Security Affairs

DECEMBER 28, 2024

Pro-Russia group NoName057 targets Italian sites, including Malpensa and Linate airports, in a new DDoS campaign amid rising geopolitical tensions. The pro-Russia group NoName57 continues its campaign of DDoS attacks against Italian infrastructure. At the time of this writing, the websites are still facing problems.

DDOS 129

DDOS Artificial Intelligence Government Cybercrime 129

Security Affairs

JANUARY 30, 2025

Italys data privacy regulator Garante has requested information from Chinese AI company DeepSeek regarding its data practices. The Authority carried out some tests on the service and determined that the information it provides does not always match factual circumstances so inaccurate personal data are processed.

Artificial Intelligence 76

Artificial Intelligence Data collection DDOS Data privacy 76

Security Affairs

MAY 8, 2025

Polish police arrested 4 people behind DDoS-for-hire platforms used in global attacks, offering takedowns for as little as 10 via six stresser services. “ Stresser/booter services are online platforms that offer Distributed Denial of Service (DDoS) attacks as a paid service. .“ Europol, the U.S.,

DDOS 90

DDOS Marketing Government Hacking 90

Security Affairs

OCTOBER 21, 2024

Internet Archive Zendesk emails sent by the threat actor Source: BleepingComputer The message highlights a poor security posture by the Internet Archive. Hunt will add the information of the impacted users to HIBP very soon. Hunt also verified the authenticity of the information included in the stolen archive.

Internet 131

Internet Internet Data breaches Authentication 131

Security Affairs

MAY 16, 2025

HTTPBot uses an attack ID for precise control and employs advanced DDoS tactics like HTTP Floods and obfuscation to bypass traditional detection methods. “HTTPBot has taken a different approach by developing a range of HTTP-based attack methods to conduct transactional (business) DDoS attacks. ” concludes the report.

DDOS 114

DDOS Education IoT Malware 114

Security Affairs

JANUARY 8, 2025

Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers to launch DDoS attacks since November 2024. Operators behind the botnet also launched DDoS attacks against researchers tracking it. Gayfemboys grouping information is based on device details. Key targets include China, the U.S.,

DDOS 121

DDOS Hacking Government Cybercrime 121

Security Affairs

JUNE 22, 2025

Additionally, with network propagation capabilities and a DDoS option introduced in April 2025, Qilin enhances its adaptability for various attack scenarios.” . “A notable feature is the “Call Lawyer” function, which provides legal consultation to increase pressure during ransom negotiations.

Ransomware 122

Ransomware DDOS Cybercrime Healthcare 122

Security Affairs

NOVEMBER 10, 2024

Per a South Korean president’s office statement, the government is actively countering increased DDoS attacks from pro-Russian hacktivist groups, targeting public and private websites. “The government is actively responding to distributed denial of service (DDoS) attacks targeting some public and private websites.

DDOS 116

DDOS Government Cyber threats Hacking 116

Security Affairs

JANUARY 16, 2025

” The botnet size enables diverse attacks, from DDoS to phishing, spreading malware via SOCKS proxies, and amplifying C2 operations while masking attackers’ identities. The SPF information is included in the domains DNS records as a TXT record.

DNS 139

DNS Malware Firmware Authentication 139

Security Affairs

NOVEMBER 16, 2024

A botnet employed in DDoS or cryptomining attacks is exploiting a zero-day in end-of-life GeoVision devices to grow up. ” The botnet was used to carry out DDoS or cryptomining attacks. ” reads the advisory published by TWCERT.

DDOS 133

DDOS Internet Internet Hacking 133

Security Affairs

OCTOBER 14, 2024

. “The Dutch police have conducted a cybercrime investigation into the large dual dark web market ‘Bohemia/Cannabia’ This was a dark web market where illegal goods, such as drugs, and DDoS attacks were offered. It is the largest and longest running international dark web market of all time worldwide.”

Marketing 130

Marketing Cybercrime DDOS Cryptocurrency 130

Security Affairs

DECEMBER 19, 2024

Threat actors initially compromised the devices, and then employed them in DDoS attacks. These systems have been infected with the Mirai malware and were subsequently used as a DDOS attack source to other devices accessible by their network.” ” read the report published by Juniper Networks.

