eSecurity Planet

JANUARY 28, 2022

Microsoft in November fended off a massive distributed denial-of-service (DDoS) attack in its Azure cloud that officials said was the largest ever recorded, the latest in a wave of record attacks that washed over the IT industry in the second half of 2021. Also read: How to Stop DDoS Attacks: 6 Tips for Fighting DDoS Attacks.

DDOS 137

DDOS IoT Engineering Internet 137

Security Affairs

APRIL 24, 2020

The Hoaxcalls IoT botnet expanded the list of targeted devices and has added new distributed denial of service (DDoS) capabilities. The botnet was initially designed to launch DDoS attacks using UDP, DNS and HEX floods. Experts also noticed that the new variant implements 16 new DDoS capabilities. Pierluigi Paganini.

DDOS 139

DDOS IoT Advertising DNS 139

Security Affairs

FEBRUARY 4, 2021

Netlab researchers spotted a new Android malware, dubbed Matryosh , that is infecting devices to recruit them in a distributed denial-of-service (DDoS) botnet. The main purpose of the Android botnet is to carry out DDoS attacks. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. .

DDOS 138

DDOS DNS Antivirus Malware 138

Security Affairs

JULY 4, 2019

The peculiarity of this new piece of malware is the ability to communicate with C2 servers via DNS over HTTPS ( DoH ). The DoH protocol was a new standard proposed in October 2018 and it is currently supported by several publicly available DNS servers. com domain. ” states the analysis. ” states the analysis.

DNS 107

DNS Malware Advertising DDOS 107

Security Affairs

MARCH 4, 2022

Russian government released a list containing IP addresses and domains behind DDoS attacks that hit Russian infrastructure after the invasion. SecurityAffairs – hacking, DDoS). The post These are the sources of DDoS attacks against Russia, local NCCC warns appeared first on Security Affairs. Pierluigi Paganini.

DDOS 98

DDOS DNS Backups Data breaches 98

Security Affairs

JANUARY 27, 2022

Tbps distributed denial of service (DDoS) attack targeting an Azure customer. Microsoft announced that its Azure DDoS protection platform has mitigated a record 3.47 The news of the attack was reported in the “ Azure DDoS Protection —2021 Q3 and Q4 DDoS attack trends.” ” reads the report. Tbps and 2.55

DDOS 98

DDOS Digital transformation DNS Cyber Risk 98

Security Affairs

JULY 5, 2024

Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks.

DDOS 136

DDOS DNS Encryption Malware 136

Security Affairs

OCTOBER 25, 2019

This week Amazon Web Services (AWS) suffered a major distributed denial-of-service (DDoS) attack that made it unavailable for some customers. This week, threat actors launched a massive DDoS attack against Amazon Web Services (AWS) causing the inability of some customers to access their AWS S3 buckets. SecurityAffairs – Amazon, DDoS).

DDOS 74

DDOS DNS Advertising Engineering 74

Security Affairs

JULY 22, 2021

Multiple major websites, including Steam, AWS, Amazon, Google, and Salesforce, went offline due to Akamai DNS global outage. A software configuration update triggered a bug in the Akamai DNS which took offline major websites, including Steam, the PlayStation Network, AWS, Google, and Salesforce. SecurityAffairs – hacking, DNS).

Software 132

Software DNS DDOS Technology 132

Security Affairs

AUGUST 30, 2021

Who is behind the massive and prolonged Distributed Denial of Service (DDoS) attack that hit the Philippine human rights alliance Karapatan? The traces lead us to an Israeli firm offering access to millions of proxies in mobile operators, data centers and residential buildings – a perfect infrastructure to hide the source of DDoS attacks.

DDOS 121

DDOS DNS Mobile Authentication 121

Security Affairs

DECEMBER 12, 2021

The attack_init function is also discarded, and the ddos attack function is called directly by the command processing function. During this process, a number of DNS requests are generated.” The analysis of the ELF sample revealed that it supports DDoS and backdoor commands. ” reads the post published by NetLab 360.

DDOS 145

DDOS DNS Passwords Authentication 145

Security Affairs

MAY 18, 2021

Uptycs’ threat research team discovered a new botnet, tracked as Simps botnet, attributed to Keksec group, which is focused on DDOS activities. Uptycs’ threat research team has discovered a new Botnet named ‘Simps’ attributed to Keksec group primarily focussed on DDOS activities. Figure 6: Simps ELF execution. Conclusion.

DDOS 138

DDOS Malware Architecture IoT 138

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Communication with C&C servers is based on DNS requests and it uses a special mechanism translating DNS results to a real IP address. ” concludes the analysis.”

DNS 145

DNS Internet Internet Malware 145

Security Affairs

JANUARY 19, 2021

The attacks aimed at compromising the tarted systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaign. Supports UDP and TCP packets, but also application layer protocols such as HTTP, DNS, SSDP, and SNMP Protocol packing support created by the attacker.

DDOS 143

DDOS DNS Malware Internet 143

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands.

IoT 145

IoT Firmware Advertising DNS 145

Security Affairs

JANUARY 13, 2023

A Pro-Russian group named NoName057(16) is targeting organizations in Ukraine and NATO countries with DDoS attacks. A Pro-Russian cybercrime group named NoName057 (16) (aka 05716nnm or Nnm05716) is behind a wave of DDoS attacks against organizations in Ukraine and NATO countries, SentinelOne researchers reported.

DDOS 98

DDOS Telecommunications DNS Education 98

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). Qihoo 360’s Netlab Cybersecurity researchers discovered a huge botnet, tracked as Pink, that already infected over 1.6 million devices.

