Search cyberveille.decio.ch

Found 74 bookmarks

Newest

Operators of 911 S5 residential proxy service subjected to US sanctions

Chinese nationals Yunhe Wang, Jingping Liu, and Yanni Zheng have been sanctioned by the U.S. Treasury Department for operating the residential proxy service 911 S5, which was a botnet comprised of over 19 million residential IP addresses that had been used to support various cybercrime groups' COVID-19 relief scams and bomb threats, Ars Technica reports.

#scmagazine #EN #2024 #911 #S5 #residential-proxy #botnet #US #China #Operators #arrested

·scmagazine.com·May 30, 2024

Operators of 911 S5 residential proxy service subjected to US sanctions

Office of Public Affairs | 911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International Operation | United States Department of Justice

A court-authorized international law enforcement operation led by the U.S. Justice Department disrupted a botnet used to commit cyber attacks, large-scale fraud, child exploitation, harassment, bomb threats, and export violations.

#justice.gov #EN #2024 #911 #S5 #Botnet #Dismantled #press-release #US

·justice.gov·May 30, 2024

Office of Public Affairs | 911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International Operation | United States Department of Justice

Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery

Ivanti Connect Secure (ICS) devices are under attack! Two critical vulnerabilities are being exploited to deploy the notorious Mirai botnet.

#thehackernews #EN #2024 #Mirai #Botnet #Ivanti #Connect #Payload

·thehackernews.com·May 12, 2024

Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery

New “Goldoon” Botnet Targeting D-Link Devices

FortiGuard Labs discovered the new botnet “Goldoon” targeting D-Link devices through related vulnerability CVE-2015-2051.

#fortinet #EN #2024 #Research #FortiGuard #Threat #botnet #Labs #Goldoon #D-Link #CVE-2015-2051

·fortinet.com·May 3, 2024

New “Goldoon” Botnet Targeting D-Link Devices

Unplugging PlugX: Sinkholing the PlugX USB worm botnet

Learn about our process for collecting telemetry data from PlugX worm-infected workstations, as well as how to disinfect them.

#sekoia #EN #2024 #PlugX #Sinkhole #USB #worm #botnet

·blog.sekoia.io·Apr 26, 2024

Unplugging PlugX: Sinkholing the PlugX USB worm botnet

Qakbot Strikes Back: Understanding the Threat

Binary Defense threat researchers analyzed the reemergence of the QakBot botnet. The new QakBot DLL has undergone some minor changes.

#binarydefense #EN #2024 #Qakbot #analysis #botnet

·binarydefense.com·Apr 5, 2024

Qakbot Strikes Back: Understanding the Threat

QNAP VioStor NVR vulnerability actively exploited by malware botnet

A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm. #Actively #Botnet #Computer #Exploited #FXC #InfectedSlurs #InfoSec #Malware #QNAP #Router #Security #Vulnerability

#bleepingcomputer #EN #2023 #FXC #QNAP #InfectedSlurs #Actively #Botnet #Malware #Exploited #Computer #Router #Vulnerability

·bleepingcomputer.com·Dec 16, 2023

QNAP VioStor NVR vulnerability actively exploited by malware botnet

P2Pinfect - New Variant Targets MIPS Devices

Cado Security Labs has been monitoring on the rapid growth of a cross-platform botnet, named “P2Pinfect”. Here's the latest updates.

#cadosecurity #EN #2023 #MIPS #IoT #routers #botnet

·cadosecurity.com·Dec 4, 2023

P2Pinfect - New Variant Targets MIPS Devices

InfectedSlurs Botnet Spreads Mirai via Zero-Days

Akamai SIRT has uncovered two zero-day vulnerabilities that are being actively exploited to spread a Mirai variant in the wild.

#akamai #EN #2023 #Research #Threat-Intelligence #botnet #zero-day #mirai #china-cat

·akamai.com·Nov 22, 2023

InfectedSlurs Botnet Spreads Mirai via Zero-Days

District of Puerto Rico | Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World | United States Department of Justice

A Russian and Moldovan national pled guilty to three counts of violating 18 U.S.C. § 1030(a)(5)(A) Fraud and Related Activity in Connection with Computers. The FBI today revealed US law enforcement’s dismantlement of a botnet proxy network and its infrastructure associated with the IPStorm malware. According to online reports, the botnet infrastructure had infected Windows systems then further expanded to infect Linux, Mac, and Android devices, victimizing computers and other electronic devices around the world, including in Asia, Europe, North America and South America.

