July 23, 2024 at 06:27AM UK authorities, in collaboration with the FBI and PSNI, disrupted the illegal DDoS service DigitalStress, seizing its domain and warning visitors of law enforcement action. The NCA noted the takedown’s significance and ongoing data analysis to identify users. This action was part of Operation Power Off to combat DDoS-for-hire services. … Read more
July 22, 2024 at 02:23PM The US government imposed sanctions on two Russian cybercriminals, Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, for cyberattacks on critical infrastructure. Pankratova leads the hacktivist group Cyber Army of Russia Reborn (CARR), while Degtyarenko is the primary hacker. CARR targeted industrial systems at critical infrastructure sites in the US and … Read more
July 5, 2024 at 12:26AM Cybersecurity researchers discovered a new botnet, Zergeca, capable of DDoS attacks. It supports six attack methods, proxying, scanning, self-upgrading, reverse shell, and more. Notably, it uses DNS-over-HTTPS for C2 communications and continuous development. Linked to previous botnet activity, it targeted Canada, Germany, and the U.S. with ACK flood DDoS attacks. … Read more
June 11, 2024 at 10:51AM Cybersecurity researchers have unveiled the activities of a Chinese threat actor called SecShow, targeting open DNS resolvers globally, potentially for malicious purposes. Meanwhile, a financially-motivated threat actor advertises a botnet service, Rebirth, targeting game servers for DDoS attacks. This reflects an increasing trend of cyber threats targeting gaming communities for … Read more
June 7, 2024 at 12:06PM In 2023, cyberattacks caused substantial damage, but many could have been prevented with basic cyber hygiene. An upcoming webinar, “Better Basics Win the Cybersecurity Threat War: Defend, Deter, and Save,” will cover the latest cybersecurity trends, the power of CIS Controls and Benchmarks, and the benefits of CIS SecureSuite Membership. … Read more
June 7, 2024 at 06:38AM A pro-Russia hacktivist crew, NoName57(16), and seven other groups have threatened to launch cyber attacks on European internet infrastructure during the EU elections. Their plan is to retaliate against the EU for opposing Russia’s invasion of Ukraine. Mandiant has linked some of these hacktivists to the Russian military Sandworm gang. … Read more
May 31, 2024 at 07:36AM Over 600,000 small office/home office (SOHO) routers of a single ISP were disabled by the Chalubo remote access trojan (RAT) in a deliberate event, impacting model from ActionTec and Sagemcom. The incident occurred over 72 hours in late October 2023. Lumen Technologies reported 49% of the impacted routers were offline … Read more
May 30, 2024 at 02:57PM The ‘Pumpkin Eclipse’ botnet attack in October 2023 targeted a specific ISP in the Midwest, resulting in the destruction of 600,000 SOHO routers, disrupting internet access for customers. The attackers used a destructive botnet named Chalubo and its unique aspects suggest a deliberate, unattributed cyber attack. The incident caused significant … Read more
May 28, 2024 at 05:28PM A recent surge in Mirai DDoS botnet variant, CatDDoS, has targeted organizations globally. Multiple gangs have exploited at least 80 vulnerabilities, affecting various technologies and products. The threat remains active and has compromised over 300 targets per day. DDoS attacks, primarily targeting individual computers and servers, continue to grow in … Read more
May 9, 2024 at 04:29PM New data from Nexusguard’s DDoS Statistical Trends Report 2024 shows a shift in DDoS tactics with increased attacks on computers and servers, shorter but more powerful attacks, and increased targeting of Windows OS devices. Additionally, politically charged motives are driving attacks on vital services. HTTPS Flood and DNS Amplification attacks … Read more