radikal.social

1 post1 participant0 posts today

Rachel RawlingsI'm having trouble figuring out what kind of botnet has been hammering our web servers over the past week. Requests come in from tens of thousands of addresses, just once or twice each (and not getting blocked by fail2ban), with different browser strings (Chrome versions ranging from 24.0.1292.0 - 108.0.5163.147) and ridiculous cobbled-together paths like /about-us/1-2-3-to-the-zoo/the-tiny-seed/10-little-rubber-ducks/1-2-3-to-the-zoo/the-tiny-seed/the-nonsense-show/slowly-slowly-slowly-said-the-sloth/the-boastful-fisherman/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/brown-bear-brown-bear-what-do-you-see/pancakes-pancakes/pancakes-pancakes/the-tiny-seed/pancakes-pancakes/pancakes-pancakes/slowly-slowly-slowly-said-the-sloth/the-tiny-seed(I just put together a bunch of Eric Carle titles as an example. The actual paths are pasted together from valid paths on our server but in invalid order, with as many as 32 subdirectories.)Has anyone else been seeing this and do you have an idea what's behind it?<a href="https://infosec.exchange/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> <a href="https://infosec.exchange/tags/ddos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ddos</a> <a href="https://infosec.exchange/tags/webscraping" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webscraping</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

BGDoncasterOh really it was Ukraine that took down X on March 10? Not so fast. Independent security researchers found evidence that some X origin servers were not properly secured behind DDoS protection, and researchers noted they did not even see Ukraine in the breakdown of the top 20 IP address origins involved in the attacks. <a href="https://www.wired.com/story/x-ddos-attack-march-2025/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wired.com/story/x-ddos-attack-march-2025/</a> <a href="https://techhub.social/tags/X" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#X</a> <a href="https://techhub.social/tags/Musk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Musk</a> <a href="https://techhub.social/tags/DDoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DDoS</a> <a href="https://techhub.social/tags/cyberattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberattack</a> <a href="https://techhub.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://techhub.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://techhub.social/tags/Ukraine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ukraine</a> <a href="https://techhub.social/tags/BotNet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BotNet</a> <a href="https://techhub.social/tags/Internet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Internet</a>

MadeInDex 📰🌎⚠️ New <a href="https://mastodon.social/tags/Botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Botnet</a> on the loose? ⚠️A surge of accounts from gtmastodon.online / mastodon.gtmastodon.online has emerged, all seemingly following a limited number of <a href="https://mastodon.social/tags/MastodonSocial" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MastodonSocial</a> users.Is this a coordinated effort? If so, what is the goal? 🤔<a href="https://mastodon.social/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialMedia</a> <a href="https://mastodon.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a> <a href="https://mastodon.social/tags/Fediverse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Fediverse</a> <a href="https://mastodon.social/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.social/tags/Profiles" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Profiles</a> <a href="https://mastodon.social/tags/Account" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Account</a> <a href="https://mastodon.social/tags/Follow" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Follow</a> <a href="https://mastodon.social/tags/Followers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Followers</a> <a href="https://mastodon.social/tags/Network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Network</a> <a href="https://mastodon.social/tags/alert" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#alert</a> <a href="https://mastodon.social/tags/fake" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fake</a> <a href="https://mastodon.social/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://mastodon.social/tags/bots" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bots</a> <a href="https://mastodon.social/tags/user" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#user</a> <a href="https://mastodon.social/tags/users" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#users</a> <a href="https://mastodon.social/tags/info" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#info</a> <a href="https://mastodon.social/tags/it" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#it</a> <a href="https://mastodon.social/tags/server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#server</a> <a href="https://mastodon.social/tags/servers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#servers</a>

Flipboard Tech DeskResearchers from the Kaspersky Lab reported that they found two new apps, downloaded from Google Play 11 million times, that were infected with the same malware as a similar 2019 hack. From <a href="https://mastodon.social/@arstechnica" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@arstechnica</a>. <a href="https://flipboard.social/tags/Botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Botnet</a> <a href="https://flipboard.social/tags/Kaspersky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kaspersky</a> <a href="https://flipboard.social/tags/Necro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Necro</a> <a href="https://flipboard.social/tags/Hack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hack</a> <a href="https://flipboard.social/tags/Tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tech</a> <a href="https://flipboard.social/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Technology</a> <a href="https://flip.it/sCXm_c" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://flip.it/sCXm_c</a>

