May 9, 2024 at 04:29PM New data from Nexusguard’s DDoS Statistical Trends Report 2024 shows a shift in DDoS tactics with increased attacks on computers and servers, shorter but more powerful attacks, and increased targeting of Windows OS devices. Additionally, politically charged motives are driving attacks on vital services. HTTPS Flood and DNS Amplification attacks … Read more
May 2, 2024 at 06:27AM A new botnet named Goldoon exploits D-Link routers through a long-standing vulnerability, allowing for remote code execution. This botnet uses a dropper script to download and execute the Goldoon malware, enabling diverse attack methods, including DDoS flooding. This development reflects the persistent evolution of botnets, which increasingly target routers for … Read more
April 17, 2024 at 10:22AM Multiple botnets are exploiting a command-injection flaw in TP-Link Archer AX21 routers for DDoS attacks. Despite a patch being available for CVE-2023-1389, threat actors are using unpatched devices to deploy botnets like Moobot, Miori, Agoent, Gafgyt, and variants of Mirai. Fortiguard advises applying patches and vigilance against DDoS botnets targeting … Read more
April 12, 2024 at 01:32AM Multiple French municipal governments experienced a “large-scale cyber attack” on shared servers, causing disruptions to services in Saint-Nazaire, Montoir-de-Bretagne, Donges, La Chapelle-des-marais, Porniche, Sonadev, and the Agency for the Sustainable Development of the Saint Nazaire Region. The origin and duration of the attack are unknown, with potential links to pro-Russia … Read more
April 11, 2024 at 10:48AM AWS VP and Distinguished Engineer, Tom Scholl, is actively combating DDoS attacks by addressing the long-standing issue of IP spoofing. By engaging with external networks and leveraging AWS’s global visibility, they have made significant strides in disrupting IP spoofing-based attacks. The company’s efforts not only protect its own network but … Read more
April 9, 2024 at 10:45AM RUBYCARP, a suspected Romanian threat group, has been running a botnet for over 10 years, using it for crypto mining, DDoS, and phishing. The group utilizes various public exploits and brute-force attacks, communicates through IRC networks, and employs a malware called ShellBot. Their activities include exploiting security flaws, creating a … Read more
April 2, 2024 at 01:05AM Security teams in the region are bolstering their defenses in response to short-staffing and heightened DDoS, phishing, and ransomware attacks during the Muslim holy month. Based on the meeting notes, the key discussion points are related to how security teams in the region are enhancing their defenses to cope with … Read more
March 22, 2024 at 09:54AM CISA, FBI, and MS-ISAC have issued updated joint guidance on defending against DoS and DDoS attacks. The guidance categorizes attacks, provides mitigation recommendations, and outlines differences between DoS and DDoS attacks. Organizations are advised to conduct risk assessments, implement network monitoring, and activate incident response plans to minimize potential damage … Read more
February 7, 2024 at 12:25PM The widely reported story about 3 million electric toothbrushes being hacked with malware for DDoS attacks appears to be a hypothetical scenario rather than an actual attack. The dramatic story lacked verification and was likely misunderstood or taken out of context. It serves as a reminder to keep internet-exposed devices … Read more
February 4, 2024 at 12:19PM CERT-UA has warned of over 2,000 computers in Ukraine infected with DirtyMoe malware, attributed to threat actor UAC-0027. The malware conducts cryptojacking and DDoS attacks, and is propagated through Purple Fox and fake software installers. Another campaign known as STEADY#URSA targets Ukrainian military personnel with a PowerShell backdoor. Gamaredon is … Read more