New ‘Enemybot’ DDoS Botnet Targets Routers, Web Servers
Dubbed Enemybot, the botnet appears to be the work of Keksec, an established cybercrime group that specializes in DDoS attacks and cryptocurrency mining. The malware was built using the source code of the Gafgyt (Bashlite) botnet – which leaked in 2015 – with some modules borrowed from the infamous Mirai botnet, including the scanner module…
Tens of thousands unpatched GitLab servers under attack via CVE-2021-22205
Attackers are actively exploiting an “old” vulnerability (CVE-2021-22205) to take over on-premise GitLab servers, Rapid7 researcher Jacob Baines warns. The additional bad news is that at least half of the 60,000 internet-facing GitLab installations the company detects are not patched against this issue. What are the attackers doing with these servers? Damian Menscher, a security…
Bit-and-piece DDoS attacks increased 570% in Q2 2020
Attackers shifted tactics in Q2 2020, with a 570% increase in bit-and-piece DDoS attacks compared to the same period last year, according to Nexusguard. Perpetrators used bit-and-piece attacks to launch various amplification and elaborate UDP-based attacks to flood target networks with traffic. Analysts witnessed attacks using much smaller sizes—more than 51% of bit-and-piece attacks were…
New wave of attacks aiming to rope home routers into IoT botnets
A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets. The report urges users to take action to stop their devices from enabling this criminal activity. The importance of home routers for IoT botnets There has been a recent spike…
Attackers continue to leverage greater levels of social engineering and sophistication
Despite a nearly four-month absence, the return of Emotet within the last two weeks of September accounted for nearly 12 percent of all malicious email samples in Q3, delivering millions of messages with malicious URLs or attachments, Proofpoint found. Emotet returns, organizations need to react “Emotet’s return to the threat landscape and the latest sextortion…
Hide ‘N Seek IoT Botnet Can Survive Device Reboots
The Internet of Things (IoT) botnet known as Hide ‘N Seek that first emerged in January can now achieve persistence on infected devices, Bitdefender reports. Discovered toward the end of April, the latest version of the malware also includes code that allows it to target more vulnerabilities and new types of devices, the security firm discovered,…
US Banks Targeted with Trickbot Trojan
Necurs botnet spreads Trickbot malware to US financial institutions, while new Emotet banking Trojan attacks discovered – signalling increasingly complex attacks on the industry. The Necurs botnet has begun delivering the Trickbot banking Trojan to financial institutions in the United States, a sign of increasingly larger and more complex attacks on the industry.
North Korea’s DDoS Attacks Analyzed Based on IPs
Arbor Networks has used the IP addresses shared recently by United States authorities to analyze distributed denial-of-service (DDoS) attacks attributed to the North Korean government. The security firm believes the data may not be as useful for organizations as the U.S. hopes. Earlier this month, the United States Computer Emergency Readiness Team (US-CERT) released a…
5 Unsettling cyberthreats
Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. A SQL injection is a SQL injection, no matter who’s trying it. But what about the outliers? What about threats that impact you, but you can’t remediate, or establish a policy to cover? Here are 5 cyberthreats that if you’re not frightened by,…
Malware Hunter: Find C&C servers for botnets
Recorded Future and Shodan released Malware Hunter, a specialized crawler for security researchers that explores the Internet to find computers acting as remote access trojan (RAT) command and control centers. Malware Hunter unearths computers hosting RAT controller software that remotely controls malware-infected computers and instructs them to execute malicious activities such as recording audio, video,…