March 19, 2023
A new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS (distributed denial of service) swarm with the potential for massive attacks.
The new botnet was discovered by researchers at Akamai at the start of the year, who caught it on their HTTP and SSH honeypots, seen ... March 17, 2023
In the last year, geopolitical tension has led to an uptick of reported cybercrime events fueled by hacktivist groups. The US Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn organizations about these attacks and teamed with the FBI on a distributed denial-of-service (DDoS) response strategy guide. KillNet, a group that the US ... March 8, 2023 Fortinet has disclosed a “Critical” vulnerability impacting FortiOS and FortiProxy, which allows an unauthenticated attacker to execute arbitrary code or perform denial of service (DoS) on the GUI of vulnerable devices using specially crafted requests.
This buffer underflow vulnerability is tracked as CVE-2023-25610 and has a CVSS v3 score of 9.3, rating it critical. This type ... February 21, 2023
As organizations strengthen their defenses and take a more proactive approach to protection, attackers are adapting their techniques and increasing the sophistication of their operations. Cybercrime continues to rise with the industrialization of the cybercrime economy providing cybercriminals with greater access to tools and infrastructure.
In the first half of 2022, the cyberthreat landscape was focused ... February 15, 2023
From July to December 2022, Unit 42 researchers observed a Mirai variant called V3G4, which was leveraging several vulnerabilities to spread itself. The vulnerabilities exploited include the following:
CVE-2012-4869: FreePBX Elastix Remote Command Execution Vulnerability
Gitorious Remote Command Execution Vulnerability
CVE-2014-9727: FRITZ!Box Webcam Remote Command Execution Vulnerability
Mitel AWC Remote Command Execution Vulnerability
Read more…
Source: Palo Alto Unit 42
February 13, 2023
This weekend, Cloudflare blocked what it describes as the largest volumetric distributed denial-of-service (DDoS) attack to date.
The attacks were launched using over 30,000 IP addresses from multiple cloud providers against various targets, including gaming providers, cloud computing platforms, cryptocurrency firms, and hosting providers.
Read more…
Source: Bleeping Computer
February 7, 2023
A new version of the Medusa DDoS (distributed denial of service) botnet, based on Mirai code, has appeared in the wild, featuring a ransomware module and a Telnet brute-forcer.
Medusa is an old malware strain (not to be confused with the same-name Android trojan) being advertised in darknet markets since 2015, which later added HTTP-based DDoS ... February 6, 2023
A free tool aims is helping organizations defend against KillNet distributed-denial-of-service (DDoS) bots and comes as the US government issued a warning that the Russian cybercrime gang is stepping up its network flooding attacks against hospitals and health clinics.
At current count, the KillNet open proxy IP blocklist lists tens of thousands of proxy IP addresses ... February 1, 2023
A Russian hacking group has claimed to have taken down the University of Iowa Hospitals and Clinics website, along with the websites of dozens of other hospitals nationwide.
UIHC has acknowledged its website is down Tuesday afternoon and its IT staff is investigating the cause but could not confirm whether it was the result of a ... January 30, 2023
Russian hackers have proved yet again how quickly cyber attacks can be used to respond to global events with a series of DDoS attacks on German infrastructure and government websites in response to the country’s plan to send tanks to Ukraine.
The efforts, according to Germany’s cyber security agency, the BSI, were largely in vain. “Currently, ... January 23, 2023
Russia’s largest internet service provider Rostelecom says 2022 was a record year for Distributed denial of service attacks (DDoS) targeting organizations in the country.
DDoS attacks are cyberattacks aimed at making an internet-connected website or service unavailable by overwhelming it with many requests that deplete the server’s ability to accept new connections, causing the service to ...