NXNSAttack technique can be abused for large-scale DDoS attacks

A team of academics from Israel has disclosed today details about NXNSAttack, a vulnerability in DNS servers that can be abused to launch DDoS attacks of massive proportions. According to the research team, NXNSAttack impacts recursive DNS servers and the process Read More …

Coinminer, DDoS Bot Attack Docker Daemon Ports

Researchers found an open directory containing malicious files, which was first reported in a series of Twitter posts by MalwareHunterTeam. Analyzing some of the files, we found a malicious cryptocurrency miner and Distributed Denial of Service (DDoS) bot that targets open Docker daemon Read More …

SORA and UNSTABLE: 2 Mirai Variants Target Video Surveillance Storage Systems

Trend Micro researchers encountered two variants of the notorious internet of things (IoT) malware, Mirai, employing a new propagation method. The two variants, namely SORA (detected as IoT.Linux.MIRAI.DLEU) and UNSTABLE (detected as IoT.Linux.MIRAI.DLEV), gain entry through Rasilient PixelStor5000 video surveillance storage systems by exploiting CVE-2020-6756. Read More …

DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet

Trend Micro recently found notable malware activity affecting devices running Linux, a platform that has battled numerous issues just this year. Further analysis of retrieved malware samples revealed that these actions were connected to a botnet called Momentum (named for the Read More …

DDoS Attacks That Employ TCP Amplification Cause Network Congestion, Secondary Outages

Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks: through TCP amplification. Security company Radware shared its observations on multiple campaigns involving Transmission Control Protocol (TCP) reflection Read More …