The Trend Zero Day Initiative (ZDI) Threat Hunting and Trend Research teams have identified a significant RondoDox botnet campaign that targets a wide range of internet-exposed infrastructure.
This campaign consists of over 50 exploits, including unpatched router flaws across over 30 vendors, targeting vulnerabilities found in routers, digital video recorders (DVRs), network video recorders (NVRs), CCTV systems, web servers, and various other network devices. While the exploits specifically exploit vulnerabilities in routers, DVRs, NVRs, CCTV systems, web servers, and networking equipment, the latest RondoDox campaign uses an “exploit shotgun”, using multiple exploits and seeing what hits.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Malicious Packages Across Open-Source Registries: Detection Statistics and Trends (Q2 2025)
August 4, 2025
In this previous blog, Fortiguard Labs highlighted a growing trend in the use of open source software (OSS) repositories as channels for malware distribution in supply chain security. With the continued reliance on third-party packages in development workflows, threat actors are increasingly exploiting vulnerabilities in the open-source ecosystem to propagate malicious code, exfiltrate data, and cause ...
- IoT Security: Your Next Breach Could Start with Your Thermostat
August 4, 2025
Universities are filling up with network-connected devices. Smart locks manage building access. HVAC systems run on automated controls. Cameras stream to command centers. Vending machines, printers, thermostats, research tools, and classroom displays all connect to the network. The Internet of Things (IoT) is everywhere. These devices are often invisible to most of campus life, quietly making ...
- Arkham Says $3.5B LuBian Bitcoin Theft Went Undetected for Nearly Five Years
August 2, 2025
A crypto wallet tied to a little-known Chinese mining pool may have been the victim of the largest bitcoin theft ever recorded, according to new findings from Arkham Intelligence. n an Aug. 2 thread on X, the onchain analytics firm said it had uncovered evidence that 127,426 BTC — worth $3.5 billion at the time — ...
- Luxembourg: Cybercriminals stole thousands from BIL customers using phishing scam
August 2, 2025
After cybercriminals stole thousands from BIL customers using a fake website, the banking association maintains that digital banking tools remain safe, but users must stay vigilant. In the wake of a sophisticated phishing scheme that led to major financial losses for dozens of BIL customers, The Luxembourg Banker’s Association (ABBL) is defending the security of the ...
- Ransomware attacks cripple government services across Dutch Caribbean islands
August 2, 2025
Several major government institutions across the Caribbean part of the Kingdom of the Netherlands were hit by cyberattacks last week, including a ransomware attack on Curaçao’s Tax and Customs Administration that temporarily disabled critical services, NOS reports. According to Curaçao’s Minister of Finance, ransomware was used in the attack on the tax authority. After the breach ...
- Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN
August 1, 2025
In late July 2025, Arctic Wolf observed an increase in ransomware activity targeting SonicWall firewall devices for initial access. In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs. While credential access through brute force, dictionary attacks, and credential stuffing have not yet ...