Anachron :void:Wow, I was just routinely checking my fail2ban logs and it seems like someone actually has set up multiple IP addresses and when one is banned continues with the next one trying to break into.Sneaky. I was only able to tell its the same person since the IP address differs by 1 on the last segment. <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://fosstodon.org/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fail2ban</a> <a href="https://fosstodon.org/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a>

Flipboard Tech DeskThe FBI recently took control of a botnet made up of hundreds of thousands of internet-connected devices run by a Chinese government hacking group, director Christopher Wray revealed Wednesday. <a href="https://flipboard.com/@Techcrunch" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Techcrunch</a> has the story. @FBI <a href="https://flipboard.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://flipboard.social/tags/Botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Botnet</a> <a href="https://flipboard.social/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybercrime</a> <a href="https://flipboard.social/tags/Tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tech</a> <a href="https://flipboard.social/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Technology</a> <a href="https://techcrunch.com/2024/09/18/u-s-government-took-control-of-a-botnet-run-by-chinese-government-hackers-says-fbi-director/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://techcrunch.com/2024/09/18/u-s-government-took-control-of-a-botnet-run-by-chinese-government-hackers-says-fbi-director/</a>

The Spamhaus Project🤖 Jan-Jun 2024 Botnet Threat Update out now!⬇️ Total of 14,248 botnet C&Cs observed, down by -6%. ⬇️ Misuse of pentest framework, Cobalt Strike, decreased -41% ⬇️ Great work from 11 networks hosting most active Botnet C&Cs! Find out which networks and read the FREE report here👇 <a href="https://www.spamhaus.org/resource-hub/botnet-c-c/botnet-threat-update-january-to-june-2024" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.spamhaus.org/resource-hub/botnet-c-c/botnet-threat-update-january-to-june-2024</a> <a href="https://infosec.exchange/tags/Botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Botnet</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://infosec.exchange/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntelligence</a>

Graham CluleyRound 3 in the toothbrush DDoS debacle!We thought it was all over... but the Swiss newspaper has come out fighting, blaming Fortinet for spreading untruths about a toothbrush botnet. Will Fortinet return for Round 4, or is that a knockout punch? <a href="https://grahamcluley.com/round-3-in-the-toothbrush-ddos-debacle/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://grahamcluley.com/round-3-in-the-toothbrush-ddos-debacle/</a><a href="https://mastodon.green/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.green/tags/fortinet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fortinet</a> <a href="https://mastodon.green/tags/ddos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ddos</a> <a href="https://mastodon.green/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> <a href="https://mastodon.green/tags/toothbrush" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#toothbrush</a>

Avoid the Hack! :donor:NGL a toothbrush <a href="https://infosec.exchange/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> would be SkyNet stuff.

Glyn MoodyThree million malware-infected smart <a href="https://mastodon.social/tags/toothbrushes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#toothbrushes</a> used in Swiss <a href="https://mastodon.social/tags/DDoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DDoS</a> attacks — <a href="https://mastodon.social/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> causes millions of euros in damages - <a href="https://www.tomshardware.com/networking/three-million-malware-infected-smart-toothbrushes-used-in-swiss-ddos-attacks-botnet-causes-millions-of-euros-in-damages" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.tomshardware.com/networking/three-million-malware-infected-smart-toothbrushes-used-in-swiss-ddos-attacks-botnet-causes-millions-of-euros-in-damages</a> what a headline...

Boris Vulikh<a href="https://www.tomshardware.com/networking/three-million-malware-infected-smart-toothbrushes-used-in-swiss-ddos-attacks-botnet-causes-millions-of-euros-in-damages" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.tomshardware.com/networking/three-million-malware-infected-smart-toothbrushes-used-in-swiss-ddos-attacks-botnet-causes-millions-of-euros-in-damages</a>Take a moment to have it sink in: a botnet comprised from internet connected toothbrushes. Who the hell connects a toothbrush to the internet?! As we all know, the ‘S’ in IoT is for ‘Security’. <a href="https://fosstodon.org/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://fosstodon.org/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> Update: Please read clarification by Kevin Beaumont: <a href="https://cyberplace.social/@GossiTheDog/111886558855943676" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cyberplace.social/@GossiTheDog/111886558855943676</a>

