Botnets – Page 6 – WindowsTechs.com

Another Mirai variant used in attempted hacks on routers, switches

Posted on March 16, 2021 by Sean Lyngaas

Four years after being used in one of the most powerful distributed denial-of-service attacks on record, the so-called Mirai malware continues to haunt the internet. Researchers on Monday evening revealed that attackers used a new variant of the malicious software in a string of ongoing hacking attempts against devices like routers and switches. The attackers are using no less than eight flaws in popular networking gear to try to remotely commandeer the devices, according to Palo Alto Networks’ Unit 42, the research outfit that made the discovery. After breaking into a device, the attackers try to download malicious code to deploy Mirai variants, Unit 42 said. The concern is that they could use that access to steal data from the device, or conscript it into a botnet, a horde of infected computers used for spamming or distributed denial-of-service (DDoS) attacks, which stifle connectivity by flooding a network with phony traffic. […]

The post Another Mirai variant used in attempted hacks on routers, switches appeared first on CyberScoop.

Continue reading Another Mirai variant used in attempted hacks on routers, switches→

Botnet operators, ransomware scammers the latest groups to pounce on Exchange Server bugs

Posted on March 12, 2021 by Sean Lyngaas

The floodgates appear to be open on critical bugs in Microsoft software as a predictable bevy of scammers — from a ransomware actor to cryptocurrency conmen — have flocked to vulnerable email servers. The new incidents make clear that what started as a reported China-linked spying operation to steal data from the Microsoft email program has devolved into an opportunistic romp for criminals. The number of attempts to exploit the email software program, known as Exchange Server, doubled every two to three hours over the course of 24 hours, Israeli security firm Check Point said Thursday. Government organizations, along with manufacturing and financial firms, were the top sectors targeted. The researchers cautioned however, that they have yet to see intrusions that successfully string all of the vulnerabilities together. At least one ransomware actor has now entered the fray. Microsoft said late Thursday that crooks were using a new family of […]

The post Botnet operators, ransomware scammers the latest groups to pounce on Exchange Server bugs appeared first on CyberScoop.

Continue reading Botnet operators, ransomware scammers the latest groups to pounce on Exchange Server bugs→

Is Congress finally ready to pass meaningful ransomware legislation?

Posted on March 9, 2021 by Tim Starks

During the entire last two-year session of Congress, lawmakers only signed one bill law that mentioned the word “ransomware.” With the epidemic of digital extortion showing no signs of abating, though, and as ransomware attacks claim ever more victims across all parts of the U.S., evidence is mounting that the next two years could bring a more concerted push for legitlation. “I think it will be a focus because essentially every congressional district has had some kind of ransomware incident, whether public or not,” said Michael Garcia, a senior policy adviser in the national security program at Third Way, a center-left think tank. “Just look at the number of hospitals getting hit, of schools being hit.” In one recent incident, a Mississippi public school system revealed it had paid $300,000 to ransomware attacks, while a U.S. medical company, Universal Health Services, said it lost $67 million as a result of […]

The post Is Congress finally ready to pass meaningful ransomware legislation? appeared first on CyberScoop.

Continue reading Is Congress finally ready to pass meaningful ransomware legislation?→

Exposing a Currently Active Portfolio of High-Profile Cybercriminal Email Addresses – Part Six

Posted on March 8, 2021 by Dancho Danchev

Dear blog readers,Continuing the “Exposing a Currently Active Portfolio of High-Profile Cybercriminal Email Addresses” series I’ve decided to share yet another batch of currently active high-profile email addresses of high-profile cybercriminals with t… Continue reading Exposing a Currently Active Portfolio of High-Profile Cybercriminal Email Addresses – Part Six→

Exposing GRU’s Involvement in U.S Election Interference – 2016 – An OSINT Analysis

Posted on March 6, 2021 by Dancho Danchev

Dear blog readers,Continuing the “FBI’s Most Wanted Cybercriminals” series I’ve decided to share some of the actionable intelligence that I have on GRU’s involvement in the 2016 U.S Election interference with the idea to assist U.S Law Enforcement and … Continue reading Exposing GRU’s Involvement in U.S Election Interference – 2016 – An OSINT Analysis→

Exposing FBI’s Most Wanted Cybercriminals – “JabberZeuS” Crew – An OSINT Analysis

Posted on March 3, 2021 by Dancho Danchev

Dear blog readers,Continuing the “Exposing FBI’s Most Wanted Cybercriminals” series I’ve decided to share some actionable intelligence on the JabberZeuS crew that used to maintain several large botnets in the context of utilizing the popular DIY and le… Continue reading Exposing FBI’s Most Wanted Cybercriminals – “JabberZeuS” Crew – An OSINT Analysis→

Profiling a Currently Active High-Profile Cybercriminals Portfolio of Ransomware-Themed Extortion Email Addresses – Part Two

Posted on February 16, 2021 by Dancho Danchev

Continuing the “Profiling a Currently Active High-Profile Cybercriminals Portfolio of Ransomware-Themed Extortion Email Addresses” series including the original “Exposing Protonmail and Tutanota’s Illicit Abuse by Ransomware Gangs – A Compilation of Cu… Continue reading Profiling a Currently Active High-Profile Cybercriminals Portfolio of Ransomware-Themed Extortion Email Addresses – Part Two→

DDoS attacks in Q4 2020

Posted on February 16, 2021 by Oleg Kupreev, Ekaterina Badovskaya, Alexander Gutnikov

News overview Cybercriminals are constantly on the lookout for means and methods to make attacks more destructive. In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, Continue reading DDoS attacks in Q4 2020→

Can You Recognize These Guys?

Posted on February 5, 2021 by Dancho Danchev

Appreciate my rhetoric. Stay tuned!

Continue reading Can You Recognize These Guys?→

Rogue “Malware Spreading Security Researchers” Launch Malicious Social Engineering Campaign Against Legitimate Researchers – OSINT Analysis

Posted on February 5, 2021 by Dancho Danchev

Security researchers from Google have recently spotted and properly analyzed a currently circulation malicious software spreading social engineering driven malicious campaign that’s actively interacting with legitimate researchers on social media and p… Continue reading Rogue “Malware Spreading Security Researchers” Launch Malicious Social Engineering Campaign Against Legitimate Researchers – OSINT Analysis→