Security Affairs

DECEMBER 17, 2023

In November, Akamai warned of a new Mirai -based DDoS botnet, named InfectedSlurs , actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) and earlier. and earlier (5.0.0

Firmware 138

Firmware Wireless DDOS IoT 138

Security Affairs

APRIL 2, 2022

Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. ” concludes the report.

DDOS 98

DDOS Firmware Surveillance IoT 98

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices.

Architecture 145

Architecture DDOS Advertising DNS 145

Security Affairs

MARCH 19, 2022

In some cases, the gang also threatened and conducted distributed denial-of-service (DDoS) attacks during negotiations. In some cases, AvosLocker negotiators also threaten and launche distributed denial-of-service (DDoS) attacks during negotiations, likely when the victims are not cooperating, to convince them to comply with their demands.

Ransomware 118

Ransomware DDOS Passwords Backups 118

Security Affairs

JUNE 1, 2023

“Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 Mirai botnets are frequently used to conduct DDoS attacks.”

Firewall 98

Firewall Firmware VPN DDOS 98

Security Affairs

JULY 16, 2022

Critical flaw in Netwrix Auditor application allows arbitrary code execution CISA urges to fix multiple critical flaws in Juniper Networks products Threat actors exploit a flaw in Digium Phone Software to target VoIP servers Tainted password-cracking software for industrial systems used to spread P2P Sality bot Experts warn of attacks on sites using (..)

Firmware 117

Firmware Ransomware DDOS Cryptocurrency 117

Security Affairs

AUGUST 23, 2022

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert confirmed that every firmware developed since 2016 has been tested and found to be vulnerable.

Hacking 123

Hacking Firmware Internet Internet 123

Security Affairs

MARCH 21, 2020

. “ Mukashi brute forces the logins using different combinations of default credentials, while informing its command and control (C2) server of the successful login attempts. Multiple, if not all, Zyxel NAS products running firmware versions up to 5.21 The bot supports various commands, like Mirai, such as launching DDoS attacks.

DDOS 134

DDOS Authentication Advertising Firmware 134

Security Affairs

DECEMBER 22, 2022

com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The Go-based botnet spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT 125

IoT DDOS Malware Firmware 125

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks.

IoT 145

IoT DDOS Architecture Passwords 145

Security Affairs

APRIL 25, 2023

Working exploits for LAN and WAN interface accesses were respectively reported by Team Viettel and Qrious Security. In March, TP-Link released a firmware update to address multiple issues, including this vulnerability. The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event. ” continues the report. .”

DDOS 98

DDOS Engineering Firmware Architecture 98

Security Affairs

SEPTEMBER 10, 2019

The hardware of the terminals is equipped with Shenzen technology, while the firmware is based on BusyBox Linux Debian. . According to Kunz, more than one million devices are potentially at risk, an attacker can trigger the flaws to build a huge botnet that could be used to launch powerful DDoS attacks. ” continues the experts.

IoT 109

IoT Hacking Firmware Advertising 109

Security Affairs

APRIL 16, 2021

HTTP flooding is a kind of DDoS attack in which the attacker sends a large number of HTTP requests to the targeted server to overwhelm it. UDP flooding is a type of DDoS attack in which an attacker sends several UDP packets to the victim server as a means of exhausting it. HTTP flooding module. Figure 1: HTTP flooder module.

Malware 130

Malware DDOS IoT Authentication 130

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? and Blackmatter ransomware U.S.

Malware 98

Malware Firmware Surveillance DDOS 98

Security Affairs

SEPTEMBER 20, 2020

Recently Check Point researchers warned of a surge in the DDoS attacks against education institutions and the academic industry across the world. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Education 145

Education Ransomware Antivirus Backups 145

Security Affairs

SEPTEMBER 18, 2022

billion Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems Some firmware bugs in HP business devices are yet to be fixed Albania was hit by a new cyberattack and blames Iran Iran-linked APT42 is behind over 30 espionage attacks. Follow me on Twitter: @securityaffairs and Facebook.