Xavier «X» Santolaria :verified_paw: :donor:📨 Latest issue of my curated <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> and <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> list of resources for week #05/2024 is out! It includes the following and much more:➝ 🔓 <a href="https://infosec.exchange/tags/Binance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Binance</a> Code and Internal Passwords Exposed on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> for Months ➝ 🔓 ☁️ <a href="https://infosec.exchange/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cloudflare</a> hacked using auth tokens stolen in <a href="https://infosec.exchange/tags/Okta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Okta</a> attack ➝ 🔓 🚘 <a href="https://infosec.exchange/tags/Europcar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Europcar</a> denies data breach of 50 million users, says data is fake ➝ 🔓 💸 Johnson Controls says <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> attack cost $27 million, data stolen ➝ 🔓 🚘 A mishandled GitHub token exposed Mercedes-Benz AG source code ➝ 🔓 🇮🇳 Data of 750 Million Indian Mobile Subscribers Sold on Hacker Forums ➝ 🔓 🇺🇸 1.5 Million Affected by <a href="https://infosec.exchange/tags/DataBreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataBreach</a> at Insurance Broker Keenan, Ciccitto & Associates, LLP ➝ 🤖 <a href="https://infosec.exchange/tags/OpenAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenAI</a> says mysterious chat histories resulted from account takeover ➝ 🇺🇸 🇮🇷 U.S. government sanctions Iranian officials over Pennsylvania water facility hack ➝ 🇮🇳 A startup allegedly “hacked the world.” Then came the censorship—and now the backlash. ➝ 🌍 <a href="https://infosec.exchange/tags/INTERPOL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#INTERPOL</a>-led operation targets growing cyber threats ➝ 🇷🇺 🥸 Russian <a href="https://infosec.exchange/tags/spies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#spies</a> impersonating Western researchers in ongoing hacking campaign ➝ 🇩🇪 💰 Police seize record 50,000 <a href="https://infosec.exchange/tags/Bitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Bitcoin</a> from now-defunct piracy site ➝ 🇨🇳 🇲🇲 <a href="https://infosec.exchange/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#China</a>-Linked Hackers Target <a href="https://infosec.exchange/tags/Myanmar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Myanmar</a>'s Top Ministries with <a href="https://infosec.exchange/tags/Backdoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Backdoor</a> Blitz ➝ 🇺🇸 🇪🇬 US Sanctions Two <a href="https://infosec.exchange/tags/ISIS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ISIS</a>-Affiliated ‘Cybersecurity Experts’ ➝ 🇮🇹 🦠 Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> ➝ 🇺🇸 🇨🇳 U.S. officials warn of dire Chinese cyber threats in wake of FBI operation to disrupt <a href="https://infosec.exchange/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> ➝ 🇺🇸 ⚖️ Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider ➝ 🔓 💥 45k <a href="https://infosec.exchange/tags/Jenkins" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Jenkins</a> servers exposed to RCE attacks using public exploits ➝ 🇺🇸 ⚖️ Ex-CIA hacker jailed for 40 years for his role in <a href="https://infosec.exchange/tags/WikiLeaks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WikiLeaks</a> ➝ 🇺🇸 ⚖️ New York Sues <a href="https://infosec.exchange/tags/Citibank" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Citibank</a> Over Poor Data Security ➝ 🇺🇸 <a href="https://infosec.exchange/tags/NSA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NSA</a> Admits Secretly Buying Your Internet Browsing Data without Warrants ➝ ⚡️ 💰 Energy giant Schneider Electric hit by Cactus <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> attack ➝ 🦠 💬 <a href="https://infosec.exchange/tags/Telegram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Telegram</a> Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware ➝ 🦠 🇺🇦 <a href="https://infosec.exchange/tags/PurpleFox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PurpleFox</a> malware infects thousands of computers in <a href="https://infosec.exchange/tags/Ukraine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ukraine</a> ➝ 🦠 Hackers Exploiting <a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ivanti</a> VPN Flaws to Deploy <a href="https://infosec.exchange/tags/KrustyLoader" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KrustyLoader</a> Malware ➝ 🐛 📨 Researchers Uncover How <a href="https://infosec.exchange/tags/Outlook" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Outlook</a> Vulnerability Could Leak Your <a href="https://infosec.exchange/tags/NTLM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NTLM</a> Passwords ➝ 🐛 🐧 New <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://infosec.exchange/tags/glibc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#glibc</a> flaw lets attackers get root on major distros ➝ 🔓 Vulnerabilities in <a href="https://infosec.exchange/tags/WatchGuard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WatchGuard</a>, Panda Security Products Lead to Code Execution Subscribe to the <a href="https://infosec.exchange/tags/infosecMASHUP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecMASHUP</a> newsletter to have it piping hot in your inbox every week-end ⬇️<a href="https://open.substack.com/pub/0x58/p/infosec-mashup-week-052024?r=299go8&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://open.substack.com/pub/0x58/p/infosec-mashup-week-052024?r=299go8&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true</a>

