Lucene search
K

1845 matches found

Malwarebytes
Malwarebytes
added 2025/09/08 7:2 a.m.11 views

A week in security (September 1 – September 7)

Last week on Malwarebytes Labs: Nexar dashcam video database hacked Roblox introduces age checks to use communication features Give your PC a fresh start: New free tools to boost your PC’s speed, security, and peace of mind TP-Link warns of botnet infecting routers and targeting Microsoft 365...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/05 12:0 a.m.6 views

Where Have All the Firewalls Gone? Security Consequences of Residential IPv6 Transition

IPv4 NAT has limited the spread of IoT botnets considerably by default-denying bots' incoming connection requests to in-home devices unless the owner has explicitly allowed them. As the Internet transitions to majority IPv6, however, residential connections no longer require the use of NAT. This...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/09/04 10:50 a.m.9 views

TP-Link warns of botnet infecting routers and targeting Microsoft 365 accounts

TP-Link has issued a warning about a botnet exploiting two vulnerabilities to infect small office/home SOHO routers, which are then weaponized to attack Microsoft 365 accounts. The vulnerabilities affect the Archer C7 and TL-WR841N/ND routers, though other models may also be at risk. Despite the...

8.6CVSS7.5AI score0.1745EPSS
Exploits0
Krebs on Security
Krebs on Security
added 2025/08/26 2:5 p.m.12 views

DSLRoot, Proxies, and the Threat of ‘Legal Botnets’

The cybersecurity community on Reddit responded in disbelief this month when a self-described Air National Guard member with top secret security clearance began questioning the arrangement they'd made with company called DSLRoot , which was paying $250 a month to plug a pair of laptops into the...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/20 4:19 a.m.4 views

DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks

A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service DDoS-for-hire botnet called RapperBot. Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice D...

7.6AI score
Exploits0
Krebs on Security
Krebs on Security
added 2025/08/19 8:51 p.m.11 views

Oregon Man Charged in ‘Rapper Bot’ DDoS Service

A 22-year-old Oregon man has been arrested on suspicion of operating "Rapper Bot ," a massive botnet used to power a service for launching distributed denial-of-service DDoS attacks against targets -- including a March 2025 DDoS that knocked Twitter/X offline. The Justice Department asserts the...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/19 5:37 p.m.8 views

Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems

Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware called DripDropper. But in an unusual twist, the unknown attackers have been observed patching the exploited vulnerability after securing initial...

10CVSS8.5AI score0.99654EPSS
Exploits31
The Hacker News
The Hacker News
added 2025/08/10 7:30 p.m.12 views

New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

A novel attack technique could be weaponized to rope thousands of public domain controllers DCs around the world to create a malicious botnet and use it to conduct powerful distributed denial-of-service DDoS attacks. The approach has been codenamed Win-DDoS by SafeBreach researchers Or Yair and...

7.5CVSS9.3AI score0.83642EPSS
Exploits6
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.6 views

Analyzing the Mirai IoT Botnet and Its Recent Variants: Satori, Mukashi, Moobot, and Sonic

Mirai is undoubtedly one of the most significant Internet of Things IoT botnet attacks in history. In terms of its detrimental effects, seamless spread, and low detection rate, it surpassed its predecessors. Its developers released the source code, which triggered the development of several...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/02 12:0 a.m.4 views

Leveraging Machine Learning for Botnet Attack Detection in Edge-Computing Assisted IoT Networks

The increase of IoT devices, driven by advancements in hardware technologies, has led to widespread deployment in large-scale networks that process massive amounts of data daily. However, the reliance on Edge Computing to manage these devices has introduced significant security vulnerabilities, a...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/07/23 11:4 a.m.4 views

Google Sues the Badbox Botnet Operators

It will be interesting to watch what will come of this private lawsuit: Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which has ensnared more than 10 million devices running Android open source software. These devices lack Google's security...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/18 9:58 p.m.10 views

CVE-2025-34130

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to...

8.7CVSS7.9AI score0.01149EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/07/17 12:0 a.m.5 views

How to Mitigate and Defend against DDoS Attacks in IoT Devices

Distributed Denial of Service DDoS attacks have become increasingly prevalent and dangerous in the context of Internet of Things IoT networks, primarily due to the low-security configurations of many connected devices. This paper analyzes the nature and impact of DDoS attacks such as those launch...

6.9AI score
Exploits0
NVD
NVD
added 2025/07/16 10:15 p.m.3 views

CVE-2025-34130

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to...

8.7CVSS0.01149EPSS
Exploits0References3
CVE
CVE
added 2025/07/16 9:26 p.m.19 views

CVE-2025-34130

CVE-2025-34130 affects LILIN Digital Video Recorder (DVR) devices up to firmware version 2.0b60_20200207. An unauthenticated arbitrary file read via the endpoint /z/zbin/net_html.cgi allows reading sensitive files such as /zconf/service.xml , enabling further attacks including command injection. ...

8.7CVSS7.3AI score0.01149EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/07/11 12:0 a.m.96 views

CVE-2013-3307

Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell metacharacters in the apply.cgi pingip parameter on TCP port 52000. Recent assessments: gwillcox-r7 at November 21, 2021 10:11pm UTC reported: Bug in Linksys...

8.3CVSS9.9AI score0.05618EPSS
In wildExploits0References2
The Hacker News
The Hacker News
added 2025/07/08 11:8 a.m.9 views

RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks

Cybersecurity researchers are calling attention to a malware campaign that's targeting security flaws in TBK digital video recorders DVRs and Four-Faith routers to rope the devices into a new botnet called RondoDox. The vulnerabilities in question include CVE-2024-3721, a medium-severity command...

7.2CVSS7.4AI score0.86489EPSS
Exploits4
HackRead
HackRead
added 2025/06/24 5:30 p.m.6 views

Androxgh0st Botnet Expands Reach, Exploiting US University Servers

New CloudSEK findings show Androxgh0st botnet evolving. Academic institutions, including UC San Diego, hit. Discover how this sophisticated…...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/24 2:17 p.m.6 views

Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue

Cybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets. The methods take advantage of the design of various common mining topologies in order to shut down the mining process, Akamai said in a new report published today. "We developed tw...

7.2AI score
Exploits0
HackRead
HackRead
added 2025/06/23 10:43 a.m.7 views

Zyxel Devices Hit by Active Exploits Targeting CVE-2023-28771 Vulnerability

Zyxel users beware: A critical remote code execution flaw CVE-2023-28771 in Zyxel devices is under active exploitation by a Mirai-like botnet. GreyNoise observed a surge on June 16, targeting devices globally...

9.8CVSS8.3AI score0.99284EPSS
Exploits8
Rows per page
Query Builder