Krebs on Security

APRIL 30, 2024

Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. After being charged with the attack in October 2022, Kivimäki fled the country. Kivimäki was 15 years old at the time.

DDOS 302

DDOS Cybercrime Hacking Passwords 302

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime 139

Cybercrime Ransomware DDOS Encryption 139

Security Affairs

OCTOBER 11, 2023

A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. The experts observed a surge in botnet activity in September 2023 and reported that it “has aggressively updated its arsenal of exploits.” ” concludes the analysis.

DDOS 134

DDOS Wireless Architecture IoT 134

Security Affairs

JUNE 17, 2023

Polish police, as part of the international law enforcement operation PowerOFF, dismantled a DDoS-for-hire service that has been active since at least 2013. An international operation codenamed PowerOff led to the shutdown of a DDoS-for-hire service that has been active since at least 2013. Viewer discretion is advised.

DDOS 98

DDOS Computers and Electronics Cybercrime Cryptocurrency 98

Security Affairs

OCTOBER 17, 2024

The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The collective Anonymous Sudan has been active since January 2023, it claims to target any country that is against Sudan. The feds also seized the accounts containing the source code for their DDoS tools.

DDOS 122

DDOS Cybercrime Government Hacking 122

Krebs on Security

OCTOBER 31, 2023

” Infoblox determined that until May 2023, domains ending in.info accounted for the bulk of new registrations tied to the malicious link shortening service, which Infoblox has dubbed “ Prolific Puma.” domains were the worst in the world for spam, botnet (attack infrastructure for DDOS etc.) US phishing domains.

Phishing 329

Phishing Telecommunications Malware Scams 329

Krebs on Security

MAY 22, 2023

Chaput said that on May 4, 2023, someone unleashed a spam torrent targeting users on these Mastodon communities via “private mentions,” a kind of direct messaging on the platform. Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. A DIRECT QUOT The domain quot[.]pw

Scams 303

Scams DDOS Cryptocurrency Accountability 303

Security Affairs

NOVEMBER 2, 2023

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. before 5.18.3 before 5.17.6

Ransomware 131

Ransomware Cybercrime Software Encryption 131

Security Affairs

MAY 9, 2023

A DDoS botnet dubbed AndoryuBot has been observed exploiting an RCE, tracked as CVE-2023-25717, in Ruckus access points. FortiGuard Labs researchers have recently observed a spike in attacks attempting to exploit the Ruckus Wireless Admin remote code execution vulnerability tracked as CVE-2023-25717. We are in the final!

DDOS 98

DDOS Wireless Architecture Advertising 98

Security Affairs

MARCH 12, 2025

Cato CTRL researchers observed a new botnet, called Ballista botnet, which is exploiting a remote code execution (RCE) vulnerability, tracked as CVE-2023-1389 (CVSS score 8.8), in TP-Link Archer routers. Since early 2025, Cato CTRL has tracked the Ballista botnet targeting TP-Link Archer routers via CVE-2023-1389.

IoT 72

IoT Malware Encryption DDOS 72

Security Affairs

JUNE 21, 2023

“FortiGuard Labs encountered recent samples of a DDoS -as-a-service botnet calling itself Condi. It attempted to spread by exploiting TP-Link Archer AX21 (AX1800) routers vulnerable to CVE-2023-1389 , which was disclosed in mid-March of this year.” The researchers observed a surge in attacks in May 2023.

DDOS 98

DDOS Malware Advertising Hacking 98

Security Affairs

JANUARY 29, 2025

A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Aquabot is a Mirai-based botnet designed for DDoS attacks. Named after the Aqua filename, it was first reported in November 2023.

DDOS 67

DDOS Firmware Malware Firewall 67

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 265

Cybercrime Banking Computers and Electronics DDOS 265

Krebs on Security

APRIL 4, 2024

Throughout 2023, Tornote was hosted with the Russian provider DDoS-Guard , at the Internet address 186.2.163[.]216. In keeping with the overall theme, these phishing domains appear focused on stealing usernames and passwords to some of the cybercrime underground’s busiest shops, including Brian’s Club.

Phishing 275

Phishing Cryptocurrency DDOS Internet 275

Security Affairs

NOVEMBER 10, 2023

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. “ To be clear, there was no Cloudflare breach.

DDOS 141

DDOS Cryptocurrency Accountability Media 141

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing 130

Marketing Cybercrime DDOS Internet 130

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 129

DDOS VPN Data breaches Cybercrime 129

Security Affairs

JULY 5, 2024

Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks.

