Billions of Internet of Things and Local Area Network devices that rely on the Universal Plug and Play (UPnP) protocol for discovery of and interaction with other devices are vulnerable to “CallStranger,” a bug that can be exploited to exfiltrate data, launch a denial of service attack or scan ports. The Windows 10 operating system,…
The new Mirai variant Mukashi is targeting Zyxel network attached storage (NAS) devices using brute force attacks based on the default admin credentials and then exploiting CVE-2020-9054. Palo Alto Networks Unit 42 said almost all Zyxel NAS products running firmware versions up to 5.21 are susceptible. CVE-2020-9054 is a pre-authentication command injection vulnerability, which may…
The husband of a campaign staffer for former Rep. Katie Hill, D-CA., was arrested by the FBI for allegedly launching four DDoS attacks against the former congresswoman’s primary opponent. Arthur Dam was arrested on February 21 by FBI agents and charged with one count of intentionally damaging and attempting to damage a protected computer. In…
An extensive, several-hour-long interruption to Iran’s telecom infrastructure and internet hit that took place on February 8 that was likely caused by a distributed denial of service (DDoS) attack. The non-governmental organization Netblocks reported that at 11:45 a.m. local time Iranian internet connectivity from that country’s primary network operators was down by 25 percent eventually…
A new era of Distributed Denial of Service (DDoS) attacks has arrived. In 2018 DDoS attacks broke the terabit barrier, and have become even more frequent and sophisticated (or vicious) as they now commonly combine several different attack techniques that vary — both in time and geographically — to maximize impact. Even the giants of…
A new botnet dubbed Momentum has been found targeting Linux systems running on a variety of different processors and pushing a list of well-known backdoors with the goal of being able to launch DDoS attacks. Trend Micro reported Momentum has been found launching Mirai, Kaiten and Bashlite variants in a series of attacks that use…
A security research firm has been tracking a botnet that first popped onto its radar back in August that for some reason declines to make use of its DDos capabilities. The first bit of evidence found on the Roboto botnet was when the 360 Netlab team detected a suspicious ELF file in August and then…
The U.K. Labour Party’s digital platforms have been the target of distributed denial of service attack activity since yesterday, impeding access to the political body’s main website. The initial wave of DDoS attacks took place on Nov. 11. Multiple news reports today quoted a Labour Party spokesperson as saying that the barrage of fake traffic…
Utah-based wind and solar energy developer sPower has been identified as the utilities company that suffered a previously reported denial of service attack that disrupted its normal business activity last March 5. The cyberattack briefly cut off communications between sPower’s control centers and a dozen remote wind and solar farms that served as its power…
Researchers have uncovered a new variant of Gafgyt malware (aka BASHLITE) that infects home and small-office routers and networking equipment in order to recruit them into a botnet that bombards gaming servers with distributed denial of service attacks. One of its attacks involves a payload is specifically designed to attack servers running Valve Corporation’s Source…
