May 14, 2024 at 10:07AM Attackers are exploiting DNS tunneling to track victims’ network activity and infrastructure vulnerabilities. This advanced technique enables them to hide malicious data within legitimate outbound DNS traffic, evading traditional detection methods. Researchers have identified campaigns using DNS tunneling for tracking user behavior and network scanning, urging organizations to control resolver … Read more
March 14, 2024 at 10:51AM BotGuard OU has raised €12 million (~$13.1 million) in a Series A funding round, led by MMC Ventures, Tera Ventures, Expeditions Fund, and angel investors. The Estonia-based company offers an AI-driven solution to filter web traffic, mitigate threats, and reduce management costs. The investment will support technology advancement and team … Read more
January 23, 2024 at 01:05PM New findings from Infoblox reveal a massive “criminal affiliate program” involving threat actors like ClearFake, SocGholish, and VexTrio. VexTrio, active since 2017, operates a network of over 70,000 domains and brokers traffic for 60 affiliates. It uses DNS and HTTP-based traffic distribution systems to propagate scams, riskware, and more. The … Read more
November 14, 2023 at 07:10PM The U.S. Department of Justice has announced the takedown of a botnet proxy service called IPStorm. The service allowed cybercriminals to run malicious traffic anonymously through various devices worldwide. A Russian-Moldovan national named Sergei Makinin pleaded guilty to computer fraud charges in connection to the case. Makinin profited from selling … Read more
November 1, 2023 at 04:04PM The Mozi botnet, which accounted for 90% of all malicious IoT network traffic, has disappeared after a kill switch was discovered. The “Who killed Mozi?” question remains unanswered. ESET Research found the kill switch, which deactivated the malware and disabled certain functions. The investigation suggests that either the original Mozi … Read more