Zero Day

JUNE 27, 2025

PT oxygen/Getty Cloudflare  is a robust content delivery network (CDN) that specializes in providing protection against  distributed denial of service (DDoS)  attacks. Last month, Cloudflare  blocked the largest DDoS attack in internet history.    This assault peaked at a staggering 7.3

DDOS 97

DDOS Small Business Password Management Passwords 97

Malwarebytes

OCTOBER 21, 2024

Those who hacked the Internet Archive haven’t gone away. Users of the Internet Archive who have submitted helpdesk tickets are reporting replies to the tickets from the hackers themselves. Internet Archive, most known for its Wayback Machine, is a digital library that allows users to look at website snapshots from the past.

Internet 128

Internet Internet DDOS Data breaches 128

Security Affairs

JANUARY 22, 2025

terabit-per-second (Tbps) distributed denial-of-service (DDoS) attack. Cloudflare announced that during the week of Halloween 2024, it autonomously detected and blocked a 5.6 Terabit per second (Tbps) DDoS attack, which is the largest attack ever reported. ” In 2024, Cloudflare blocked 21.3 reads the advisory.

DDOS 72

DDOS Malware Hacking Internet 72

Security Affairs

JULY 16, 2025

DDoS attacks in Q2 2025, down from 20.5M DDoS attacks in Q2 2025 , down from 20.5M In total, Cloudflare has already surpassed its 2024 DDoS mitigation volume with nearly 28M attacks stopped so far in 2025. “DDoS attacks continue to break records. Cloudflare blocked 7.3M Cloudflare mitigated 7.3M in Q1, 13.5M

DDOS 75

DDOS IoT Telecommunications Hacking 75

Security Affairs

NOVEMBER 16, 2024

A botnet employed in DDoS or cryptomining attacks is exploiting a zero-day in end-of-life GeoVision devices to grow up. The GeoVision zero-day, tracked as CVE-2024-11120 (CVSS 9.8), is a pre-auth command injection vulnerability that was discovered by Shadowserver Foundation and verified with the help of TWCERT. .

DDOS 133

DDOS Internet Internet Hacking 133

Krebs on Security

MARCH 27, 2025

In August 2024, security researcher Artem Tamoian posted on Twitter/X about how he received startlingly different results when he searched for “Freedom of Russia legion” in Russia’s largest domestic search engine Yandex versus Google.com.

Phishing 249

Phishing Government Engineering DDOS 249

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. With retail sales during 2024 set to grow to between $5.23 trillion and $5.28 trillion and $5.28

Retail 71

Retail Cyber Risk Risk DDOS 71

Malwarebytes

DECEMBER 31, 2024

The Internet of Things is the now-accepted term to describe countless home products that connect to the internet so that they can be controlled and monitored from a mobile app or from a web browser on your computer. In February, a Swiss newspaper article included an anecdote about a Distributed Denial-of-Service attack, or DDoS attack.

Internet 73

Internet Internet DDOS Mobile 73

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 119

Data breaches Cryptocurrency Cybercrime Hacking 119

Krebs on Security

MAY 20, 2025

KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand.

DDOS 316

DDOS IoT Internet Internet 316

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

Solid Data Security: The Foundation of a Safe Digital World madhav Thu, 10/17/2024 - 04:58 It’s that time of year again. The State of Data Security in 2024 However, not only individuals must protect their digital assets; organizations do, too. The modern internet's interconnected nature also threatens data security. The result?

DDOS 62

DDOS Encryption Data breaches Identity Theft 62

Security Affairs

MAY 8, 2025

Below are the descriptions for these flaws: CVE-2024-6047 (CVSS score 9.8) An unauthenticated remote attacker can exploit the CVE-2024-6047 vulnerability to inject and execute arbitrary system commands on the device. CVE-2024-11120 (CVSS score 9.8) The GeoVision zero-day CVE-2024-11120 (CVSS 9.8)

DDOS 68

DDOS Internet Internet Hacking 68

Security Affairs

MARCH 12, 2025

In mid-2024, Mandiant identified custom backdoors on Juniper Networks Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper Networks Junos OS MX routers. ” concludes the report published by Mandiant.

