A new distributed denial-of-service botnet has been detected in the wild. Update. According to a new research released by AT&T, EnemyBot is now quickly adopting “one-day vulnerabilities as part of its exploitation capabilities.” Services such as VMware Workspace ONE, Adobe…
Security researchers reported a new malware strain, capable of distributing ransomware and performing DDoS attacks. Called Borat after the infamous mockumentary movie, the malware is a RAT, or a Remote Access Trojan, and it provides the two activities alongside the…
Another variant of the infamous Mirai botnet is circling the web, exploiting a list of specific vulnerabilities in TOTOLINK routers. The critical vulnerabilities are relatively new, disclosed in the period between February and March 2022. Affected is the Linux platform.…
A new botnet, called EwDoor, was detected in the wild while performing DDoS attacks. The attacks were targeting an unpatched 4-year-old flaw (CVE-2017-6079) in Ribbon Communications EgdgeMarc appliances that belong to telecom providers AT&T. EwDoor was first detected on Ocboter…
At the end of June, 2021, security researchers from Russian firm Qrator started observing “a botnet of a new kind.” A joint research with Yandex followed to discover more about this new DDoS threat “emerging in almost real-time”. Related: New…
A severe vulnerability, known under the CVE-2020-12695, has been discovered in a core protocol in nearly all IoT devices – the Universal Plug and Play (UPnP) protocol. The flaw, dubbed CallStranger could allow attackers to take over IoT devices in…
Another day, another discovery of vulnerabilities. A new malicious attack exploiting the way DNS recursive resolvers operate was just discovered. In detail, the attack exploits the way the resolvers work when receiving NS referral response that contains nameservers but without…
A new strain of IoT malware, dubbed Kaiji, was just discovered by security researchers MalwareMustDie and Intezer Labs. The new IoT malware is built to target Linux-based servers and connected devices to launch DDoS attacks, and was coded by Chinese…
A new Imperva report presents a detailed analysis of the DDoS threat landscape in 2019. The report is based on statistical data of 3,643 network layer and 42,390 application layer DDoS attacks, mitigated by the company. The data was gathered…
Wikipedia has suffered a major DDoS attack. The attack took place during the weekend. According to Wikipedia’s official statement released on September 7, “Wikipedia was hit with a malicious attack that has taken it offline in several countries for intermittent…
The Web Services Dynamic Discovery (WS-Discovery) protocol could be exploited to launch large-scale DDoS attacks, security researchers are reporting. What is the WS-Discovery protocol? The WS-Discovery protocol is described as a technical specification that defines a multicast discovery protocol to…
There’s a new piece of advanced backdoor malware that can target both Linux and Windows systems in a secure, previously unseen communication. The backdoor has been dubbed Godlua, as it is Lua-based and “the Lua byte-code file loaded by this…
What is .DDOS files virus? What is Dharma ransomware? Can files encrypted by .DDOS files virus be recovered? Dharma ransomware is back with a new cryptovirus variant. The current version of the Dharma family ransomware encrypts files by appending the…
A known vulnerability dubbed ThinkPHP, which was disclosed and fixed in December last year, has been exploited for botnet propagation by a new Mirai variant, Yowai, a variant of Gafgyt known as Hakai. The discovery comes from Trend Micro, and…
The L0rdix malware is a newly detected hacking tool that is being offered on the hacker underground markets allowing prospective buyers to use it in attack campaigns against Windows computers. It allows individual hackers and groups to use it in…
Bank of Spain was hit by a DDoS attack as a result of which the bank’s website was offline on Monday (August 27). According to the bank’s statement, the attack didn’t have any impact on its operations. Also, communications with…
A security report reveals that the number of DNS Amplification attacks done in the first quarter (Q1) of 2018 have doubled. By definition they are a type of DDOS (Distributed denial of service) attacks which are among the most common…
The world’s biggest DDoS-for-hire service, Webstresser.org, is now down thanks to a coordinated international operation. The DDoS provider was shut down on Wednesday after a thorough investigation carried out by UK’s National Crime Agency and the Dutch National Police and…
DDoS attacks based on Memcached servers can now be mitigated, researchers say. The mitigation method includes the victim sending a “flush_all” command back to the servers that initiated the attack. This method was suggested few days ago by one of…
Just last week a record-breaking DDoS attack took place – registered at 1.3 Tbps. The target was GitHub, and the attack was based on a flaw in Memcached servers recently made public. It became evident that cybercriminals can exploit Memcached…
