2023, DDOS and Firmware - Cyber Security Informer

Massive Surge in DDoS Attacks Reported in First Quarter of 2023

CyberSecurity Insiders

APRIL 12, 2023

StormWall , a premier cybersecurity firm specializing in the defense of websites, networks, and online services from Distributed Denial of Service (DDoS) attacks, has published an in-depth report on the DDoS landscape during the first quarter of 2023. of DDoS attacks targeting the application layer (L7), 11.7%

DDOS

DDOS Telecommunications Data breaches DNS

Aquabot variant v3 targets Mitel SIP phones

Security Affairs

JANUARY 29, 2025

A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Aquabot is a Mirai-based botnet designed for DDoS attacks. Named after the Aqua filename, it was first reported in November 2023. HF1 (R6.4.0.136). ” continues the report. Support (8021xsupport.html).”

DDOS

DDOS Firmware Malware Firewall

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

Researchers warn of several DDoS botnets exploiting a critical flaw tracked as CVE-2023-28771 in Zyxel devices. Fortinet FortiGuard Labs researchers warned of multiple DDoS botnets exploiting a vulnerability impacting multiple Zyxel firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

DDOS

DDOS Firmware VPN Firewall

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. In the first half of 2023, 97.91% of password brute-force attempts registered by our honeypots targeted Telnet, and only 2.09%, SSH. Our advantages: 1.

IoT

IoT DDOS Passwords Malware

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

In November, Akamai warned of a new Mirai -based DDoS botnet, named InfectedSlurs , actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. and earlier. and earlier (5.0.0

Firmware

Firmware Wireless DDOS IoT

TP-Link High-Severity Flaw Added to Mirai Botnet Arsenal

Heimadal Security

APRIL 27, 2023

A TP-Link Archer A21 (AX1800) consumer-grade WiFi router vulnerability has been used by Mirai botnet to launch DDoS attacks against IoT devices. The flaw in the TP-Link Archer AX21 firmware was discovered back in December 2022, and the company released a patch in March.

Firmware

Firmware DDOS IoT Cybersecurity

Widespread exploitation by botnet operators of Zyxel firewall flaw

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. through 4.73, VPN series firmware versions 4.60

Firewall

Firewall Firmware VPN DDOS

A new Mirai botnet variant targets TP-Link Archer A21

Security Affairs

APRIL 25, 2023

Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451 ) in TP-Link Archer A21 in recent attacks. Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet attempting to exploit the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451, CVSS v3: 8.8)

DDOS

DDOS Engineering Firmware Architecture

Barracuda SecureEdge SASE Review 2023

eSecurity Planet

SEPTEMBER 22, 2023

These one, three, and five year subscriptions provide enhanced support for the hardware, firmware maintenance, security updates, and optional participation in early-release firmware updates. Subscribe The post Barracuda SecureEdge SASE Review 2023 appeared first on eSecurity Planet. You can unsubscribe at any time.

Firewall

Firewall Marketing Firmware Technology

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

The 2023 vendor surveys arriving this quarter paint a picture of a cybersecurity landscape under attack, with priority issues affecting deployment, alert response, and exposed vulnerabilities. Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours

Security Affairs

MAY 31, 2024

Between October 25 and October 27, 2023, the Chalubo malware destroyed more than 600,000 small office/home office (SOHO) routers belonging to the same ISP. Threat actors aimed at creating a botnet used to launch DDoS attacks. The attackers used brute-force attacks (using the root:admin credential) on SSH servers to distribute the bot.

Malware

Malware Internet Internet Firmware

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

Mirai then carried out a massive distributed denial-of-service (DDoS) attacks that knocked down Twitter, Netflix, PayPal and other major web properties. In 2023, the U.S. The Mirai botnet, initially discovered in October 2016 , infected Internet-connected routers, cameras and digital video recorders at scale.

IoT

IoT Government Internet Internet

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches

Data breaches DDOS Ransomware Artificial Intelligence

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs

MAY 21, 2023

X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S. X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S.

