June 22, 2020
Researchers at Trend Micro have recently detected variants of two existing Linux botnet malware types targeting exposed Docker servers; these are XORDDoS malware (detected by Trend Micro as Backdoor.Linux.XORDDOS.AE) and Kaiji DDoS malware (detected by Trend Micro as DDoS.Linux.KAIJI.A).
Having Docker servers as their target is a new development for both XORDDoS and Kaiji; XORDDoS was known ... May 19, 2020
A team of academics from Israel has disclosed today details about NXNSAttack, a vulnerability in DNS servers that can be abused to launch DDoS attacks of massive proportions.
According to the research team, NXNSAttack impacts recursive DNS servers and the process of DNS delegation.
Recursive DNS servers are DNS systems that pass DNS queries upstream in order to ... May 6, 2020
Researchers found an open directory containing malicious files, which was first reported in a series of Twitter posts by MalwareHunterTeam. Analyzing some of the files, we found a malicious cryptocurrency miner and Distributed Denial of Service (DDoS) bot that targets open Docker daemon ports.
The attack starts with the shell script named mxutzh.sh, which scans for open ports (2375, ... May 6, 2020
Since the beginning of 2020, due to the COVID-2019 pandemic, life has shifted almost entirely to the Web — people worldwide are now working, studying, shopping, and having fun online like never before. This is reflected in the goals of recent DDoS attacks, with the most targeted resources in Q1 being websites of medical organizations, ... April 22, 2020
A new variant of the Hoaxcalls botnet, which can be marshalled for large-scale distributed denial-of-service (DDoS) campaigns, is spreading via an unpatched vulnerability impacting the ZyXEL Cloud CNM SecuManager that was disclosed last month.
That’s according to researchers at Radware, who also said that it’s notable how quickly Hoaxcalls operators have moved to weaponize the ZyXel ... April 10, 2020
In a press release published today, Dutch police said they have successfully taken down 15 DDoS-for-hire services in the span of a week, as part of one of their most successful crackdowns against online DDoS service providers.
The DDoS-for-hire websites, also known as DDoS booters or DDoS stressors, allowed users to sign up and launch DDoS ... February 5, 2020
Trend Micro researchers encountered two variants of the notorious internet of things (IoT) malware, Mirai, employing a new propagation method. The two variants, namely SORA (detected as IoT.Linux.MIRAI.DLEU) and UNSTABLE (detected as IoT.Linux.MIRAI.DLEV), gain entry through Rasilient PixelStor5000 video surveillance storage systems by exploiting CVE-2020-6756.
Mirai is a type of malware that actively searches for IoT devices with vulnerabilities, infects them, and turns ... February 2, 2020
Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company SonicWall.
The attacks are targeting Linear eMerge E3, a product of Nortek Security & Control (NSC).
Linear eMerge E3 devices fall in the hardware category of “access control systems.” They are ... December 16, 2019
Trend Micro recently found notable malware activity affecting devices running Linux, a platform that has battled numerous issues just this year. Further analysis of retrieved malware samples revealed that these actions were connected to a botnet called Momentum (named for the image found in its communication channel). We found new details on the tools and techniques ... November 14, 2019
Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks: through TCP amplification.
Security company Radware shared its observations on multiple campaigns involving Transmission Control Protocol (TCP) reflection attacks, specifically SYN-ACK reflection attacks, against companies across the world. The scope of the impact was ... October 2, 2019
Dutch police have taken down this week a bulletproof hosting provider that has sheltered tens of IoT botnets that have been responsible for hundreds of thousands of DDoS attacks around the world, ZDNet has learned.
Servers were seized, and two men were arrested yesterday at the offices of KV Solutions BV (KV hereinafter), a so-called bulletproof hosting provider, ...