DDOS, Firmware and Surveillance - Cyber Security Informer

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. CVE-2017-17215 targets Huawei HG532 routers.

DDOS

DDOS Firmware Surveillance IoT

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

Dark web services: DDoS attacks, botnets, and zero-day IoT vulnerabilities Of all IoT-related services offered on the dark web, DDoS attacks are worth examining first. See translation I’m the world’s best-known DDoS attacker for hire (getting ahead of myself here). Our advantages: 1. Tested, tried.

IoT

IoT DDOS Passwords Malware

Security Affairs newsletter Round 376 by Pierluigi Paganini

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? and Blackmatter ransomware U.S.

Firmware

Firmware Malware Surveillance DDOS

The Death botnet grows targeting AVTech devices with a 2-years old exploit

Security Affairs

JULY 25, 2018

AVTech is one of the world’s leading CCTV manufacturers, it is the largest public-listed company in the Taiwan surveillance industry. EliteLands is using a 2-years old exploit that could be used to trigger tens of well-known vulnerabilities in the AVTech firmware. ” Stay tuned.

Firmware

Firmware Passwords Advertising IoT

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches

Data breaches DDOS Ransomware Artificial Intelligence

Experts discloses dangerous flaws in robotic Dongguan Diqee 360 smart vacuums

Security Affairs

JULY 20, 2018

Positive Technologies discovered two flaws affecting Dongguan Diqee 360 smart vacuums that can be used to perform video surveillance. “Like any other IoT device, these robot vacuum cleaners could be marshalled into a botnet for DDoS attacks, but that’s not even the worst-case scenario, at least for owners.

Firmware

Firmware Surveillance Technology Authentication

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

Pen Test

OCTOBER 12, 2023

How effective are attackers with regard to RF in eavesdropping, DoS & DDoS, MitM, spoofing and malware propagation? DoS & DDoS: Attackers can flood RF channels, causing disruption. Criminals may use hijacked drones for illegal surveillance, smuggling, or even as weapons. Are there any interesting case studies?

Encryption

Encryption Firmware Surveillance Technology

APT trends report Q1 2022

SecureList

APRIL 27, 2022

Subsequently, DDoS attacks hit several government websites. In December we were made aware of a UEFI firmware-level compromise through logs from our firmware scanning technology. These changes allowed the attackers to intercept the original flow of the firmware code and have it executed alongside a sophisticated infection chain.

Malware

Malware Firmware Government Phishing

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

ForAllSecure

OCTOBER 5, 2021

That would make this denial of service attack roughly twice as powerful as any similar previously recorded DDoS attack at the time. That said, there would not be any DDoS attack, and the targets, say, on the other hand, if you lock the traffic from the c&c server, you might not be infected.

IoT

IoT DDOS Malware Internet

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

At the end of September, at the Kaspersky Security Analyst Summit , our researchers provided an overview of FinSpy , an infamous surveillance toolset that several NGOs have repeatedly reported being used against journalists, political dissidents and human rights activists. FinSpy: analysis of current capabilities.

Malware

Malware Banking Energy and Utilities Accountability

What is Malware? Definition, Purpose & Common Protections

eSecurity Planet

OCTOBER 21, 2022

Once a system is infected, ransomware attacks usually come in 3 stages: Surveillance: The hackers scan their target for more information on the system they are attacking. Firmware rootkits are also known as “hardware rootkits.”.

Malware

Malware Adware Spyware Antivirus

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

In May, Ars Technica reported that BootGuard private keys had been stolen following a ransomware attack on Micro-Star International (MSI) in March this year (firmware on PCs with Intel chips and BootGuard enabled will only run if it is digitally signed using the appropriate keys).

Hacking

Hacking Energy and Utilities Media Malware

Exposed security cameras in Israel and Palestine pose significant risks

Security Affairs

OCTOBER 10, 2023

This would allow them to view live feeds and record footage, which could be used for surveillance, reconnaissance, or gathering sensitive information. Also, like any other smart device, exposed cameras could be exploited by cybercriminals building botnets for denial of service (DDoS) attacks or any other malicious activities.

Risk

Risk Encryption VPN Passwords

Over 100 million Hikvision devices hit by critical cyber vulnerability

CyberSecurity Insiders

SEPTEMBER 24, 2021

China-based video surveillance related product offering company Hikvision has issued a security advisory saying that all those using their security cameras and NVRs must know a critical vulnerability on its devices that could allow hackers to take control of the cameras and use them as bots to launch DDoS or other related attacks.

Surveillance

Surveillance Firmware DDOS IoT

Cyber Security Informer

Beastmode Mirai botnet now includes exploits for Totolink routers

Overview of IoT threats in 2023

Trending Sources

Security Affairs newsletter Round 376 by Pierluigi Paganini

The Death botnet grows targeting AVTech devices with a 2-years old exploit

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Experts discloses dangerous flaws in robotic Dongguan Diqee 360 smart vacuums

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

APT trends report Q1 2022

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

IT threat evolution Q3 2021

What is Malware? Definition, Purpose & Common Protections

Advanced threat predictions for 2024

Exposed security cameras in Israel and Palestine pose significant risks

Over 100 million Hikvision devices hit by critical cyber vulnerability

Stay Connected