December 18, 2021
Apache has released version 2.17.0 of the patch for Log4j after discovering issues with their previous release, which came out on Tuesday.
Apache said version 2.16 “does not always protect from infinite recursion in lookup evaluation” and explained that it is vulnerable to CVE-2021-45105, a denial of service vulnerability. They said the severity is “high” and ... December 14, 2021
A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228.
The description of the new vulnerability, CVE 2021-45046, says the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was “incomplete in certain non-default configurations.”
“This could allow attackers… to craft malicious input data using a JNDI ... December 9, 2021
Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks.
MikroTik is a Latvian manufacturer of routers and wireless ISPs who has sold over 2,000,000 devices globally.
In August, the Mēris botnet exploited vulnerabilities in MikroTik routers to create an army of devices that performed a record-breaking DDoS ... November 29, 2021
Cannazon, one of the largest dark web marketplaces for buying marijuana products, shut down last week after suffering a debilitating distributed denial of service attack.
As the admins explained in a message signed with the market’s PGP key, they are officially retiring and claim not to be pulling an exit scam on their vendors.
The admins posted ... November 10, 2021
Telnyx is the latest VoIP telephony provider targeted with distributed denial-of-service (DDoS) attacks, causing worldwide outages since yesterday.
Telnyx is a voice over Internet Protocol (VoIP) company that provides worldwide telephony services over the Internet, including in the Americas, EMEA, APAC, and Australia regions.
Read more…
Source: Bleeping Computer
November 10, 2021
A critical security bug in the Citrix Application Delivery Controller (ADC) and Citrix Gateway could allow cyberattackers to crash entire corporate networks without needing to authenticate.
The two affected Citrix products (formerly the NetScaler ADC and Gateway) are used for application-aware traffic management and secure remote access, respectively. The federated working specialist pushed out a security ... November 8, 2021
Q3 2021 brought two new DDoS attack vectors, potentially posing a serious threat, including for major web resources. A team of researchers from the University of Maryland and the University of Colorado Boulder found a way to spoof the victim’s IP address over TCP. To date, amplification attacks have mostly been carried out using the ... November 5, 2021
Cloudflare released its Q3 DDoS Attack Trends report this week, capping a record-setting quarter that saw a number of devastating attacks on VoIP services.
Cloudflare researchers said they saw the several “record-setting HTTP DDoS attacks, terabit-strong network-layer attacks and one of the largest botnets ever deployed (Meris),” noting the emergence of ransom DDoS attacks on voice ... October 11, 2021
Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers.
DDoS for hire
The threat actor was arrested at his home in Prykarpattia where he was allegedly using the botnet to perform DDoS attacks or to support other malicious activity for his clients.
This activity included ... September 20, 2021
Threat actors are targeting voice-over-Internet provider VoIP.ms with a DDoS attack and extorting the company to stop the assault that’s severely disrupting the company’s operation.
VoIP.ms is an Internet phone service company that provides affordable voice-over-IP service to businesses around the world.
Read more…
Source: Bleeping Computer
September 10, 2021
A new Android banking trojan named SOVA (“owl” in Russian) is under active development, researchers said, and it has big dreams even in its infancy stage. The malware is looking to incorporate distributed denial of service (DDoS), man in the middle (MiTM) and ransomware functionality into its arsenal – on top of existing banking overlay, ...