Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT 98

IoT DDOS Architecture Internet 98

Security Affairs

MARCH 16, 2025

CISA adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog Cybersecurity Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies Elon Musk blames a massive cyberattack for the X outages Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577 RansomHouse gang claims the hack of (..)

Spyware 86

Spyware Cybercrime Ransomware IoT 86

Security Affairs

JULY 29, 2019

Ransomware continues to be a profitable business for the cybercrime ecosystem and the recent wave of attacks against US municipalities demonstrates it. The report also states that experts observed a spike in the number of cyberattacks against IoT devices carried out by IoT malware. million IoT attacks. Pierluigi Paganini.

IoT 110

IoT Encryption Malware Advertising 110

Security Affairs

DECEMBER 17, 2024

In March 2024, threat actors behind this campaign started targeting Internet of Things (IoT) devices in the US, Australia, Canada, New Zealand, and the United Kingdom. reads the report published by Black Lotus Labs.

Architecture 123

Architecture Internet Internet Malware 123

Security Affairs

MAY 16, 2025

“DDoS Botnet families tend to congregate on Linux and IoT platforms. The malware bypasses detection using Base64 encoding, dynamic URLs, and simulates human behavior. Some attacks require Windows version greater than 8, showcasing advanced evasion and control techniques. ” concludes the report.

DDOS 125

DDOS Education Malware IoT 125

Security Affairs

JANUARY 21, 2025

The ShellScript is loaded onto IoT devices such as IP cameras, and network devices, revealing that the Murdoc Botnet specifically targets IoT devices via this mechanism, leveraging C2 servers for new Mirai variant propagation. The Qualys Threat Research Unit discovered over 500 samples containing ELF files and ShellScript files.

IoT 92

IoT Malware Hacking Cybercrime 92

Security Affairs

DECEMBER 29, 2024

Court rules against NSO Group in WhatsApp spyware Lawsuit Lazarus APT targeted employees at an unnamed nuclear-related organization US charged Dual Russian and Israeli National as LockBit Ransomware developer International Press Newsletter Cybercrime Phishing platform Rockstar 2FA trips, and FlowerStorm picks up the pieces Pittsburgh Regional Transit (..)

Spyware 72

Spyware IoT Malware Cybercrime 72

Security Affairs

JUNE 22, 2023

Since March 2023, researchers at Palo Alto Networks Unit 42 have observed a new variant of the Mirai botnet targeting multiple vulnerabilities in popular IoT devices. “The widespread adoption of IoT devices has become a ubiquitous trend. However, the persistent security concerns surrounding these devices cannot be ignored.

IoT 98

IoT Malware Encryption DDOS 98

Security Affairs

MAY 4, 2025

Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog The Turmoil Following BreachForums Shutdown: Confusion, Risks, and a New Beginning Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia A large-scale phishing campaign targets WordPress WooCommerce (..)

Cyber Attacks 87

Cyber Attacks Cybercrime Malware Phishing 87

Security Affairs

MARCH 8, 2025

TB of data allegedly stolen from Tata Technologies New Eleven11bot botnet infected +86K IoT devices Polish Space Agency POLSA disconnected its network following a cyberattack U.S.

Data breaches 83

Data breaches Hacking Artificial Intelligence Cybercrime 83

Security Affairs

MAY 20, 2025

The company offers cellular service, along with 5G development, AI services, IoT solutions, cloud computing, and smart city infrastructure. It holds about 48% of the market share for mobile services, meaning around 34 million subscribers use its network.

Malware 122

Malware Mobile Data breaches Wireless 122

Security Affairs

DECEMBER 21, 2024

” Recently, The Federal Office for Information Security (BSI) announced it had blocked communication between the 30,000 devices infected with the BadBox malware and the C2. .” continues the report “Second, let’s talk volume. The devices were all located in Germany, they were all using outdatedAndroidversions.

Firmware 144

Firmware Malware Internet Internet 144

Security Affairs

FEBRUARY 16, 2023

During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022.

IoT 98

IoT DDOS Encryption Malware 98

Security Affairs

MARCH 12, 2025

“IoT devices have been constantly targeted by threat actors for multiple reasons” concludes the report. “Proactive identification and management of IoT devices within an organizations network remain essential for mitigating risk and ensuring the resilience of critical infrastructure.”

IoT 86

IoT Malware Encryption DDOS 86

Security Affairs

NOVEMBER 5, 2024

The company discovered the zero-day vulnerabilities in IoT live-streaming cameras, used in industrial operations, healthcare, and other sensitive environments. GreyNoise discovered the two flaws while investigating the use of an exploit detected by its LLM-powered threat-hunting tool Sift.

Firmware 136

Firmware Manufacturing Authentication IoT 136

Security Affairs

MARCH 26, 2024

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The Black Lotus Labs team at Lumen Technologies uncovered an updated version of “ TheMoon ” bot targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices.

IoT 143

IoT Cybercrime Internet Internet 143

Security Affairs

FEBRUARY 8, 2024

Apart from the electronic toothbrush mess, the Internet of Things (IoT) are privileged targets for many threat actors. Some cases underscore the urgency of securing our smart homes. IoT devices, such as smart fridges, smart meters, or thermostats, are often designed with connectivity in mind, but lack of security.

DDOS 144

DDOS IoT Media Internet 144

Krebs on Security

JULY 25, 2023

Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they make it difficult to trace malicious traffic to its original source. SocksEscort began in 2009 as “ super-socks[.]com com , segate[.]org

Malware 245

Malware VPN Internet Internet 245

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. “On August 16th, three days ago, multiple vulnerabilities in a software SDK distributed as part of Realtek chipsets were disclosed by IoT Inspector Research Lab [1]. ” reported IoT Inspector.