DDOS 137

DDOS DNS Encryption Malware 137

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 98

DDOS Cybercrime Spyware Malware 98

Security Affairs

NOVEMBER 22, 2023

Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. ” reads the analysis published by Akamai.

DDOS 135

DDOS Wireless Security Intelligence Authentication 135

Security Affairs

NOVEMBER 11, 2023

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2 Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon Info from 5.6

DDOS 127

DDOS Data breaches Ransomware Marketing 127

Security Affairs

JANUARY 9, 2023

Resecurity outlined a new marketplace called “Kraken” which emerged right beginning of 2023 following Christmas holidays designed in the best traditions of Hydra. The research aims to provide awareness for international law enforcement, cybercrime investigators and intelligence professionals. Pierluigi Paganini.

Marketing 98

Marketing Mobile Cybercrime DDOS 98

Security Affairs

OCTOBER 19, 2023

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape. This is the 11th edition of the annual report and analyzes events that took place between July 2022 and July 2023. appeared first on Security Affairs.

Social Engineering 133

Social Engineering Artificial Intelligence Engineering Ransomware 133

SecureList

JULY 27, 2023

This is our latest installment, focusing on activities that we observed during Q2 2023. Killnet, led by a person nicknamed “KillMilk”, is one of the leaders of the hacktivist movement that uses DDoS as a means of disruption. This campaign remained active until March 2023.

Malware 98

Malware Government Phishing Social Engineering 98

Security Affairs

JUNE 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9

Data breaches 98

Data breaches DDOS Backups Firewall 98

Security Affairs

NOVEMBER 20, 2022

Ukraine Police dismantled a transnational fraud group that made €200 million per year Lockbit gang leaked data stolen from global high-tech giant Thales.

DDOS 98

DDOS Ransomware Cybercrime Phishing 98

Security Affairs

JANUARY 13, 2023

A Pro-Russian group named NoName057(16) is targeting organizations in Ukraine and NATO countries with DDoS attacks. A Pro-Russian cybercrime group named NoName057 (16) (aka 05716nnm or Nnm05716) is behind a wave of DDoS attacks against organizations in Ukraine and NATO countries, SentinelOne researchers reported.

DDOS 98

DDOS Telecommunications DNS Education 98

Security Affairs

JULY 23, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

DDOS 98

DDOS Hacking Spyware Surveillance 98

Security Affairs

AUGUST 27, 2023

military procurement system Spoofing an Apple device and tricking users into sharing sensitive data Israel and US to Invest $3.85 Million in projects for critical infrastructure protection through the BIRD Cyber Program N.

Hacking 98

Hacking Cybercrime Cryptocurrency Ransomware 98

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 98

Data breaches DDOS Ransomware Artificial Intelligence 98

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Cyber Attacks 121

Cyber Attacks Firewall Data breaches Telecommunications 121

Security Affairs

FEBRUARY 11, 2024

Now Cybersecurity expert says the next generation of identity theft is here: ‘Identity hijacking’ Were 3 Million Toothbrushes Really Used for a DDoS Attack? Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Spyware 124

Spyware Surveillance DDOS Identity Theft 124

Security Affairs

MARCH 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches 98

Data breaches DDOS Ransomware Backups 98

Security Affairs

SEPTEMBER 22, 2023

A few days ago, the Pro-Russia group NoName057(16) announced to have launched DDoS attacks on several Canadian organizations, including CBSA, the Canadian Air Transport Security Authority, and the Senate. The attacks severely impacted operations at several Canadian airports last week.

DDOS 137

DDOS Data breaches Cyber Attacks Mobile 137

Security Affairs

MAY 27, 2023

New Buhti ransomware operation uses rebranded LockBit and Babuk payloads New PowerExchange Backdoor linked to an Iranian APT group Dark Frost Botnet targets the gaming sector with powerful DDoS New CosmicEnergy ICS malware threatens energy grid assets D-Link fixes two critical flaws in D-View 8 network management suite Zyxel firewall and VPN devices (..)

Cybercrime 98

Cybercrime Ransomware Malware Hacking 98

Security Affairs

JULY 23, 2024

Since 2022, the Cyber Army of Russia Reborn (CARR) has launched a series of low-impact DDoS attacks against entities in Ukraine and other countries that offered support to Ukraine. In late 2023, CARR claimed attacks on industrial control systems in the U.S.

DDOS 145

DDOS Government Hacking Accountability 145

Security Affairs

APRIL 25, 2023

Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451 ) in TP-Link Archer A21 in recent attacks. Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet attempting to exploit the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451, CVSS v3: 8.8)

DDOS 98

DDOS Engineering Firmware Architecture 98