January 17, 2024 at 01:57PM Summary: The cybercrime syndicate ‘Bigpanzi’ has been infecting Android TV and eCos set-top boxes to create a large botnet used for illegal activities, including media streaming, DDoS attacks, and content provision. Their customized malware, pandoraspear and pcdn, poses serious cybersecurity threats. The scale of their operations, involving over 1.3 million … Read more
January 11, 2024 at 11:07AM Anonymous Sudan launched a “massive cyberattack” on Sudachad, a telecommunications provider in Chad. The attack targeted critical infrastructure, leading to a collapse in Internet connectivity on Jan. 10. The group cited Chad’s support for the paramilitary group Rapid Support Forces as the motive. Sudachad holds a 20-year concession agreement for … Read more
January 9, 2024 at 10:56AM Ukraine and Germany are accused of launching a cyberattack to disrupt a Bangladesh national election app. The app, used to provide election updates and candidate data, is impacted by slow performance. Although the exact nature of the attack is not specified, it’s suspected to be caused by botnets from Ukraine … Read more
December 28, 2023 at 10:02AM DDoS attacks and zero-day threats continue to plague cybersecurity due to their effectiveness, with OpenAI attributing ChatGPT issues to a DDoS attack. The rise in IoT vulnerabilities and new network protocols contributes to the surge in attacks, prompting the need for robust anti-DDoS strategies, including scalable infrastructure, traffic monitoring, and … Read more
December 14, 2023 at 05:16PM NKAbuse is a new Go-based multi-platform malware exploiting NKN (New Kind of Network) technology. It targets Linux desktops, IoT devices, and supports MIPS, ARM, and 386 architectures. It uses NKN for DDoS attacks and as a remote access trojan, making it difficult to detect and defend against. Its use of … Read more
November 27, 2023 at 06:11AM A man believed to be the leader of the cybercrime gang Killnet, known as “Killmilk,” has allegedly been exposed by Russian state media. Killmilk is known for launching major attacks on targets like US government agencies and hospitals. The FBI’s takedown of the Qakbot botnet has significantly reduced attempted exploits … Read more
November 16, 2023 at 03:16PM Researchers at AhnLab Security Emergency Response Center (ASEC) have discovered a new campaign targeting MySQL servers with the ‘Ddostf’ malware botnet. The attackers exploit vulnerabilities or weak credentials to gain access to the servers and use user-defined functions (UDFs) to execute commands. The primary payload is the Ddostf bot client, … Read more
November 14, 2023 at 07:33AM Threat actors are targeting publicly-accessible Docker Engine API instances to create a DDoS botnet called OracleIV. Attackers exploit the misconfiguration to install a malicious Docker container, which contains Python malware. The container also retrieves a shell script from a command-and-control (C&C) server. Cloud security firm Cado observed no evidence of … Read more
October 12, 2023 at 09:57AM The ShellBot threat actors are using hexadecimal IP addresses to attack Linux SSH servers and deploy DDoS malware. The malware, also known as PerlBot, breaches servers with weak SSH credentials and then stages DDoS attacks and delivers cryptocurrency miners. The use of hexadecimal IP addresses is an attempt to avoid … Read more
October 10, 2023 at 06:06PM Microsoft’s October Patch Tuesday update addressed two zero-day vulnerabilities that were actively being attacked, affecting Microsoft WordPad and Skype for Business. A critical-rated bug in Message Queuing was also patched. The update included a total of 103 CVEs, with 13 critical-rated vulnerabilities and 20% of the fixes related to Microsoft … Read more