Cybercrime DDOS DNS Firmware 
Security Affairs
AUGUST 20, 2021
According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. “By infecting routers, they can perform man-in-the-middle (MITM) attacks—via HTTP hijacking and DNS spoofing—to compromise endpoints and deploy ransomware or cause safety incidents in OT facilities. Pierluigi Paganini.
SecureList
FEBRUARY 16, 2021
The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
SecureList
NOVEMBER 26, 2021
In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.
SecureList
MAY 27, 2022
MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). Subsequently, DDoS attacks hit some government websites. Targeted attacks. Lapsus$ group hacks Okta.
SecureList
APRIL 27, 2022
Subsequently, DDoS attacks hit several government websites. In December we were made aware of a UEFI firmware-level compromise through logs from our firmware scanning technology. These changes allowed the attackers to intercept the original flow of the firmware code and have it executed alongside a sophisticated infection chain.
Expert insights. Personalized for you.
104 
Let's personalize your content