Benjamin Carr, Ph.D. 👨🏻‍💻🧬Your <a href="https://hachyderm.io/tags/washingmachine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#washingmachine</a> could be sending 3.7GB of data/day <a href="https://hachyderm.io/tags/LG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LG</a> washing machine owner disconnected his device from <a href="https://hachyderm.io/tags/WiFi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WiFi</a> after noticing excessive outgoing daily data traffic History of hackers taking over LG smart appliances. <a href="https://hachyderm.io/tags/SmartThinQ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SmartThinQ</a> <a href="https://hachyderm.io/tags/HomeHack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HomeHack</a> <a href="https://hachyderm.io/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> was patched weeks after being made public. A similar modern hack might use washing machine’s esources as part of a <a href="https://hachyderm.io/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> or for <a href="https://hachyderm.io/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> mining. Large numbers of low-power devices can be formidable. <a href="https://www.tomshardware.com/networking/your-washing-machine-could-be-sending-37-gb-of-data-a-day" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.tomshardware.com/networking/your-washing-machine-could-be-sending-37-gb-of-data-a-day</a> <a href="https://hachyderm.io/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a>

Avoid the Hack! :donor:US confirms takedown of China-run botnet targeting home and office routersThis particular <a href="https://infosec.exchange/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT</a> targets home and office routers, infecting them with <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> and recruiting them into a <a href="https://infosec.exchange/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> used for illicit activities.<a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> on SOHO routers are pretty much an afterthought, but you should make sure you at least use the firewall and change the default admin credentials. Also helps to keep the <a href="https://infosec.exchange/tags/firmware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#firmware</a> updated.<a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a><a href="https://therecord.media/china-run-botnet-takedown-fbi-doj-routers" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://therecord.media/china-run-botnet-takedown-fbi-doj-routers</a>

Benjamin Carr, Ph.D. 👨🏻‍💻🧬The <a href="https://hachyderm.io/tags/Mirai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mirai</a> Confessions: Three Young <a href="https://hachyderm.io/tags/Hackers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hackers</a> Who Built a Web-Killing Monster Finally Tell Their Story <a href="https://hachyderm.io/tags/Netflix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Netflix</a>, <a href="https://hachyderm.io/tags/Spotify" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spotify</a>, <a href="https://hachyderm.io/tags/Twitter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Twitter</a>, <a href="https://hachyderm.io/tags/PayPal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PayPal</a>, <a href="https://hachyderm.io/tags/Slack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Slack</a>. All down for millions of people. How a group of teen friends plunged into an underworld of <a href="https://hachyderm.io/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybercrime</a> and broke the internet—then went to work for the <a href="https://hachyderm.io/tags/FBI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FBI</a>. <a href="https://www.wired.com/story/mirai-untold-story-three-young-hackers-web-killing-monster/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wired.com/story/mirai-untold-story-three-young-hackers-web-killing-monster/</a> <a href="https://hachyderm.io/tags/DDoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DDoS</a> <a href="https://hachyderm.io/tags/BotNet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BotNet</a>

Renée BurtonThis is a really good (if long) read on persistent DDoS botnet from (mostly) TVs. Scary nugget: because they have compromised TVs they can control what content airs to the viewer! referencing the streaming of Gaza conflict video to devices. I thought of <a href="https://infosec.exchange/@briankrebs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@briankrebs</a> because they claim that they know who the actor is and seem to have done a good deal of doxing on the actor they say has been active for 6 yrs. <a href="https://infosec.exchange/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dns</a> <a href="https://infosec.exchange/tags/ddos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ddos</a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybercrime</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> <a href="https://blog.xlab.qianxin.com/bigpanzi-exposed-hidden-cyber-threat-behind-your-stb/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.xlab.qianxin.com/bigpanzi-exposed-hidden-cyber-threat-behind-your-stb/</a>