Firmware 100

Firmware DDOS Hacking Healthcare 100

Krebs on Security

JULY 25, 2023

. “This class of cybercrime activity threat may evade detection because it is less likely than a crypto-miner to be noticed by the owner, and it is unlikely to warrant the volume of abuse complaints that internet-wide brute-forcing and DDoS-based botnets typically draw,” Lumen’s Black Lotus researchers wrote.

Malware 240

Malware VPN Internet Internet 240

Security Affairs

MARCH 13, 2022

LockBit ransomware group claims to have hacked Bridgestone Americas Attackers use website contact forms to spread BazarLoader malware Russian Internet watchdog Roskomnadzor is going to ban Instagram Ubisoft suffered a cyber security incident that caused a temporary disruption Anonymous hacked Roskomnadzor agency revealing Russian disinformation Open (..)

Data breaches 98

Data breaches Firmware Hacking Ransomware 98

Security Affairs

APRIL 24, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.

Cyber Insurance 100

Cyber Insurance Spyware Firmware Hacking 100

Security Affairs

OCTOBER 30, 2019

A Russian security researcher accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders. The Russian security researcher Anna Prosvetova, from Saint Petersburg, has accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders.

Hacking 69

Hacking Firmware Advertising DDOS 69

Security Affairs

AUGUST 20, 2021

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks.

IoT 107

IoT DNS Manufacturing Firmware 107

Security Affairs

MAY 31, 2024

Threat actors aimed at creating a botnet used to launch DDoS attacks. The experts believe with high confidence that the malicious firmware update was a deliberate act intended to cause an outage. Chalubo (ChaCha-Lua-bot) is a Linux malware that was first spotted in late August 2018 by Sophos Labs while targeting IoT devices.

Malware 124

Malware Internet Internet Firmware 124

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 98

Data breaches DDOS Ransomware Artificial Intelligence 98

Security Affairs

AUGUST 4, 2022

All the affected models have a patched firmware available for download on the vendor’s website.” . “The attack can lead to a full compromise of the device and may lead to a network breach and unauthorized access to internal resources. Leak of the sensitive data stored on the router (keys, administrative passwords, etc.)

Hacking 100

Hacking Internet Internet Passwords 100

Security Affairs

MAY 21, 2023

X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S. X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S.

Data breaches 98

Data breaches Cybercrime Ransomware Passwords 98

Security Affairs

NOVEMBER 20, 2021

U.S. (..)

Banking 75

Banking Small Business Data breaches Firmware 75

Security Affairs

OCTOBER 13, 2020

Nobody told them that their coffee machine could be hacked into or that their camera could be used to launch a DDoS attack. Even if a local network is completely secured and all IoT devices on it have firmware and software updated to the last version, a shadow IoT device can wreak havoc. Shadow IoT Devices.

IoT 142

IoT Cybersecurity Manufacturing Internet 142

eSecurity Planet

JULY 25, 2023

Botnets : Networks of compromised computers are controlled by a central attacker and used for various malicious activities such as launching coordinated distributed denial of service ( DDoS ) attacks, providing a staging point for attacks on other victims, or distributing spam.

Software 98

Software Data breaches Ransomware DDOS 98

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. “On Twitter, more spam and crypto scam.”

Scams 300

Scams DDOS Cryptocurrency Accountability 300

Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. DDoS Attacks Leverage Plex Media Server. Avanan: State of Email Security Report: SOC teams spend a quarter of their day handling suspicious emails.

Energy and Utilities 145

Energy and Utilities Ransomware DDOS Accountability 145

Security Affairs

OCTOBER 15, 2023

FBI and CISA published a new advisory on AvosLocker ransomware More than 17,000 WordPress websites infected with the Balada Injector in September Ransomlooker, a new tool to track and analyze ransomware groups’ activities Apple releases iOS 16 update to fix CVE-2023-42824 on older devices Phishing, the campaigns that are targeting Italy A new (..)

DDOS 121

DDOS Data breaches Ransomware Cybercrime 121

Malwarebytes

MARCH 6, 2025

The German BSI (Federal Office for Information Security) started the disruption campaign in December by blocking the malware on 30,000 devices. This traffic can for example serve in DDoS attacks or as a platform to spread fake news and disinformation. The BadBox botnet focuses on Android devices, but not just phones.

Manufacturing 87

Manufacturing Firmware DDOS Malware 87