DDOS 69

DDOS Firmware Firewall Passwords 69

Security Affairs

MARCH 20, 2025

The use of popular instant messaging apps on both mobile and desktop devices broadens the attack surface, creating uncontrolled information exchange channels that bypass security measures. DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched.

Computers and Electronics 110

Computers and Electronics Telecommunications Malware Surveillance 110

Security Affairs

DECEMBER 26, 2024

Source Associated Press The airline determined that threat actors carried out distributed denial-of-service (DDoS) attack to overwhelm the target systems in an attempt to crash them. JAL’s systems have fully resumed operation following the attack.

Cyber Attacks 124

Cyber Attacks DDOS Government Hacking 124

Security Affairs

JUNE 18, 2025

“If the vulnerability is successfully exploited, threat actors behind the Flodrix botnet can cause full system compromise, DDoS attacks, and potential loss or exposure of sensitive information hosted on affected Langflow servers.” Flodrix connects to a C&C server, enabling DDoS attacks. In May, the U.S.

DDOS 112

DDOS Malware Encryption Hacking 112

Security Affairs

MARCH 10, 2025

Therefore, it is recommended that users conduct a comprehensive asset assessment, verify their usage scenarios, and update PHP to the latest version to ensure security. Akamai researchers also observed threat actors behind the DDoS botnet Muhstik exploiting this vulnerability.

DDOS 107

DDOS Security Intelligence Hacking Malware 107

Security Affairs

JULY 9, 2025

“The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA) (hereafter referred to as the authoring agencies) strongly urge organizations to remain vigilant for potential targeted cyber activity against U.S.

Ransomware 112

Ransomware Cyber threats Encryption DDOS 112

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 119

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 119

Security Affairs

JANUARY 29, 2025

A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Aquabot is a Mirai-based botnet designed for DDoS attacks. They often claim it is for DDoS mitigation testing, but experts pointed out that it spreads Mirai malware and is used for real attacks.

DDOS 71

DDOS Firmware Malware Firewall 71

Security Affairs

FEBRUARY 15, 2025

Aquabot is a Mirai-based botnet designed for DDoS attacks. At the end of January, Akamai researchers spotted a new variant of the Mirai -based botnet Aquabot that is targeting vulnerable Mitel SIP phones. Named after the Aqua filename, it was first reported in November 2023.

Spyware 110

Spyware DDOS Hacking Authentication 110

Security Affairs

APRIL 28, 2025

These web shells gave attackers full control of the server, enabling activities like injecting ads, redirecting visitors, stealing billing data, launching DDoS attacks, or conducting ransomware operations. -Fork, p0wny, and WSO) into the website’s uploads folder.

Phishing 93

Phishing DDOS Accountability Hacking 93

Security Affairs

MARCH 5, 2025

Most infected devices are security cameras and network video recorders (NVRs), which are used to launch DDoS attacks. “On 26 Feb 2025, the Deepfield Emergency Response Team (ERT) identified a significant new Distributed Denial-of-Service (DDoS) botnet, now tracked under “Eleven11bot.” discovered on 2025-03-02.

IoT 78

IoT DDOS Hacking Passwords 78

Security Affairs

JANUARY 28, 2025

The AI company did not share details about the attack or its origin, however likely the platform was targeted by a massive DDoS attack. .” reads a statement published by the company on its status page. The company announced that is still investigating the issue.

Artificial Intelligence 120

Artificial Intelligence DDOS Architecture Marketing 120

Security Affairs

JANUARY 31, 2025

Italy’s data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek ‘s chatbot service within the country, citing a lack of information on its use of users’ personal data. The AI-powered chatbot, recently launched globally, has rapidly gained popularity reaching millions of users.

Artificial Intelligence 63

Artificial Intelligence Data collection DDOS Risk 63

Security Affairs

MARCH 12, 2025

Below the descriptions of the backdoors provided by Mandiant: The following malware samples were identified: appid – TINYSHELL-based active backdoor, mimicking a legitimate binary named appidd (Application Identification Daemon) to – TINYSHELL-based active backdoor, mimicking a legitimate binary named top (Table of Processes) irad – (..)

