IASS-ISP-ASN-Security-Scanner

💀 IASS — ISP ASN Security Scanner Automated reconnaissance &...

BichitroGan ISP Billing Software 安全漏洞

BichitroGan ISP Billing Software is an internet service provider billing and customer management system developed by BichitroGan Company in Bangladesh. The version 2025.3.20 of BichitroGan ISP Billing Software contains a security vulnerability. This vulnerability arises from improper handling of...

Hackers may have breached FBI wiretap network via supply chain

Investigators are worried that a recent attack on a critical FBI system was more than just a random hit, and that another nation-state might have been involved. On February 17, the FBI flagged irregular network activity that led straight to its Digital Collection System Network. That system...

Security Bulletin: Vulnerablity in Apache Log4j may affect IBM APM Internet Service Monitoring Agent

Summary There is a vulnerability in the Apache log4j library used by IBM APM Internet Service Monitoring Agent. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...

CISA: Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers V2

CISA, in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, have released the guide Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to help internet service...

CISA Releases Guide to Mitigate Risks from Bulletproof Hosting Providers

Today, Cybersecurity and Infrastructure Security Agency CISA, in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, released the guide Bulletproof Defense: Mitigating Risks from...

Aisuru Botnet Shifts from DDoS to Residential Proxies

Aisuru , the botnet responsible for a series of record-smashing distributed denial-of-service DDoS attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things IoT devices to proxy services...

EUVD-2014-3072

Malware in sbrugna...

EUVD-2024-53723

Malicious code in bioql PyPI...

Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats

Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard that has been targeting embassies located in Moscow using an adversary-in-the-middle AiTM position to deploy their custom ApolloShadow malware. ApolloShadow has the...

Proxy Services Feast on Ukraine’s IP Address Exodus

Image: Mark Rademaker, via Shutterstock. Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of...

CVE-2024-57725

An issue in the Arcadyan Livebox Fibra PRV3399BBLT allows a remote or local attacker to modify the GPON link value without authentication, causing an internet service disruption via the /firstconnection.cgi endpoint...

CVE-2024-57725

An issue in the Arcadyan Livebox Fibra PRV3399BBLT allows a remote or local attacker to modify the GPON link value without authentication, causing an internet service disruption via the /firstconnection.cgi endpoint...

CVE-2024-57725

CVE-2024-57725 affects Arcadyan Livebox Fibra PRV3399B_B_LT. The issue allows an unauthenticated attacker to modify the GPON link value via the vulnerable endpoints, notably /firstconnection.cgi (and related /cgi/cgi_authpage.js exposure), enabling a potential internet service disruption (DoS) on...

CVE-2024-57725

An issue in the Arcadyan Livebox Fibra PRV3399BBLT allows a remote or local attacker to modify the GPON link value without authentication, causing an internet service disruption via the /firstconnection.cgi endpoint...

Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate

The Singapore Police Force SPF has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9...

Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal Activity

Telegram CEO Pavel Durov has broken his silence nearly two weeks after his arrest in France, stating the charges are misguided. "If a country is unhappy with an internet service, the established practice is to start a legal action against the service itself," Durov said in a 600-word statement on...

[SECURITY] Fedora 38 Update: ppp-2.4.9-10.fc38

The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...

PT-2023-12930 · Curl · Curl

Name of the Vulnerable Software and Affected Versions: curl affected versions not specified Description: The issue concerns a cyber espionage campaign, specifically the KV-botnet investigation. It involves various threats, including Kv-botnet, Beacon, Zuo rat, Hiatusrat, and Imminentmonitor rat...

DoS and DDoS Attacks against Multiple Sectors

CISA is aware of open-source reporting of targeted denial-of-service DoS and distributed denial-of-service DDoS attacks against multiple organizations in multiple sectors. These attacks can cost an organization time and money and may impose reputational costs while resources and services are...