14 matches found
China’s Salt Typhoon Hacks AT&T and Verizon, Accessing Wiretap Data: Report
China’s Salt Typhoon hacked AT&T, Verizon, and Lumen, compromising wiretap systems used in criminal investigations. The breach, linked…...
Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.
More than 600,000 small office/home office SOHO routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet. The mysterious event, which took place between October 25 and 27, 2023,...
TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy
A botnet previously considered to be rendered inert has been observed enslaving end-of-life EoL small home/small office SOHO routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from...
QakBot Malware Operators Expand C2 Network with 15 New Servers
The operators associated with the QakBot aka QBot malware have set up 15 new command-and-control C2 servers as of late June 2023. The findings are a continuation of the malware's infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lotus Labs revealed tha...
New SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 Countries
A new malware strain has been found covertly targeting small office/home office SOHO routers for more than two years, infiltrating over 70,000 devices and creating a botnet with 40,000 nodes spanning 20 countries. Lumen Black Lotus Labs has dubbed the malware AVrecon, making it the third such...
New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims
A never-before-seen complex malware is targeting business-grade routers to covertly spy on victims in Latin America, Europe, and North America at least since July 2022. The elusive campaign, dubbed Hiatus by Lumen Black Lotus Labs, has been found to deploy two malicious binaries, a remote access...
Artesãos SEOTools 输入验证错误漏洞
SEOTools is an Artesãos open source SEO tool for Laravel and Lumen. Artesãos SEOTools before 0.17.2 version of the input validation error vulnerability , the vulnerability stems from the file OpenGraph.php function makeTag problem , the operation of the parameter value will lead to open redirect...
Internet Backbone Giant Lumen Shuns .RU
Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the worlds Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumens decision comes just days after a similar exit by...
lumen-hollandrijnland.nl Cross Site Scripting vulnerability OBB-2360991
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The Internet is Held Together With Spit & Baling Wire
A visualization of the Internet made using network routing data. Image: Barrett Lyon, opte.org. Imagine being able to disconnect or redirect Internet traffic destined for some of the worlds biggest companies -- just by spoofing an email. This is the nature of a threat vector recently removed by a...
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus
Microsoft has detected exploits being used to compromise systems running the ZOHO ManageEngine ADSelfService Plus software versions vulnerable to CVE-2021-40539 in a targeted campaign. Microsoft Threat Intelligence Center MSTIC attributes this campaign with high confidence to DEV-0322, a group...
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus
Microsoft has detected exploits being used to compromise systems running the ZOHO ManageEngine ADSelfService Plus software versions vulnerable to CVE-2021-40539 in a targeted campaign. Microsoft Threat Intelligence Center MSTIC attributes this campaign with high confidence to DEV-0322, a group...
Who’s Behind Monday’s 14-State 911 Outage?
Emergency 911 systems were down for more than an hour on Monday in towns and cities across 14 U.S. states. The outages led many news outlets to speculate the problem was related to Microsofts Azure web services platform, which also was struggling with a widespread outage at the time. However,...
lumen.com.mx XSS vulnerability
Vulnerable URL: http://lumen.com.mx/catalog/busqueda.php?PAL=%22%3E%3Cscript%3Ealert%28%27OPENBUGBOUNTY%27%29%3C/script%3E=BUSCAR Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 09:29 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...