Telecommunications 68

Telecommunications Malware DDOS Technology 68

Penetration Testing

JUNE 9, 2025

The most notable discovery in SentinelLABS’ investigation was that threat actors carried out reconnaissance against SentinelOne’s Internet-facing servers in October 2024, and even compromised a third-party IT logistics firm responsible for handling employee hardware. vip—demonstrating synchronized infrastructure activity. ”

Penetration Testing 93

Penetration Testing Advertising DNS Cybersecurity 93

Security Boulevard

JUNE 27, 2025

While this activity has been limited to distributed-denial-of-service (DDoS) attacks, there have also been recent reports of an increase in targeted phishing attacks. Known to exploit common and well-known vulnerabilities in internet-facing devices and critical infrastructure. While there have been ample warnings from U.S.

Accountability 57

Accountability Passwords Authentication Energy and Utilities 57

Security Boulevard

JANUARY 24, 2025

Cloud Risk Alerts Detected in H2 2024 (Source: Google Clouds H1 2025 Threat Horizons Report, January 2025) Meanwhile, weak or no credentials (45.7%) and misconfigurations (34.3%) ranked as the top two initial access vectors to cloud environments during the second half of last year. NCC Group calls the December data a wake-up call.

Banking 67

Banking Cybersecurity Artificial Intelligence Ransomware 67

Krebs on Security

JANUARY 30, 2025

In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages. cloud providers.

Accountability 279

Accountability Scams Passwords Data collection 279

Krebs on Security

NOVEMBER 26, 2024

“Judische” and “Waifu,” dated Oct 21, 2024, 9 days before Moucka’s arrest. MEET ‘BUTTHOLIO’ Kiberphant0m joined BreachForums in January 2024, but their public utterances on Discord and Telegram channels date back to at least early 2022. A surveillance photo of Connor Riley Moucka, a.k.a.

DDOS 337

DDOS Cybercrime Accountability Government 337

Thales Cloud Protection & Licensing

OCTOBER 23, 2024

Cybersecurity Month Checklist: Fortify Your Digital Defenses madhav Thu, 10/24/2024 - 05:32 October is Cybersecurity Awareness Month, an international initiative that educates everyone about online safety and empowers people and businesses to protect their data from malicious actors.

Cybersecurity 62

Cybersecurity Encryption Authentication Passwords 62

Security Affairs

MAY 11, 2025

CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalog Polish authorities arrested 4 people behind DDoS-for-hire platforms Play ransomware affiliate leveraged zero-day to deploy malware Canary Exploit tool allows to find servers affected by Apache Parquet flaw Unsophisticated cyber actors are targeting the U.S.

Spyware 64

Spyware DDOS Malware Ransomware 64

Security Affairs

JULY 1, 2025

These actors typically exploit outdated software, known vulnerabilities, and weak or default passwords on internet-connected systems. Iranian-aligned hacktivists have ramped up website defacements and data leaks and are likely to escalate DDoS and ransomware attacks targeting U.S. critical infrastructure and other U.S. Even a U.S.

Cyber threats 70

Cyber threats Cyber Attacks Passwords Internet 70

Schneier on Security

JULY 17, 2024

From ZDNet : However, Distributed Denial of Service (DDoS) attacks continue to be cybercriminals’ weapon of choice, making up over 37% of all mitigated traffic. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique DDoS attacks. But it’s not just about the sheer volume of DDoS attacks.

Internet 336

Internet Internet DDOS Cybercrime 336

Penetration Testing

MAY 23, 2024

Researchers from Tsinghua University have unveiled a potent new method for launching distributed denial-of-service (DDoS) attacks, dubbed DNSBomb (CVE-2024-33655).

DNS 145

DNS DDOS Internet Internet 145

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. Image: SentinelOne.com.

DDOS 348

DDOS Internet Internet Government 348

Security Affairs

JULY 4, 2024

OVHcloud successfully mitigated a record-breaking DDoS attack in April, which reached 840 million packets per second (Mpps). The cloud services provider OVHcloud announced it has mitigated a record-breaking distributed denial of service (DDoS) attack earlier this year. ” reads the post published by OVHcloud.

