Security
Headlines
HeadlinesLatestCVEs

Tag

#botnet

U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks

Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft's services in June 2023. The attacks, which were facilitated by Anonymous Sudan's "powerful DDoS tool," singled out critical infrastructure, corporate networks,

The Hacker News
Open in Source
#web#microsoft#amazon#ddos#dos#git#botnet#aws#auth#The Hacker News
BYOB Unauthenticated Remote Code Execution

This Metasploit module exploits two vulnerabilities in the BYOB (Build Your Own Botnet) web GUI. It leverages an unauthenticated arbitrary file write that allows modification of the SQLite database, adding a new admin user. It also uses an authenticated command injection in the payload generation page. These vulnerabilities remain unpatched.

Zero-day Flaws Exposed EV Chargers to Shutdowns and Data Theft

NCC Group experts share details of how they exploited critical zero-day vulnerabilities in Phoenix Contact EV chargers (electric…

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 - Oct 13)

Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land" – and trust me, you NEED to be in the loop this time. We've got everything from zero-day exploits and AI gone rogue to the FBI playing crypto kingpin – it's full of stuff they don't 🤫 want you to know. So let's jump in before we get FOMO. ⚡ Threat of the Week GoldenJackal Hacks Air-Gapped Systems: Meet

Teraleak: Pokémon Developer Game Freak Hacked; Decades of Data Leaked

Game Freak’s “Teraleak” appears to expose nearly 1 terabyte of sensitive Pokémon data, including source code, cancelled games,…

Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems

Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck. "A vulnerability in the Nortek Linear eMerge E3 allows

GorillaBot Goes Ape With 300K Cyberattacks Worldwide

Among those affected by all this monkeying around with DDoS in September were some 4,000 organizations in the US.

China’s Salt Typhoon Hacks AT&T and Verizon, Accessing Wiretap Data: Report

China’s Salt Typhoon hacked AT&T, Verizon, and Lumen, compromising wiretap systems used in criminal investigations. The breach, linked…

Critical Vulnerabilities Expose Nearly 1 Million DrayTek Routers Globally

Critical security vulnerabilities exposed in DrayTek Vigor routers: Discover how to protect your network from these serious flaws.…

New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries

Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that is a variant of the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet "issued over 300,000 attack commands, with a shocking attack density" between September 4 and September 27, 2024. No less than 20,000 commands designed