Architecture, DDOS, Firmware and Hacking

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

Researchers warn of several DDoS botnets exploiting a critical flaw tracked as CVE-2023-28771 in Zyxel devices. Fortinet FortiGuard Labs researchers warned of multiple DDoS botnets exploiting a vulnerability impacting multiple Zyxel firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

DDOS

DDOS Firmware VPN Firewall

A new Mirai botnet variant targets TP-Link Archer A21

Security Affairs

APRIL 25, 2023

In March, TP-Link released a firmware update to address multiple issues, including this vulnerability. ” The Mirai botnet is exploiting the issue to gain access to the device and downloads the malicious payload for the targeted architecture. The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event.

DDOS

DDOS Engineering Firmware Architecture

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). The botnet leverages a robust architecture based on a combination of third-party services, P2P, and Command & Control servers. SecurityAffairs – hacking, Pink botnet).

Architecture

Architecture DDOS Advertising Firmware

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The most recent variant spotted by Microsoft spreads by exploiting vulnerabilities in Apache and Apache Spark ( CVE-2021-42013 and CVE-2022-33891 respectively) and also supports new DDoS attack capabilities.

IoT

IoT DDOS Malware Firmware

MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

eSecurity Planet

NOVEMBER 4, 2021

The unranked list contains 12 entries that categorize data found in hardware programming, design, and architecture. Hackers can exploit these weaknesses to compromise computer systems, exfiltrate data, and even perform DDoS attacks. The most popular firmware is BIOS and UEFI. The older the firmware, the easier it is to hack.

Software

Software Firmware Computers and Electronics Risk

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. Dark web services: DDoS attacks, botnets, and zero-day IoT vulnerabilities Of all IoT-related services offered on the dark web, DDoS attacks are worth examining first.

IoT

IoT DDOS Passwords Malware

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. The botnet supports the following capabilities: DDoS attack Collecting Bot Information Execute the payload of the specified URL Update the sample from the specified URL Execute system or custom commands. Pierluigi Paganini.

IoT

IoT DDOS Architecture Passwords

Mirai code re-use in Gafgyt

Security Affairs

APRIL 16, 2021

HTTP flooding is a kind of DDoS attack in which the attacker sends a large number of HTTP requests to the targeted server to overwhelm it. UDP flooding is a type of DDoS attack in which an attacker sends several UDP packets to the victim server as a means of exhausting it. SecurityAffairs – hacking, Mirai). HTTP flooding module.

Malware

Malware DDOS IoT Firmware

What is Incident Response? Ultimate Guide + Templates

eSecurity Planet

JULY 25, 2023

Botnets : Networks of compromised computers are controlled by a central attacker and used for various malicious activities such as launching coordinated distributed denial of service ( DDoS ) attacks, providing a staging point for attacks on other victims, or distributing spam.

Software

Software Data breaches DDOS Ransomware

Mukashi, the new Mirai variant that targets Zyxel NAS

Security Affairs

MARCH 21, 2020

Multiple, if not all, Zyxel NAS products running firmware versions up to 5.21 “Upon execution, the zi script downloads different architectures of Mirai bot, runs the downloaded binaries, and removes the binaries. The bot supports various commands, like Mirai, such as launching DDoS attacks. ” continues the analysis.

DDOS

DDOS Authentication Advertising Firmware

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

ForAllSecure

OCTOBER 5, 2021

That would make this denial of service attack roughly twice as powerful as any similar previously recorded DDoS attack at the time. Vamosi: Welcome to The Hacker Mind and original podcast from ForAllSecure, it's about challenging our expectations about the people who hack for a living. terabits per second.

IoT

IoT DDOS Malware Internet

Cyber Security Roundup for March 2021

Security Boulevard

FEBRUARY 28, 2021

While these Linux operating systems remain unpatched to prevent exploitation of the CVE-2021-3156 vulnerability, there are waiting to be hacked. Npower App Hack. Three North Korean Hackers charged for Financial and Revenge-motivated Hacks. DDoS Attacks Leverage Plex Media Server. VULNERABILITIES AND SECURITY UPDATES.

Energy and Utilities

Energy and Utilities Ransomware DDOS Accountability

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

Mail servers become priority targets In June, Recorded Future warned that BlueDelta (aka Sofacy, APT28, Fancy Bear and Sednit) exploited vulnerabilities in Roundcube Webmail to hack multiple organizations including government institutions and military entities involved in aviation infrastructure. Drone hacking!

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

Multiple DDoS botnets were observed targeting Zyxel devices

A new Mirai botnet variant targets TP-Link Archer A21

Trending Sources

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

A new Zerobot variant spreads by exploiting Apache flaws

MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

Overview of IoT threats in 2023

Mozi Botnet is responsible for most of the IoT Traffic

Mirai code re-use in Gafgyt

What is Incident Response? Ultimate Guide + Templates

Mukashi, the new Mirai variant that targets Zyxel NAS

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

Cyber Security Roundup for March 2021

Advanced threat predictions for 2024

Stay Connected