DDOS, Firmware, Information Security and Internet

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

Researchers warn of several DDoS botnets exploiting a critical flaw tracked as CVE-2023-28771 in Zyxel devices. Fortinet FortiGuard Labs researchers warned of multiple DDoS botnets exploiting a vulnerability impacting multiple Zyxel firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

DDOS

DDOS Firmware VPN Firewall

Yandex is under the largest DDoS attack in the history of Runet

Security Affairs

SEPTEMBER 9, 2021

The Russian internet service provider Yandex is under a massive distributed denial-of-service (DDoS) attack that began last week. The record magnitude of the massive DDoS attack was also confirmed by the US company Cloudflare, which specializes in the protection against such kinds of attacks.

DDOS

DDOS Internet Internet Firmware

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

In November, Akamai warned of a new Mirai -based DDoS botnet, named InfectedSlurs , actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) and earlier. and earlier (5.0.0

Firmware

Firmware Wireless DDOS IoT

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack.

Scams

Scams DDOS Cryptocurrency Accountability

Widespread exploitation by botnet operators of Zyxel firewall flaw

Security Affairs

JUNE 1, 2023

“Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 Mirai botnets are frequently used to conduct DDoS attacks.”

Firewall

Firewall Firmware VPN DDOS

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Security Affairs

DECEMBER 8, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Firmware

Firmware DDOS Malware IoT

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert confirmed that every firmware developed since 2016 has been tested and found to be vulnerable.

Hacking

Hacking Firmware Internet Internet

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. WHO’S BEHIND SOCKSESCORT?

Malware

Malware VPN Internet Internet

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December.

IoT

IoT DDOS Malware Firmware

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

“The attack can be performed without user interaction if the management interface of the device has been configured to be internet facing. All the affected models have a patched firmware available for download on the vendor’s website.” ” reads the advisory published by Trellix. ” continues the analysis.

Hacking

Hacking Internet Internet Passwords

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack.

IoT

IoT Firmware DNS Advertising

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices.

Architecture

Architecture DDOS Advertising Firmware

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches

Data breaches Firmware Hacking Ransomware

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks.

IoT

IoT DNS Manufacturing Firmware

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks.

IoT

IoT DDOS Architecture Passwords

Thousands of Xiaomi FURRYTAIL pet feeders exposed to hack

Security Affairs

OCTOBER 30, 2019

A Russian security researcher accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders. The Russian security researcher Anna Prosvetova, from Saint Petersburg, has accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders.

Hacking

Hacking Firmware Advertising DDOS

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

The hardware of the terminals is equipped with Shenzen technology, while the firmware is based on BusyBox Linux Debian. . According to Kunz, more than one million devices are potentially at risk, an attacker can trigger the flaws to build a huge botnet that could be used to launch powerful DDoS attacks. ” continues the experts.

IoT

IoT Hacking Firmware Advertising

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. A hacker managed to identify a weak spot in a security camera model. Unfortunately, at that moment, there were over 300,000 of those cameras connected to the internet.

IoT

IoT Cybersecurity Manufacturing Internet

What is Incident Response? Ultimate Guide + Templates

eSecurity Planet

JULY 25, 2023

Botnets : Networks of compromised computers are controlled by a central attacker and used for various malicious activities such as launching coordinated distributed denial of service ( DDoS ) attacks, providing a staging point for attacks on other victims, or distributing spam.

Software

Software Data breaches DDOS Ransomware

Cyber Security Roundup for March 2021

Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. I wrote a blog post about my concerns given Linux is embedded everywhere, yet many of these systems are rarely, and even never updated with security updates.

Energy and Utilities

Energy and Utilities Ransomware DDOS Accountability

Cyber Security Informer

Multiple DDoS botnets were observed targeting Zyxel devices

Yandex is under the largest DDoS attack in the history of Runet

Webinars

Trending Sources

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Webinars

Interview With a Crypto Scam Investment Spammer

Widespread exploitation by botnet operators of Zyxel firewall flaw

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Over 80,000 Hikvision cameras can be easily hacked

Who and What is Behind the Malware Proxy Service SocksEscort?

A new Zerobot variant spreads by exploiting Apache flaws

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs newsletter Round 357 by Pierluigi Paganini

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Mozi Botnet is responsible for most of the IoT Traffic

Thousands of Xiaomi FURRYTAIL pet feeders exposed to hack

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

What is Incident Response? Ultimate Guide + Templates

Cyber Security Roundup for March 2021

Stay Connected