11 matches found
CVE-2022-37055
creationtimestamp| type| source ---|---|--- 2025-11-27 11:52:43+00:00| seen| https://threatintel.cc/2025/11/27/botnet-takes-advantage-of-aws.html 2025-11-27 12:52:30+00:00| seen| https://infosec.exchange/users/edwardk/statuses/115621753678740046 2025-11-27 15:20:22+00:00| seen|...
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw
A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security flaw with the goal of using the compromised devices for further attacks. The vulnerability in question is CVE-2015-2051 CVSS score: 9.8, which affects D-Link DIR-645...
PT-2024-3333 · D Link · D-Link Dir-845L
Name of the Vulnerable Software and Affected Versions: D-Link DIR-845L router version 1.01KRb03 and before Description: The issue is related to a command injection vulnerability via the hnap main function. This vulnerability is associated with the failure to neutralize special elements used in th...
OpenSSH trojan campaign targets Linux systems and IoT devices
Poorly configured Linux and Internet of Things IoT devices are at risk of compromise from a cryptojacking campaign, according to researchers at Microsoft. The attacks, which involve brute forcing a way into a system, are designed to profit from mining in illicit fashion for cryptocurrency. Once t...
A week in security (August 26 – September 1)
Last week on Malwarebytes Labs, we analysed the Android xHelper trojan, we wondered why the Nextdoor app would send out letters on behalf of their customers, reported about a study that explores the clickjacking problem across top Alexa-ranked websites, wondered how to get the board to invest in...
Newsmaker Interview: Troy Mursch on Top Botnet Trends
Botnet activity saw a healthy amount of dynamism in 2018. There were new types of devices being targeted, such as carrier-grade MikroTik hardware; and, there was also a host of new types of criminal activity surfacing making the point that botnets aren’t just for DDoS anymore. New types of...
New research shows 75% of ‘open’ Redis servers infected
Since our initial report on the RedisWannaMine attack that propagates through open Redis and Windows servers, we’ve been hearing about more and more attacks on Redis servers. Redis is a great tool, it can serve as in-memory distributed database, cache or a message broker and is widely popular...
A Simple Tool Released to Protect Dasan GPON Routers from Remote Hacking
Since hackers have started exploiting two recently disclosed unpatched critical vulnerabilities found in GPON home routers, security researchers have now released an unofficial patch to help millions of affected users left vulnerable by their device manufacturer. Last week, researchers at vpnMent...
Newly Published Exploit Code Used to Spread Mirai Variant
Qihoo 360 Netlab researchers reported on Friday that they are tracking an uptick in botnet activity associated with a variant of Mirai. Targeted are ports 23 and 2323 on internet-connected devices made by ZyXEL Communications that are using default admin/CenturyL1nk and admin/QwestM0dem telnet...
Q2 2017 Global DDoS Threat Landscape Report
This week we released our latest Global DDoS Threat Landscape Report, a statistical analysis of more than 15,000 network and application layer DDoS attacks mitigated by Imperva Incapsula services during Q2 2017. This quarter, for the fifth one in a row, we saw a decrease in the number of network...
sIPI - Simple IP Information Tools
This tool is aimed for Incident Response Team and anyone what's want to know the behaviour of the "suspicious" IP Address. The tools do search looking for reputation info from a set of open threat intelligence sources. Information about this IP like malware activity, malicious activity, blacklist...