April 22, 2020
A new variant of the Hoaxcalls botnet, which can be marshalled for large-scale distributed denial-of-service (DDoS) campaigns, is spreading via an unpatched vulnerability impacting the ZyXEL Cloud CNM SecuManager that was disclosed last month.
That’s according to researchers at Radware, who also said that it’s notable how quickly Hoaxcalls operators have moved to weaponize the ZyXel ... April 10, 2020
In a press release published today, Dutch police said they have successfully taken down 15 DDoS-for-hire services in the span of a week, as part of one of their most successful crackdowns against online DDoS service providers.
The DDoS-for-hire websites, also known as DDoS booters or DDoS stressors, allowed users to sign up and launch DDoS ... February 5, 2020
Trend Micro researchers encountered two variants of the notorious internet of things (IoT) malware, Mirai, employing a new propagation method. The two variants, namely SORA (detected as IoT.Linux.MIRAI.DLEU) and UNSTABLE (detected as IoT.Linux.MIRAI.DLEV), gain entry through Rasilient PixelStor5000 video surveillance storage systems by exploiting CVE-2020-6756.
Mirai is a type of malware that actively searches for IoT devices with vulnerabilities, infects them, and turns ... February 2, 2020
Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company SonicWall.
The attacks are targeting Linear eMerge E3, a product of Nortek Security & Control (NSC).
Linear eMerge E3 devices fall in the hardware category of “access control systems.” They are ... December 16, 2019
Trend Micro recently found notable malware activity affecting devices running Linux, a platform that has battled numerous issues just this year. Further analysis of retrieved malware samples revealed that these actions were connected to a botnet called Momentum (named for the image found in its communication channel). We found new details on the tools and techniques ... November 14, 2019
Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks: through TCP amplification.
Security company Radware shared its observations on multiple campaigns involving Transmission Control Protocol (TCP) reflection attacks, specifically SYN-ACK reflection attacks, against companies across the world. The scope of the impact was ... October 2, 2019
Dutch police have taken down this week a bulletproof hosting provider that has sheltered tens of IoT botnets that have been responsible for hundreds of thousands of DDoS attacks around the world, ZDNet has learned.
Servers were seized, and two men were arrested yesterday at the offices of KV Solutions BV (KV hereinafter), a so-called bulletproof hosting provider, ... September 18, 2019
Insecure Internet-connected devices have aided different types of cybercrime for years, most common being DDoS and spam campaigns. But cybercriminals have now shifted toward a profitable scheme where botnets do not just launch DDoS or spam—they mine cryptocurrencies as well.
Smominru, an infamous cryptocurrency-mining and credential-stealing botnet, has become one of the rapidly spreading computer viruses ... August 12, 2019
A 20-year-old man has been jailed for 16 months after launching cyber attacks against police websites.
Liam Reece Watts used specialist software to overload the Greater Manchester Police and Cheshire Police websites in separate attacks which temporarily brought down the sites.
He said the attack on Cheshire Police was in retaliation for a previous conviction over a ... July 23, 2019
Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps — leveled against Elasticsearch servers. These attacks mostly deliveredcryptocurrency-mining malware, as in the case of one attack we saw last year.
The latest attack we spotted deviates from the ... June 14, 2019
Misconfiguration is not novel. However, cybercriminals still find that it is an effective way to get their hands on organizations’ computing resources to use for malicious purposes and it remains a top security concern. In this blog post, we will detail an attack type where an API misconfiguration in the open-source version of the popular DevOps tool ...