Data breaches

Data breaches Cybercrime Ransomware Passwords

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

In this article, we will review the past year’s trends to see which of our 2023 predictions have come true, and try to predict what is to come in 2024. The US Cybersecurity and Infrastructure Security Agency (CISA) provided additional IoCs associated with exploitation of CVE-2023-2868. A review of last year’s predictions 1.

Hacking

Hacking Energy and Utilities Media Malware

Securing Public Sector Against IoT Malware in 2024

Security Boulevard

JANUARY 11, 2024

IoT malware makes presence known in 2023 Based on data from the world’s largest inline security cloud, the recently released ThreatLabz Enterprise IoT and OT Threat Report revealed a 400% year-over-year increase in IoT malware attacks across various industries.

IoT

IoT Malware Education Government

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

eSecurity Planet

MAY 27, 2024

Immediately update your QNAP devices to the most recent firmware to mitigate these issues. If your system is already exposed to a DDoS attack, explore our guidelines on how to perform DDoS attack prevention in three stages. Check for future updates and be cautious while sharing download links to avoid exploitation.

Backups

Backups Authentication DDOS Engineering

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

Pen Test

OCTOBER 12, 2023

How effective are attackers with regard to RF in eavesdropping, DoS & DDoS, MitM, spoofing and malware propagation? DoS & DDoS: Attackers can flood RF channels, causing disruption. What are the common firmware and software vulnerabilities in RF devices that can be exploited? Are there any interesting case studies?

Encryption

Encryption Firmware Surveillance Technology

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

eSecurity Planet

JUNE 10, 2024

The fix: Zyxel issued firmware patches 5.21(AAZF.17)C0 The problem: The Muhstik botnet exploited a severe RCE issue in Apache RocketMQ ( CVE-2023-33246 ) to attack Linux systems and IoT devices for DDoS and cryptomining. 17)C0 for NAS326 and 5.21(ABAG.14)C0 Users should apply these updates right away to protect their devices.

Malware

Malware Authentication Software Telecommunications

Beware the Cyber Ghouls: Spooky Threats Lurking in Digital Shadows

SecureWorld News

OCTOBER 31, 2024

These botnets, networks of compromised devices, can perform attacks without the user realizing it, overwhelming networks, spreading spam, and even launching DDoS attacks. Warding off zombies : Regularly update device firmware, patch IoT devices, and monitor for unusual traffic patterns.

IoT

IoT Phishing DDOS Backups

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said that on May 4, 2023, someone unleashed a spam torrent targeting users on these Mastodon communities via “private mentions,” a kind of direct messaging on the platform. Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack.

Scams

Scams DDOS Cryptocurrency Accountability

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

It directly affected satellite modems firmwares , but was still to be understood as of mid-March. Taking sides: professional ransomware groups, hacktivists, and DDoS attacks. DDoS attacks, in particular, require generating heavy network traffic that attackers typically cannot sustain for very long periods of time.

DDOS

DDOS Ransomware Government Energy and Utilities

Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 15, 2023

FBI and CISA published a new advisory on AvosLocker ransomware More than 17,000 WordPress websites infected with the Balada Injector in September Ransomlooker, a new tool to track and analyze ransomware groups’ activities Apple releases iOS 16 update to fix CVE-2023-42824 on older devices Phishing, the campaigns that are targeting Italy A new (..)

DDOS

DDOS Data breaches Cybercrime Ransomware

Cyber Security Informer

Massive Surge in DDoS Attacks Reported in First Quarter of 2023

Aquabot variant v3 targets Mitel SIP phones

Webinars

Trending Sources

Multiple DDoS botnets were observed targeting Zyxel devices

Webinars

Overview of IoT threats in 2023

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

TP-Link High-Severity Flaw Added to Mirai Botnet Arsenal

Widespread exploitation by botnet operators of Zyxel firewall flaw

A new Mirai botnet variant targets TP-Link Archer A21

Barracuda SecureEdge SASE Review 2023

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Advanced threat predictions for 2024

Securing Public Sector Against IoT Malware in 2024

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

Beware the Cyber Ghouls: Spooky Threats Lurking in Digital Shadows

Interview With a Crypto Scam Investment Spammer

Reassessing cyberwarfare. Lessons learned in 2022

Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected