The Trend Zero Day Initiative (ZDI) Threat Hunting and Trend Research teams have identified a significant RondoDox botnet campaign that targets a wide range of internet-exposed infrastructure.
This campaign consists of over 50 exploits, including unpatched router flaws across over 30 vendors, targeting vulnerabilities found in routers, digital video recorders (DVRs), network video recorders (NVRs), CCTV systems, web servers, and various other network devices. While the exploits specifically exploit vulnerabilities in routers, DVRs, NVRs, CCTV systems, web servers, and networking equipment, the latest RondoDox campaign uses an “exploit shotgun”, using multiple exploits and seeing what hits.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cartier confirms data breach, warns customers of potential targeted attacks
June 2, 2025
Cartier, the famous jewellery and watchmaker, is owned by Richemont, a Swiss-based luxury conglomerate has notified customers of a data breach that exposed limited personal information following a security lapse in its systems. The brand said the breach was swiftly contained and emphasised that no financial or sensitive login data was compromised. In a letter sent ...
- Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
May 31, 2025
A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names. The leaks include thousands of chat logs, personal videos, and ransom negotiations tied to some of the most notorious cyber-extortion gangs —believed to have raked in billions from companies, hospitals, ...
- Eight things we learned from WhatsApp vs. NSO Group spyware lawsuit
May 30, 2025
On May 6, WhatsApp scored a major victory against NSO Group when a jury ordered the infamous spyware maker to pay more than $167 million in damages to the Meta-owned company. The ruling concluded a legal battle spanning more than five years, which started in October 2019 when WhatsApp accused NSO Group of hacking more than ...
- Melbourne-based financial services and advice firm hit with cyber attack
May 30, 2025
Financial services aggregate 3P Corporation has denied its data was breached in an April attack; however, hackers have published more than 200 gigabytes of internal documents and customer data online. The Space Bears ransomware gang listed Victorian financial services firm 3P Corporation as a victim on its darknet leak site in early April, and has since ...
- Exploits and vulnerabilities in Q1 2025
May 30, 2025
The first quarter of 2025, like previous ones, demonstrates a significant number of newly documented vulnerabilities. The trend largely mirrors previous years, so we will focus on new data that can be collected for the most popular platforms. This report examines the characteristics of vulnerabilities in the Linux operating system and Microsoft software, specifically the Windows ...
- Santesoft Releases Security Update for Sante DICOM Viewer Pro
May 30, 2025
The US Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Medical Advisory for a vulnerability in Santesoft Sante DICOM Viewer Pro. Sante DICOM Viewer Pro is an application for viewing, processing, and editing DICOM-format medical images. CVE-2025-5307 has a CVSSv4 score of 8.4 and is an ‘out-of-bounds read’ vulnerability, which means ...