DDOS 128

DDOS DNS Hacking Internet 128

Security Affairs

OCTOBER 3, 2024

Cloudflare recently mitigated a new record-breaking DDoS attack, peaking at 3.8 Cloudflare reported that starting from early September, it has mitigated over 100 hyper-volumetric L3/4 DDoS attacks, with many exceeding 2 billion Pps and 3 Tbps. The largest DDoS attack peaked at 3.8 The largest DDoS attack peaked at 3.8

DDOS 127

DDOS Internet Internet Authentication 127

The Hacker News

JANUARY 21, 2025

Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date. The UDP protocol-based attack took place on October 29, 2024, targeting one of its customers, an unnamed internet service provider (ISP) from Eastern Asia. The activity originated

DDOS 129

DDOS IoT Internet Internet 129

Security Affairs

FEBRUARY 8, 2024

Several media reported that three million electric toothbrushes were compromised and recruited into a DDoS botnet. The Swiss newspaper Aargauer Zeitung first published the news of a DDoS attack, carried out on January 30, that involved three million compromised electric toothbrushes. Is it true? What the f is wrong with you people????

DDOS 143

DDOS IoT Media Internet 143

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The flaw CVE-2024-4577 (CVSS score: 9.8) Greynoise researchers also reported malicious attempts of exploitation of the CVE-2024-4577. “As ” reported Akamai. . ” reported Akamai.

Malware 140

Malware DDOS IoT Internet 140

Krebs on Security

APRIL 4, 2024

Other Privnote phishing domains that also phoned home to the same Internet address as pirwnote[.]com com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. Searching DomainTools for domains that include both of these terms reveals pirwnote[.]com.

Phishing 315

Phishing Cryptocurrency DDOS Internet 315

SecureList

NOVEMBER 23, 2023

As we look to 2024, we believe that the consumer threat landscape will be heavily influenced by political, cultural, and technological events and trends. Unfortunately, this ambiguity sets the stage for an anticipated increase in charity-related scams in 2024. There are two main reasons for that: political pressure and DDoS attacks.

VPN 130

VPN Scams Education DDOS 130

The Last Watchdog

MAY 3, 2024

At the start, Distributed Denial of Service (DDoS) attacks were often motivated by bragging rights or mischief. Related: The role of ‘dynamic baselining’ DDoS attack methodology and defensive measures have advanced steadily since then. We need systems that learn and adapt as quickly as the attackers do.”

DDOS 100

DDOS Internet Internet Technology 100

Penetration Testing

OCTOBER 9, 2024

The Internet Archive, a non-profit digital library beloved for its Wayback Machine, has been battling a relentless wave of DDoS attacks since May 2024. While these attacks, often attributed to... The post Internet Archive Under Siege: DDoS Attacks and a Mysterious Data Breach appeared first on Cybersecurity News.

Data breaches 54

Data breaches DDOS Internet Internet 54

SecureList

JUNE 6, 2025

Many automated bots constantly search the web for known vulnerabilities in servers and devices connected to the internet, especially those running popular services. We recently observed the use of CVE-2024-3721 in attempts to deploy a bot in one of our honeypot services.

DDOS 120

DDOS Internet Internet Malware 120

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. NetScout: Observed 13,142,840 DDoS attacks, including: 104,216 video gaming enterprise attacks. 50,000 DDoS attacks on public domain name service (DNS) resolvers.

Cybersecurity 116

Cybersecurity DDOS Penetration Testing Ransomware 116

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Privacy Compliance: By 2024, 40% of privacy tools will rely on AI, highlighting its expanding role in ensuring data privacy and meeting regulations. RaaS usage is expected to increase by 25% in 2024.

Social Engineering 143

Social Engineering Cyber Insurance Cyber Attacks IoT 143

Krebs on Security

JANUARY 8, 2024

For example, in 2010 Spamdot and its spam affiliate program Spamit were hacked, and its user database shows Sal and Icamis often accessed the forum from the same Internet address — usually from Cherepovets , an industrial town situated approximately 230 miles north of Moscow. And there were many good reasons to support this conclusion.

Cybercrime 306

Cybercrime Banking Computers and Electronics DDOS 306