February 4, 2024 at 12:19PM The FritzFrog botnet has resurfaced, using the Log4Shell vulnerability to target internal hosts within compromised networks. It has expanded its targets to healthcare, education, and government sectors and now deploys cryptocurrency miners. FritzFrog also utilizes SSH brute-force and CVE-2021-4034 to escalate privileges, making efforts to avoid detection. Akamai is tracking … Read more
January 31, 2024 at 05:30AM Multiple Hitron DVR device models are exploited by the InfectedSlurs botnet, utilizing vulnerabilities to launch DDoS attacks. Akamai reports discovering six zero-day vulnerabilities and urges immediate firmware updates and password changes. CISA advises isolating these devices, using VPNs, and collaborating for a comprehensive security approach. KISA has also issued alerts … Read more
December 16, 2023 at 11:53AM Akamai’s Security Intelligence Response Team discovered the ‘InfectedSlurs’ botnet exploiting zero-day vulnerabilities in routers and QNAP VioStor NVR devices, resulting in a DDoS swarm. Two vulnerabilities, CVE-2023-49897 and CVE-2023-47565, were leveraged. Akamai published follow-up reports as security updates became available. Affected users are advised to update firmware, change passwords, and … Read more
November 22, 2023 at 12:40PM The ‘InfectedSlurs’ botnet is a new malware that exploits two zero-day vulnerabilities to infect routers and video recorder devices. It uses the hijacked devices to carry out distributed denial of service (DDoS) attacks for profit. The botnet was discovered by Akamai in late October 2023 and targets specific NVR and … Read more