Avoid the Hack! :donor:Thousands of routers and cameras vulnerable to new 0-day attacks by hostile <a href="https://infosec.exchange/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a>Two 0-day exploits used on routers and video cameras to recruit these devices into a botnet used for <a href="https://infosec.exchange/tags/DDoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DDoS</a> attacks.Patches not available as of posting, though one manufacturer is working on an update.Akamai has provided IOCs.<a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/exploits" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploits</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a><a href="https://arstechnica.com/security/2023/11/thousands-of-routers-and-cameras-vulnerable-to-new-0-day-attacks-by-hostile-botnet/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2023/11/thousands-of-routers-and-cameras-vulnerable-to-new-0-day-attacks-by-hostile-botnet/</a>

Xavier «X» Santolaria :verified_paw: :donor:📨 Latest issue of my curated <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> and <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> list of resources for week #44/2023 is out! It includes the following and much more:➝ 🔓 <a href="https://infosec.exchange/tags/Okta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Okta</a> hit by another <a href="https://infosec.exchange/tags/breach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#breach</a>, this one stealing employee data from 3rd-party vendor ➝ 🔓 💸 <a href="https://infosec.exchange/tags/LastPass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LastPass</a> breach linked to theft of $4.4 million in crypto ➝ 🇮🇳 <a href="https://infosec.exchange/tags/India" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#India</a>'s Biggest Data Leak So Far? Covid-19 Test Info of 81.5Cr Citizens With ICMR Up for Sale ➝ 🔓 ✈️ <a href="https://infosec.exchange/tags/Lockbit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lockbit</a> ransomware group claims to have hacked <a href="https://infosec.exchange/tags/Boeing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Boeing</a> ➝ 🇳🇱 ⚖️ Dutch hacker jailed for extortion, selling stolen data on RaidForums ➝ 🇷🇺 🇺🇸 Russian Reshipping Service ‘SWAT USA Drop’ Exposed ➝ 🇮🇷 🦠 Iranian Cyber Spies Use ‘<a href="https://infosec.exchange/tags/LionTail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LionTail</a>’ Malware in Latest Attacks ➝ 📉 Security researchers observed ‘deliberate’ takedown of notorious <a href="https://infosec.exchange/tags/Mozi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mozi</a> <a href="https://infosec.exchange/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> ➝ 🇮🇳 📱 Apple warns Indian opposition leaders of state-sponsored <a href="https://infosec.exchange/tags/iPhone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPhone</a> attacks ➝ 🌍 Four dozen countries declare they won’t pay <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransomware</a> ransoms ➝ 🇷🇺 How <a href="https://infosec.exchange/tags/Kopeechka" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kopeechka</a>, an Automated Social Media Accounts Creation Service, Can Facilitate <a href="https://infosec.exchange/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybercrime</a> ➝ 🇪🇺 EU digital ID reforms should be ‘actively resisted’, say experts ➝ 🇷🇺 🇺🇦 <a href="https://infosec.exchange/tags/FSB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FSB</a> arrests Russian hackers working for Ukrainian cyber forces ➝ 🇺🇸 FTC orders non-bank financial firms to report breaches in 30 days ➝ 🇨🇦 📱 <a href="https://infosec.exchange/tags/Canada" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Canada</a> Bans <a href="https://infosec.exchange/tags/WeChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WeChat</a> and <a href="https://infosec.exchange/tags/Kaspersky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kaspersky</a> Apps On Government Devices ➝ 🇺🇸 <a href="https://infosec.exchange/tags/SEC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SEC</a> Charges <a href="https://infosec.exchange/tags/SolarWinds" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SolarWinds</a> and Its <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISO</a> With Fraud and Cybersecurity Failures ➝ 🇺🇸 🤖 <a href="https://infosec.exchange/tags/Biden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Biden</a> Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns ➝ 🦠 📱 <a href="https://infosec.exchange/tags/Avast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Avast</a> confirms it tagged Google app as <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> on Android phones ➝ 🦠 🇰🇵 North Korean Hackers Targeting Crypto Experts with <a href="https://infosec.exchange/tags/KANDYKORN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KANDYKORN</a> <a href="https://infosec.exchange/tags/macOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#macOS</a> Malware ➝ 👥 💸 EleKtra-Leak <a href="https://infosec.exchange/tags/Cryptojacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cryptojacking</a> Attacks Exploit <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> IAM Credentials Exposed on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> ➝ 🦠 🐍 Trojanized <a href="https://infosec.exchange/tags/PyCharm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PyCharm</a> Software Version Delivered via <a href="https://infosec.exchange/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Google</a> Search Ads ➝ ✅ 🤖 <a href="https://infosec.exchange/tags/GooglePlay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GooglePlay</a> adds security audit badges for Android <a href="https://infosec.exchange/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPN</a> apps ➝ 🔐 Microsoft pledges to bolster security as part of ‘Secure Future’ initiative ➝ 🆕 FIRST Releases <a href="https://infosec.exchange/tags/CVSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVSS</a> 4.0 Vuln Scoring Standard ➝ 🆕 <a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MITRE</a> Releases ATT&CK v14 With Improvements to Detections, ICS, Mobile ➝ ⛔️ 🦠 <a href="https://infosec.exchange/tags/Samsung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Samsung</a> Galaxy gets new Auto Blocker anti-malware feature ➝ 🍏 🔐 <a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Apple</a> Improves <a href="https://infosec.exchange/tags/iMessage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iMessage</a> Security With Contact Key Verification ➝ 🔓 Researchers Find 34 <a href="https://infosec.exchange/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> Drivers Vulnerable to Full Device Takeover ➝ 🔓 🪶 3,000 <a href="https://infosec.exchange/tags/Apache" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Apache</a> <a href="https://infosec.exchange/tags/ActiveMQ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ActiveMQ</a> servers vulnerable to RCE attacks exposed online ➝ 🗣️ <a href="https://infosec.exchange/tags/Atlassian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Atlassian</a> CISO Urges Quick Action to Protect <a href="https://infosec.exchange/tags/Confluence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Confluence</a> Instances From Critical <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> ➝ 🔓 🩸 “This vulnerability is now under mass exploitation.” <a href="https://infosec.exchange/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CitrixBleed</a> bug bites hard ➝ 🐛 💰 HackerOne paid ethical hackers over $300 million in <a href="https://infosec.exchange/tags/bugbounties" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bugbounties</a> 📚 This week's recommended reading is: "Permanent Record" by Edward Snowden Subscribe to the <a href="https://infosec.exchange/tags/infosecMASHUP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecMASHUP</a> newsletter to have it piping hot in your inbox every week-end ⬇️<a href="https://infosec-mashup.santolaria.net/p/infosec-mashup-week-442023" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec-mashup.santolaria.net/p/infosec-mashup-week-442023</a>

