Cybercrime, DDOS, Firmware and Internet

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Krebs on Security

SEPTEMBER 10, 2021

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. But on Thursday DDoS protection firm Qrator Labs identified the culprit — “Meris” — a new IoT monster that first emerged at the end of June 2021. In its Aug. Image: Qrator.

IoT

IoT DDOS Internet Internet

Yandex is under the largest DDoS attack in the history of Runet

Security Affairs

SEPTEMBER 9, 2021

The Russian internet service provider Yandex is under a massive distributed denial-of-service (DDoS) attack that began last week. The record magnitude of the massive DDoS attack was also confirmed by the US company Cloudflare, which specializes in the protection against such kinds of attacks.

DDOS

DDOS Internet Internet Firmware

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack.

Scams

Scams DDOS Cryptocurrency Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. WHO’S BEHIND SOCKSESCORT?

Malware

Malware VPN Internet Internet

Widespread exploitation by botnet operators of Zyxel firewall flaw

Security Affairs

JUNE 1, 2023

“Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 Mirai botnets are frequently used to conduct DDoS attacks.”

Firewall

Firewall Firmware VPN DDOS

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Security Affairs

DECEMBER 8, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Firmware

Firmware DDOS Malware IoT

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December.

IoT

IoT DDOS Malware Firmware

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Top 9 Cybersecurity Challenges SMEs Currently Face

Responsible Cyber

APRIL 8, 2020

The Internet of Things (IoT) is undeniably the future of technology. As cybercrime has become well-funded and increasingly sophisticated, phishing remains one of the most effective methods used by criminals to introduce malware into businesses. DDoS Attacks. IoT Opens Excessive Entry Points. Phishing and Spear Phishing.

Cybersecurity

Cybersecurity DDOS Small Business Phishing

Spyware in the IoT – the Biggest Privacy Threat This Year

SiteLock

AUGUST 27, 2021

The consequences of which are not only born by companies who are the primary targets of cybercrime. Simply defined, the internet of things (IoT) is a network of Internet-connected objects able to collect and exchange data. VPNs are the baseline cybersecurity tool to safeguard internet-enabled devices and a home network.

IoT

IoT Spyware VPN Passwords

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches

Data breaches Firmware Hacking Ransomware

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

While the impact of these destructive cyber-attacks paled in comparison to the effects of the kinetic attacks taking place at the same time, it should be noted that this capability could in theory be directed against any country outside of the context of an armed conflict and under the pretense of traditional cybercrime activity.

DDOS

DDOS Ransomware Government Energy and Utilities

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. Organizations using Netgear, Huawei, and ZTE network devices are recommended to keep their firmware up to date and use strong passwords. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

IoT

IoT DNS Manufacturing Firmware

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests. In December, Canada’s Laurentian University reported a DDoS attack. Educational institutions are recommended to use anti-DDoS solutions and strong firewall settings, and partner up with ISPs.

DDOS

DDOS Cryptocurrency Marketing Internet

DDoS attacks in Q1 2021

SecureList

MAY 10, 2021

Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency. In Q1 2021, cybercriminals also found a host of new tools for amplifying DDoS attacks. RDP servers listening on UDP port 3389 were used to amplify DDoS attacks. Alas, not all users of vulnerable programs and devices install updates promptly.

DDOS

DDOS Cryptocurrency Media Marketing

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

The vulnerability is in MSHTML, the Internet Explorer engine. Apart from Trojanized installers, we also observed infections involving use of a UEFI (Unified Extensible Firmware Interface) and MBR (Master Boot Record) bootkit. You can find a more detailed technical description of both vulnerabilities here.

Malware

Malware Banking Energy and Utilities Accountability

What is Malware? Definition, Purpose & Common Protections

eSecurity Planet

OCTOBER 21, 2022

Today, malware is a common threat to the devices and data of anyone who uses the Internet. Ransomware is one of the most virulent forms of malware on the modern Internet. Firmware rootkits are also known as “hardware rootkits.”. Programs being opened or accessing the Internet without your permission.

Malware

Malware Adware Spyware Antivirus

APT trends report Q2 2022

SecureList

JULY 28, 2022

In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). We have seen a spike in “hacktivist” attacks, ranging from DDoS attacks to doxxing and hack-and-leak operations.

Malware

Malware Firmware Phishing Cryptocurrency

Cyber Security Informer

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Yandex is under the largest DDoS attack in the history of Runet

Webinars

Trending Sources

Interview With a Crypto Scam Investment Spammer

Webinars

Who and What is Behind the Malware Proxy Service SocksEscort?

Widespread exploitation by botnet operators of Zyxel firewall flaw

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Top 9 Cybersecurity Challenges SMEs Currently Face

Spyware in the IoT – the Biggest Privacy Threat This Year

Security Affairs newsletter Round 357 by Pierluigi Paganini

Reassessing cyberwarfare. Lessons learned in 2022

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

DDoS attacks in Q4 2020

DDoS attacks in Q1 2021

IT threat evolution Q3 2021

What is Malware? Definition, Purpose & Common Protections

APT trends report Q2 2022

Stay Connected