Mylobot: A Sophisticated Botnet Malware Targeting Computers Worldwide

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mylobot is a Windows-targeting malware and was first discovered in 2017. It has not received much attention since then, but it is noteworthy for its ability to transform the infected system into a proxy...

MyloBot Botnet Spreading Rapidly Worldwide: Infecting Over 50,000 Devices Daily

A sophisticated botnet known as MyloBot has compromised thousands of systems, with most of them located in India, the U.S., Indonesia, and Iran. That's according to new findings from BitSight, which said it's "currently seeing more than 50,000 unique infected systems every day," down from a high ...

MyloBot Botnet Spreading Rapidly Worldwide: Infecting Over 50,000 Devices Daily

A sophisticated botnet known as MyloBot has compromised thousands of systems, with most of them located in India, the U.S., Indonesia, and Iran. That's according to new findings from BitSight, which said it's "currently seeing more than 50,000 unique infected systems every day," down from a high ...

New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different...

New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different...

Actors, Threats and Vulnerabilities 6 February to 12 February 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Hive Pro identified three active actors over the past week. The first, OilRig, is a well-known threat actor known for its information theft and espionage activities. The secon...

Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service DDoS attack that peaked at over 71 million requests per second RPS. "The majority of attacks peaked in the ballpark of 50-70 million requests per second RPS with the largest...

Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service DDoS attack that peaked at over 71 million requests per second RPS. "The majority of attacks peaked in the ballpark of 50-70 million requests per second RPS with the largest...

Trickbot Hacking Group Jointly Sanctioned By the US and Britain

By Habiba Rashid The Trickbot botnet was dismantled in 2019, but its use by ransomware gangs evolved over the years. This is a post from HackRead.com Read the original post: Trickbot Hacking Group Jointly Sanctioned By the US and Britain...

PT-2023-2627 · Ruckus Wireless · Ruckus Wireless Admin

Name of the Vulnerable Software and Affected Versions: Ruckus Wireless Admin versions prior to 10.4 Description: The issue concerns a Remote Code Execution vulnerability in Ruckus Wireless Admin, allowing an unauthenticated attacker to execute arbitrary code via an HTTP GET request. This can be...

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S...

CVE-2022-21587: Rapid7 Observed Exploitation of Oracle E-Business Suite Vulnerability

Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. Rapid7 is responding to various compromises arising from the exploitation of CVE-2022-21587, a critical arbitrary file upload vulnerability rated 9.8 on the CVSS v3 risk metric impacti...

A new botnet called the Medusa Botnet is emerging via Mirai Botnet targeting Linux users

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Mirai is a botnet that has been active since 2016 and exploits vulnerabilities in Linux-based networking devices like routers and IoT devices to gain control and perform malicious activities like...

New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "elusive and severe threat" dubbed HeadCrab since early September 2021. "This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional...

New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "elusive and severe threat" dubbed HeadCrab since early September 2021. "This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional...

We Don’t Just Patch – We Hack

We Don’t Just Patch – We Hack By Trellix · February 1, 2023 This blog was written by Douglas McKee If you have read any security advisories, technology news articles or even our very own Bug Report, you have continually been bombarded with the message to patch, patch, patch! Patching is critical ...

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Denis Emelyantsev, a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. The plea comes just months after Emelyantsev was...

VASTFLUX ad fraud massively affected millions of iOS devices, dismantled

Researchers have successfully dismantled a massive ad fraud campaign they stumbled upon by accident. The Satori Threat Intelligence and Research Team dubbed the campaign VASTFLUX, a portmanteau of "fast flux"--an evasion technique involving the constant changing of IP addresses behind a single...

Malware Distribution via Google PPC by IcedID Botnet Distributors

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The IcedID botnet has been using Google pay-per-click ads to distribute itself through malvertising attacks since December 2022. Malvertising involves the use of malicious ads that are displayed in searc...

WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws

WordPress sites are being targeted by a previously unknown strain of Linux malware that exploits flaws in over two dozen plugins and themes to compromise vulnerable systems. "If sites use outdated versions of such add-ons, lacking crucial fixes, the targeted web pages are injected with malicious...