Security
Headlines
HeadlinesLatestCVEs

Tag

#ddos

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting different firewall models that could enable an unauthenticated attacker

The Hacker News
#vulnerability#web#linux#ddos#dos#rce#botnet#auth#The Hacker News
Gaming Firms and Community Members Hit by Dark Frost Botnet

By Deeba Ahmed According to researchers, the most prominent targets of Dark Frost include gaming companies, online streaming services, game server hosting providers, and gaming community members. This is a post from HackRead.com Read the original post: Gaming Firms and Community Members Hit by Dark Frost Botnet

Mirai Malware Hits Zyxel Devices After Command Injection Bug

By Deeba Ahmed A variant of the Mirai botnet is targeting Zyxel Firewalls after exploiting a newly patched operating system command injection vulnerability. This is a post from HackRead.com Read the original post: Mirai Malware Hits Zyxel Devices After Command Injection Bug

Operation Magalenha: Brazilian Hackers Hit Portuguese Banks in Malware Attack

By Waqas SentinelLabs has uncovered a malware campaign in which Brazilian hackers are targeting Portuguese banks for monetary gains. This is a post from HackRead.com Read the original post: Operation Magalenha: Brazilian Hackers Hit Portuguese Banks in Malware Attack

Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry

A new botnet called Dark Frost has been observed launching distributed denial-of-service (DDoS) attacks against the gaming industry. "The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds of compromised devices," Akamai security researcher Allen West said in a new technical analysis shared with The Hacker News. Targets include

Interview With a Crypto Scam Investment Spammer

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code.

Cyber Warfare Lessons From the Russia-Ukraine Conflict

Techniques used in cyber warfare can be sold to anyone — irrespective of borders, authorities, or affiliations. We need to develop strategies to respond at scale.

ChatGPT: Cybersecurity friend or foe?

Categories: Business There are a lot of benefits to ChatGPT, but many in the security community have concerns about it. Malwarebytes' CEO Marcin Kleczynski takes a deep dive into the topic. (Read more...) The post ChatGPT: Cybersecurity friend or foe? appeared first on Malwarebytes Labs.

Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs

Categories: Exploits and vulnerabilities Categories: News Tags: Ruckus Tags: CISA Tags: AndoryuBot Tags: CVE-2023-25717 Tags: 163.123.142.146 CISA has added a Ruckus vulnerability being abused by the AndoryuBot botnet to its catalog. (Read more...) The post Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs appeared first on Malwarebytes Labs.

Break the DDoS Attack Loop With Rate Limiting

This Tech Tip demonstrates how security engineers can best use rate limits to mitigate distributed denial-of-service attacks.