Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721

The abuse of known security flaws to deploy bots on vulnerable systems is a widely recognized problem. Many automated bots constantly search the web for known vulnerabilities in servers and devices connected to the internet, especially those running popular services. Read More …

Cyber Criminal Proxy Services Exploiting End of Life Routers

The Federal Bureau of Investigation (FBI) is issuing this announcement to inform individuals and businesses about proxy services taking advantage of end of life routers that are susceptible to vulnerabilities. When a hardware device is end of life, the manufacturer Read More …

Outlaw cybergang attacking targets worldwide

In a recent incident response case in Brazil, we dealt with a relatively simple, yet very effective threat focused on Linux environments. Outlaw (also known as “Dota”) is a Perl-based crypto mining botnet that typically takes advantage of weak or Read More …

New Rust Botnet “RustoBot” is Routed via Routers

FortiGuard Labs recently discovered a new botnet propagating through TOTOLINK devices. Unlike previous malware targeting these devices, this variant is written in Rust—a programming language introduced by Mozilla in 2010. Due to its Rust-based implementation, we’ve named the malware “RustoBot.” Read More …

Thousands of TP-Link routers have been infected by a botnet to spread malware

According to a new report from the Cato CTRL team, the Ballista botnet exploits a remote code execution vulnerability that directly impacts the TP-Link Archer AX-21 router. The botnet can lead to command injection which then makes remote code execution Read More …

New botnet unleashes record-breaking DDoS attacks

A new botnet dubbed “Eleven11bot” has emerged, delivering what security researchers believe are the largest distributed denial-of-service (DDoS) attacks ever recorded. The botnet, primarily composed of compromised webcams and video recorders, has triggered widespread service disruptions and ignited a debate Read More …

Huge cyber attack under way – 2.8 million IPs being used to target VPN devices

A wide range of Virtual Private Network (VPN) and other networking devices are currently under attack by threat actors trying to break in to wider networks, experts have warned. Threat monitoring platform The Shadowserver Foundation warned about the ongoing attack Read More …

Dangerous new botnet targets webcams, routers across the world

Cybersecurity researchers from the Qualys Threat Research Unit have observed a new large-scale operation exploiting vulnerabilities in IP cameras and routers to build out a botnet. In a technical analysis, Qualys said the attackers were mostly exploiting CVE-2017-17215 and CVE-2024-7029, Read More …