abuse.ch :verified:Quak 🦆! The FBI and the U.S. Department of Justice announced a multinational operation to disrupt and dismantle the Qakbot botnet 💣 💥 Goodbye <a href="https://ioc.exchange/tags/Qakbot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Qakbot</a>, I hope we won't see you ever again 👋. And this is how it looks like from Feodo Tracker' perspective ⬇️. All <a href="https://ioc.exchange/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#botnet</a> C2s are offline 🛑<a href="https://feodotracker.abuse.ch/browse/qakbot/" rel="nofollow noopener noreferrer" target="_blank">https://feodotracker.abuse.ch/browse/qakbot/</a>Tango down! 💪

Neil CraigHaving a look at some recent DDOS stats. We're now seeing individual bots which *each* generate more RPS than we used to see as the combined peak RPS of an entire attack just a few years ago. Several bots generated over 40K RPS each in at least 3 recent DDOS, some over 50K RPS. Looks like lots of these bots are running on compromised Squid proxy servers. Squid 4.14 is common among quite a few of them and many are running I2P on TCP:4444. Patch your Squids, people! <a href="https://mastodon.social/tags/DDOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DDOS</a> <a href="https://mastodon.social/tags/BotNet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BotNet</a> <a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a>

Recent searches

Search options

Administered by:

Server stats:

#botnet