Marketing 130

Security Affairs

JUNE 22, 2025

The Qilin ransomware group has been active since at least August 2022 but gained attention in June 2024 for attacking Synnovis , a UK governmental service provider for healthcare. Additionally, with network propagation capabilities and a DDoS option introduced in April 2025, Qilin enhances its adaptability for various attack scenarios.”

Ransomware 118

Ransomware DDOS Cybercrime Healthcare 118

Security Affairs

OCTOBER 3, 2024

Cloudflare recently mitigated a new record-breaking DDoS attack, peaking at 3.8 Cloudflare reported that starting from early September, it has mitigated over 100 hyper-volumetric L3/4 DDoS attacks, with many exceeding 2 billion Pps and 3 Tbps. The largest DDoS attack peaked at 3.8 The largest DDoS attack peaked at 3.8

DDOS 124

DDOS Internet Internet Authentication 124

The Hacker News

JULY 5, 2024

French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps). The 840 Mpps DDoS attack is said to have been a combination of a TCP

DDOS 131

DDOS Banking 131

The Hacker News

JANUARY 29, 2025

A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks.

DDOS 101

DDOS 101

Security Affairs

DECEMBER 19, 2024

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. ” read the report published by Juniper Networks.

DDOS 66

DDOS Firmware Firewall Passwords 66

The Hacker News

JULY 10, 2024

Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets.

DDOS 123

DDOS Cryptocurrency Malware 123

Security Affairs

FEBRUARY 15, 2025

The second vulnerability added to the CISA KEV catalog is CVE-2024-41710, which affects Mitel 6800, 6900, and 6900w series SIP phones, including the 6970 Conference Unit through R6.4.0.HF1 In mid-July 2024, Miteladdressedthe vulnerability with the release offirmware updates. Aquabot is a Mirai-based botnet designed for DDoS attacks.

Spyware 108

Spyware DDOS Hacking Authentication 108

Security Affairs

FEBRUARY 8, 2024

Several media reported that three million electric toothbrushes were compromised and recruited into a DDoS botnet. The Swiss newspaper Aargauer Zeitung first published the news of a DDoS attack, carried out on January 30, that involved three million compromised electric toothbrushes. Is it true? What the f is wrong with you people????

DDOS 142

DDOS IoT Media Internet 142

The Hacker News

JANUARY 21, 2025

Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date. The UDP protocol-based attack took place on October 29, 2024, targeting one of its customers, an unnamed internet service provider (ISP) from Eastern Asia. The activity originated

DDOS 124

DDOS IoT Internet Internet 124

Penetration Testing

JANUARY 30, 2025

The Akamai Security Intelligence and Response Team (SIRT) has identified Aquabotv3, a new and more sophisticated variant of The post Aquabotv3: The Mirai-Based Botnet Exploiting CVE-2024-41710 for DDoS Attacks appeared first on Cybersecurity News.

DDOS 86

DDOS Security Intelligence Cybersecurity Malware 86

The Hacker News

JANUARY 8, 2025

A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks.

DDOS 116

DDOS 116

The Hacker News

JANUARY 22, 2025

Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks. According to QiAnXin XLab, the attacks have leveraged the security flaw since June 2024.

DDOS 118

DDOS 118

Security Affairs

JANUARY 29, 2025

A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Aquabot is a Mirai-based botnet designed for DDoS attacks. The bot targets the command injection vulnerability CVE-2024-41710 that impacts Mitel models. ” reads the report published by Akamai.

DDOS 68

DDOS Firmware Malware Firewall 68

Security Affairs

OCTOBER 21, 2024

Hunt noticed that most recent timestamp on the database records is September 28th, 2024, which is likely the date of the data exfiltration. The Internet Archive founder, Brewster Kahle, also confirmed that the platform was hit by a DDoS attack that took the website offline several times.

Internet 128

Internet Internet Data breaches Authentication 128

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The flaw CVE-2024-4577 (CVSS score: 9.8) Greynoise researchers also reported malicious attempts of exploitation of the CVE-2024-4577. “As ” reported Akamai. . ” reported Akamai.

Malware 139

Malware DDOS Internet Internet 139

Malwarebytes

DECEMBER 31, 2024

In February, a Swiss newspaper article included an anecdote about a Distributed Denial-of-Service attack, or DDoS attack. DDoS attacks involve sending loads of connection requests (like regular internet traffic) to a certain webpage as a way to briefly overwhelm that web page and take it down.

Internet 76

Internet Internet Mobile DDOS 76

The Hacker News

FEBRUARY 11, 2025

Gcores latest DDoS Radar report analyzes attack data from Q3Q4 2024, revealing a 56% YoY rise in the total number of DDoS attacks with the largest attack peaking at a record 2 Tbps. This periods findings emphasize the need for robust, adaptive DDoS This periods findings emphasize the need for robust, adaptive DDoS

DDOS 86

DDOS Financial Services 86

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. With retail sales during 2024 set to grow to between $5.23 trillion and $5.28 trillion and $5.28

Retail 71

Retail Cyber Risk Risk DDOS 71

Heimadal Security

OCTOBER 4, 2024

A newly discovered vulnerability in the open-source CUPS (Common Unix Printing System) printing system can be used by threat actors to launch DDoS attacks with a 600x amplification factor. appeared first on Heimdal Security Blog.

DDOS 98

DDOS Cybersecurity 98