Collaborate Disseminate
Lumen Technology’s Black Lotus Labs took the ngioweb botnet and NSOCKS proxy offline Tuesday.
The post Botnet serving as ‘backbone’ of malicious proxy network taken offline appeared first on CyberScoop.
Continue reading Botnet serving as ‘backbone’ of malicious proxy network taken offline
Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack:
“Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at a larger scale and greatly increase the likelihood of successful credential compromise and initial access to multiple organizations in a short amount of time,” Microsoft officials wrote. “This scale, combined with quick operational turnover of compromised credentials between CovertNetwork-1658 and Chinese threat actors, allows for the potential of account compromises across multiple sectors and geographic regions.”…
The FBI has shut down a botnet run by Chinese hackers:
The botnet malware infected a number of different types of internet-connected devices around the world, including home routers, cameras, digital video recorders, and NAS drives. Those devices were used to help infiltrate sensitive networks related to universities, government agencies, telecommunications providers, and media organizations…. The botnet was launched in mid-2021, according to the FBI, and infected roughly 260,000 devices as of June 2024.
The operation to dismantle the botnet was coordinated by the FBI, the NSA, and the Cyber National Mission Force (CNMF), according to a press release dated …
Flax Typhoon targeted critical infrastructure in the U.S. and abroad and compromised hundreds of thousands of devices, the FBI director said.
The post FBI joint operation takes down massive Chinese botnet, Wray says appeared first on CyberScoop.
Continue reading FBI joint operation takes down massive Chinese botnet, Wray says
The US Justice Department has dismantled an enormous botnet:
According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide. These devices were associated with more than 19 million unique IP addresses, including 613,841 IP addresses located in the United States. Wang then generated millions of dollars by offering cybercriminals access to these infected IP addresses for a fee…
Continue reading The Justice Department Took Down the 911 S5 Botnet
‘Operation Endgame’ is an ongoing effort to disrupt botnets, malware droppers and malware-as-a-service. Continue reading International Malware Takedown Seized 100+ Servers
‘Operation Endgame’ targeted well-known malware variants used to facilitate ransomware and other serious cybercrime.
The post Global police operation strikes against malware infrastructure appeared first on CyberScoop.
Continue reading Global police operation strikes against malware infrastructure
Scores of purchased or compromised devices used in “operational relay box networks” make detection and defense harder.
The post Chinese-linked hacking units increasingly use ‘ORBs’ to obfuscate espionage, researchers say appeared first on CyberScoop.
The UK is the first country to ban default passwords on IoT devices.
On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted.
The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.
The UK may be the first country, but as far as I know, California is the first jurisdiction. It …
U.S. authorities disrupted the infrastructure used by a notorious Russian hacking group linked to the country’s military intelligence agency.
The post DOJ, FBI disrupt Russian intelligence botnet appeared first on CyberScoop.
Continue reading DOJ, FBI disrupt Russian intelligence botnet