#ddos

Cybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denial-of-service (DDoS) attacks. Written in Golang, the botnet is so named for its reference to a string named "ootheca" present in the command-and-control (C2) servers ("ootheca[.]pw" and "ootheca[.]top"). "Functionally, Zergeca is not just a typical DDoS botnet; besides supporting six

Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware code to run solely in memory and avoid disk-based detection mechanisms," Trend Micro researchers Ahmed

In today's networked digital world, application programming interface (API) security is a crucial component in safeguarding private information and strengthening the integrity of online transactions. The potential for attack has increased dramatically as a result of the growing use of applications that depend on APIs to communicate across systems and services.It's also important to protect against malevolent actors who try to take advantage of API vulnerabilities for illegal access, data breaches and service interruptions. Strong API security measures are needed to establish trust, reduce risk

In the latest breaches, threat groups compromised telecommunications firms in at least two Asian nations, installing backdoors and possibly eavesdropping or pre-positioning for a future attack.

Red Hat Security Advisory 2024-4057-03 - Release of OpenShift Serverless Logic 1.33.0. Issues addressed include cross site scripting and denial of service vulnerabilities.

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Inside China's civilian hacker army; outer space threats; and NIST 2.0 Framework secrets for success.

The stream was briefly knocked offline, preventing millions of fans from accessing the game. Poland's head of digital services says "all leads lead to the Russian Federation."

State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear,

Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs) to deliver a command-and-control (C&C) framework called Winos 4.0. "The campaign also promotes compromised MSI files embedded with nudifiers and deepfake pornography-generating software, as well as

Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft Office. "Due to the nature of crack programs, information sharing amongst