Architecture 145

Architecture DDOS Advertising DNS 145

Security Affairs

NOVEMBER 21, 2019

.” The analysis of the bot revealed that it supports seven functions: reverse shell, self-uninstall, gather process’ network information, gather Bot information, execute system commands, run encrypted files specified in URLs, DDoS attack, etc.

DDOS 107

DDOS Advertising System Administration DNS 107

Security Affairs

MARCH 10, 2020

This campaign ultimately gives threat actors complete access to the target machine, so they can use it for anything from conducting DDoS attacks to stealing sensitive data off the machine.” Others appear to be the infrastructure owned by the threat group, judging by multiple hostnames , DNS data, etc.

Hacking 145

Hacking Malware Advertising DNS 145

Security Affairs

AUGUST 20, 2021

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks.

IoT 106

IoT DNS Manufacturing Firmware 106

Security Affairs

DECEMBER 18, 2019

Experts revealed details on the tools and techniques used by the botnet to compromise Linux devices and recruit them in launching distributed denial-of-service (DDoS) attacks. “Smart and connected devices are prone compromise because of limited security settings and protection options. ” concludes the analysis.

Malware 97

Malware DDOS Advertising DNS 97

Security Affairs

FEBRUARY 5, 2021

The malicious code also leverages other techniques to avoid detection, for example it modifies the system DNS resolvers and uses Google’s public DNS servers to bypass DNS monitoring tools. The malicious code names the IRC process “bioset”, which is the name of a well-known Linux kernel process bioset , to avoid detection.

Malware 117

Malware DNS Cryptocurrency Internet 117

Security Affairs

AUGUST 22, 2021

million customers Adobe addresses two critical vulnerabilities in Photoshop Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR Kalay cloud platform flaw exposes millions of IoT devices to hack Fortinet FortiWeb OS Command Injection allows takeover servers remotely 1.9

Data breaches 104

Data breaches Mobile Ransomware Hacking 104

Security Affairs

SEPTEMBER 25, 2022

Every week the best security articles from Security Affairs free for you in your email box. gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3 gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3

Cryptocurrency 100

Cryptocurrency Data breaches DNS DDOS 100

Security Affairs

JANUARY 5, 2022

The IT giant also confirmed that Webtoos DDoS malware was also deployed via the Log4Shell vulnerability. . However, attackers are adding obfuscation to these requests to evade the detection based on request analysis.

Malware 126

Malware DNS DDOS Cryptocurrency 126

Security Affairs

MARCH 20, 2022

EU and US agencies warn that Russia could attack satellite communications networks Avoslocker ransomware gang targets US critical infrastructure Crooks claims to have stolen 4TB of data from TransUnion South Africa Exotic Lily initial access broker works with Conti gang Emsisoft releases free decryptor for the victims of the Diavol ransomware China-linked (..)

DNS 98

DNS Antivirus DDOS Hacking 98

Security Affairs

MAY 8, 2022

F5 warns its customers of tens of flaws in its products China-linked Winnti APT steals intellectual property from companies worldwide Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites Experts linked multiple ransomware strains North Korea-backed APT38 group An expert shows how to stop popular ransomware samples (..)

IoT 98

IoT DNS Antivirus Malware 98

Security Affairs

SEPTEMBER 1, 2021

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks.

IoT 103

IoT DNS Manufacturing Passwords 103

eSecurity Planet

APRIL 26, 2024

Server: Provides powerful computing and storage in local, cloud, and data center networks to run services (Active Directory, DNS, email, databases, apps). Domain name system (DNS) security: Protects the DNS service from attempts to corrupt DNS information used to access websites or to intercept DNS requests.

Architecture 122

Architecture Network Security Firewall Risk 122

Security Affairs

AUGUST 4, 2022

Leak of the sensitive data stored on the router (keys, administrative passwords, etc.)

Hacking 100

Hacking Internet Internet Passwords 100

Security Affairs

NOVEMBER 29, 2019

The past months have shown that the most dangerous hacks involved DNS hijacking, which helped attackers manipulate DNS records for MITM attacks. Such threats, including traffic manipulation and DDoS attacks, will become much more frequent and effective due to the large number of insecure devices connected and wide bandwidth.

Banking 122

Banking Telecommunications Marketing Internet 122

Security Affairs

MARCH 6, 2019

Criminals have used common attack vectors in the past, such as website defacements and denial-of-service distributed attacks (DDoS). To carried out this attack, crooks modified the DNS record of a popular web accessibility plugin from nagich[.]com. This attack has the goal of infecting Windows users with the JCry ransomware.

Ransomware 106

Ransomware Encryption Malware Cyber Attacks 106

Security Affairs

MARCH 6, 2019

Criminals have used common attack vectors in the past, such as website defacements and denial-of-service distributed attacks (DDoS). To carried out this attack, crooks modified the DNS record of a popular web accessibility plugin from nagich[.]com. This attack has the goal of infecting Windows users with the JCry ransomware.

Ransomware 40

Ransomware Encryption Malware Cyber Attacks 40

Security Affairs

MAY 16, 2021

Every week the best security articles from Security Affairs free for you in your email box.

Ransomware 102

Ransomware Banking DNS DDOS 102

Security Affairs

JANUARY 26, 2025

President Donald Trump granted a “full and unconditional pardon” to Ross Ulbricht, Silk Road creator Pwn2Own Automotive 2025 Day 1: organizers awarded $382,750 for 16 zero-days Subaru Starlink flaw allowed experts to remotely hack cars Two ransomware groups abuse Microsofts Office 365 platform to gain access to target organizations Cloudflare (..)

DDOS 61

DDOS Hacking Penetration Testing Malware 61