Telecommunications 69

Telecommunications Malware DDOS Technology 69

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency 114

Cryptocurrency Hacking Malware Data breaches 114

BH Consulting

OCTOBER 24, 2024

The malevolent seven: ENISA report identifies prime cybersecurity threats Ransomware; malware; social engineering; threats against data; threats against availability (denial of service); information manipulation and interference; and supply chain attacks. Information Security Buzz has a good summary of the main points.

Social Engineering 69

Social Engineering Passwords Cybersecurity Ransomware 69

Security Affairs

MARCH 12, 2025

It spreads by exploiting CVE-2023-1389 and can execute remote shell commands or launch DoS/DDoS attacks when instructed by the C2 server. The malware kills previous instances, deletes itself to evade detection, reads system configuration files, and establishes an encrypted C2 channel on port 82.

IoT 76

IoT Malware Encryption DDOS 76

SecureWorld News

APRIL 13, 2025

Source Predictive analysis: Artificial intelligence uses predictive analytics to review historical data to determine trends, spot threats and risks, and update machine learning models dynamically with new information. AI effectively identifies and prevents bots based on their behavior or IP addresses that differ from human activity.

Cybersecurity 99

Cybersecurity Artificial Intelligence Threat Detection Cyber threats 99

Security Affairs

JUNE 22, 2025

Tbps DDoS attack Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses virtualization to hijack banking and crypto apps Cloudflare blocked record-breaking 7.3

Data breaches 65

Data breaches DDOS Backups Internet 65

Security Affairs

MARCH 9, 2025

Cellebrite zero-day exploit used to target phone of Serbian student activist One in Four Cyberattacks in 2024 Traced to Infostealers, Huntress Reports Uncovering.NET Malware Obfuscated by Encryption and Virtualization Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal Satori Threat Intelligence Disruption: BADBOX 2.0

Malware 69

Malware DDOS Hacking Ransomware 69

Security Affairs

MARCH 8, 2025

Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist Serbian student activists phone hacked using Cellebrite zero-day exploit Qilin ransomware gang claimed responsibility for the Lee Enterprises attack Meta fired 20 employees for leaking information, more firings expected International Press Newsletter Cybercrime U.S.

Data breaches 71

Data breaches Hacking Cybercrime Artificial Intelligence 71

Security Affairs

MAY 8, 2025

The botnet was used to carry out DDoS or cryptomining attacks. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. reads the advisory published by TWCERT. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.

DDOS 69

DDOS Internet Internet Hacking 69

Security Affairs

MAY 4, 2025

Hello A 2024 Zero-Day Exploitation Analysis Wormable Zero-Click Remote Code Execution (RCE) in AirPlay Protocol Puts Apple & IoT Devices at Risk SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models When Space Goes Dark: Inside the Cyberattack on Polands Space Agency Lessons from a Blue Team failure Intelligence and (..)

Cybercrime 74

Cybercrime Cyber Attacks Phishing Malware 74

Security Affairs

FEBRUARY 23, 2025

CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog Juniper Networks fixed a critical flaw in Session Smart Routers China-linked APT group Winnti targets Japanese organizations since March 2024 Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers (..)

Scams 69

Scams Encryption Malware Phishing 69

Security Affairs

NOVEMBER 10, 2024

CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog Canadian authorities arrested alleged Snowflake hacker Android flaw CVE-2024-43093 may be under limited, targeted exploitation July 2024 ransomware attack on the City of Columbus impacted 500,000 people Nigerian man Sentenced to 26+ years in real estate phishing scams Russian (..)

Cybercrime 120

Cybercrime Ransomware Phishing Banking 120

Security Affairs

JULY 16, 2025

Hundreds of group supporters were warned about their legal liability for aiding the group’s DDoS attacks, often driven by pro-Russian ideology. The pro-Russian hacker group NoName057(16) has ramped up DDoS attacks against countries supporting Ukraine, many of them NATO members.

DDOS 67

DDOS Cybercrime Cryptocurrency Hacking 67