IoT 140

IoT Firmware Internet Internet 140

Security Affairs

DECEMBER 26, 2024

“Using a Mirai malware variant that incorporates ChaCha20 and XOR decryption algorithms, it has been seen compromising vulnerable Internet of Things (IoT) devices in the wild, such as the DigiEver DVR, and TP-Link devices through CVE-2023-1389.” .” reads the analysis published by Akamai.

Manufacturing 95

Manufacturing Malware Firmware IoT 95

Security Affairs

OCTOBER 13, 2021

In October 2019, a joint operation conducted by the Netherlands’ National Criminal Investigation Department and National Cyber Security Center allowed to track down and seize five servers that were composing a cybercrime underground bulletproof hosting service. SecurityAffairs – hacking, cybercrime). Pierluigi Paganini.

DDOS 143

DDOS Cybercrime IoT Hacking 143

Security Affairs

OCTOBER 29, 2020

The government agencies receive information about imminent attacks, threat actors are using the TrickBot botnet to deliver the infamous ransomware to the infected systems. “CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.

Healthcare 145

Healthcare Ransomware Cybercrime Advertising 145

Security Affairs

OCTOBER 3, 2019

Dutch police seized a bulletproof hosting service in a major takedown, the infrastructure was used by tens of IoT botnets involved in DDoS attacks. The servers were hosted at an unnamed data center in Amsterdam, it was used by tens of IoT botnets involved in DDoS attacks worldwide. ” continues the statement. Pierluigi Paganini.

DDOS 106

DDOS IoT Cybercrime Advertising 106

Security Affairs

MARCH 2, 2025

DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host Prospero Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware The GitVenom campaign: cryptocurrency theft using GitHub Silent Killers: (..)

Malware 78

Malware Architecture IoT Ransomware 78

Security Affairs

MAY 22, 2021

Experts speculate the operators are members of a Russia-based cybercrime group known as Wizard Spider. The list of victims of the group includes IoT chip maker Advantech , and Broward County Public Schools (BCPS) , and Ireland’s Health Service Executive.

Ransomware 137

Ransomware Healthcare Cyber Attacks Cybercrime 137

Security Affairs

JULY 23, 2021

The IoT botnet was tracked as the “Russian2015” because it was using the domain Russian2015.ru. SecurityAffairs – hacking, cybercrime). appeared first on Security Affairs. The Estonian national Pavel Tsurkan has pleaded guilty in a United States court to two counts of computer fraud and abuse. Pierluigi Paganini.

Computers and Electronics 140

Computers and Electronics IoT Cybercrime Internet 140

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 137

Social Engineering Data breaches Spyware Malware 137

Security Affairs

NOVEMBER 2, 2023

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT have monitored a new evolution of the threat that extended the list of targets.

IoT 139

IoT Manufacturing Malware Hacking 139

Security Boulevard

MARCH 7, 2025

Those stats come from ISACAs Tech Workplace and Culture 2025 report, which is based on a survey of about 7,700 of its members who work in IT areas such as information security, governance, assurance, data privacy and risk management.

Cybersecurity 64

Cybersecurity Scams CSO Risk 64

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Adopt a comprehensive IoT security solution. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT 137

IoT DDOS Malware Firmware 137

Security Affairs

MAY 16, 2021

Experts speculate the operators are members of a Russia-based cybercrime group known as Wizard Spider. The list of victims of the group includes IoT chip maker Advantech , and Broward County Public Schools (BCPS). Since August 2020, the group has launched its leak site to threaten its victim to release the stolen data.

Ransomware 145

Ransomware IoT Cybercrime Media 145

Security Affairs

OCTOBER 3, 2019

Cybercrime is a prolific business, criminal organizations continues to make profits with illegal activities in the cyberspace, but police are ready to contrast them. The servers were hosted at an unnamed data center in Amsterdam, it was used by tens of IoT botnets involved in DDoS attacks worldwide. . “Cyber ??

Cybercrime 111

Cybercrime VPN Advertising Accountability 111

Security Affairs

SEPTEMBER 22, 2024

Protect Your Crypto: Understanding the Ongoing Global Malware Attacks and What We Are Doing to Stop Them CISA warns of Windows flaw used in infostealer malware attacks Exotic SambaSpy is now dancing with Italian users Loki: a new private agent for the popular Mythic framework Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate Gleaming (..)

Malware 137

Malware IoT Healthcare Cryptocurrency 137

Security Affairs

NOVEMBER 15, 2021

The botnet included Internet of Things (IoT) devices and GitLab instances. The attack was launched from approximately 15,000 bots running a variant of the original Mirai code on IoT devices and unpatched GitLab instances.” “This was a multi-vector attack combining DNS amplification attacks and UDP floods.

DDOS 145

DDOS DNS IoT Internet 145

Security Affairs

JUNE 9, 2025

“Exploiting known security flaws in IoT devices and servers that haven’t been patched, along with the widespread use of malware targeting Linux-based systems, leads to a significant number of bots constantly searching the internet for devices to infect.” ” concludes the report.

52

52

Security Affairs

DECEMBER 27, 2019

Threat actors behind ransomware campaigns will switch tactics, leveraging access to organizations available for sale in the cybercrime underground. In 2020, the number of attacks associated with Advanced Persistent Threat actors that haven’t been previously identified by the security researchers will increase. the Mirai bot).

Cybersecurity 98

Cybersecurity IoT Ransomware Advertising 98

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Now researchers from Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT have monitored a new evolution of the threat that extent the list of targets. .

IoT 122

IoT DNS Manufacturing Firmware 122