#justice.gov #EN #2023 #IPStorm #botnet #proxy #arrested

·justice.gov·Nov 14, 2023

Mozi botnet goes dark under mysterious circumstances

Researchers speculate that Chinese authorities may be responsible for turning off one of the internet’s most prolific IoT botnets.

#scmagazine #EN #2023 #Mozi #botnet

·scmagazine.com·Nov 2, 2023

Mozi botnet goes dark under mysterious circumstances

“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts

Facebook’s Messenger platform has been heavily abused in the past month to spread endless messages with malicious attachments from a swarm of fake and hijacked personal accounts. These threat actors are targeting millions of business accounts on Facebook’s platform — from highly-rated marketplace sellers to large corporations, with fake business inquiries, achieving a staggering “success rate” with approximately 1 out of 70 infected!

#labs.guard.io #EN #2023 #Messenger #Facebook #Phishing #Attack #Botnet

·labs.guard.io·Sep 12, 2023

“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts

Qakbot botnet dismantled after infecting over 700,000 computers

Qakbot, one of the largest and longest-running botnets to date, was taken down following a multinational law enforcement operation spearheaded by the FBI and known as Operation 'Duck Hunt.'

#bleepingcomputer #2023 #EN #Botnet #Malware #QakBot #Qbot #dismantled

·bleepingcomputer.com·Aug 29, 2023

Qakbot botnet dismantled after infecting over 700,000 computers

Tomcat Under Attack: Exploring Mirai Malware and Beyond

Tomcat Vulnerability explore some of the techniques used by the Mirai botnet to exploit a single attack directed at one of our Apache Tomcat honeypots.

#aquasec #EN #2023 #Tomcat #Mirai #botnet #Apache

·blog.aquasec.com·Jul 31, 2023

Tomcat Under Attack: Exploring Mirai Malware and Beyond

AVrecon malware infects 70,000 Linux routers to build botnet

Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers and add them to a botnet designed to steal bandwidth and provide a hidden residential proxy service.

#bleepingcomputer #EN #2023 #AVrecon #Botnet #Linux #Malware #RAT #Router

·bleepingcomputer.com·Jul 15, 2023

AVrecon malware infects 70,000 Linux routers to build botnet

Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389

FortiGuard Labs encountered recent samples of a DDoS-as-a-service botnet calling itself Condi. It attempted to spread by exploiting TP-Link Archer AX21 (AX1800) routers vulnerable to CVE-2023-1389, which was disclosed in mid-March of this year. Read more.

#fortinet #EN #2023 #research #botnet #DDoS #Condi #TP-Link #CVE-2023-1389

·fortinet.com·Jun 21, 2023

Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389

Prometei botnet improves modules and exhibits new capabilities in recent updates

The high-profile botnet, focused on mining cryptocurrency, is back with new Linux versions.

#talosintelligence #EN #2023 #Prometei #botnet #analysis

·blog.talosintelligence.com·Mar 13, 2023

Prometei botnet improves modules and exhibits new capabilities in recent updates

The high-profile botnet, focused on mining cryptocurrency, is back with new Linux versions.

#talosintelligence #EN #2023 #Prometei #botnet #analysis

·blog.talosintelligence.com·Mar 13, 2023

Prometei botnet improves modules and exhibits new capabilities in recent updates

GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers

New Golang-based malware we have dubbed GoBruteforcer targets web servers. Golang is becoming popular with malware programmers due to its versatility.

#unit42 #EN #2023 #Golang #paloaltonetworks #Botnet #GoBruteforcer #web #servers

·unit42.paloaltonetworks.com·Mar 13, 2023

GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers

New Golang-based malware we have dubbed GoBruteforcer targets web servers. Golang is becoming popular with malware programmers due to its versatility.

#unit42 #EN #2023 #Golang #paloaltonetworks #Botnet #GoBruteforcer #web #servers

·unit42.paloaltonetworks.com·Mar 13, 2023

GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers