#botnet

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  I’m very excited about this video I’ve embedded below — it’s a project I’ve been working on with my team for a while now. Building off what I’ve written about in the past regarding fake news, this video examines what essentially equates to the propaganda being spread on social media during Russia’s invasion of Ukraine.  This includes everything from fake videos of soldiers dancing to Ukrainian laser cats and fairly convincing deepfake videos.  The Russia cybersecurity news doesn’t end there, either. State-sponsored actors have been busy over the past month, including the Killnet group, which recently targeted several U.S. local elections offices and major airports. So far, these cyber attacks don’t seem to have had any major effects or disruptions so far, but I just think it’s worth noting that these groups are just as active as ever, which is what the U.S. government has been warning us about sin...

State-sponsored actors have been busy over the past month, including the Killnet group, which recently targeted several U.S. local elections offices and major airports.

State-sponsored actors have been busy over the past month, including the Killnet group, which recently targeted several U.S. local elections offices and major airports.

Excessive statefulness hurts the ability to scale networks, applications, and ancillary supporting infrastructure, thus affecting an entire service delivery chain's ability to withstand a DDoS attack.

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 7 and Oct. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats. As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of the date of publication. Additionally, please keep in mind that IOC searching is only one part of threat hunting. Spotting a single IOC does not necessarily indicate maliciousness. Detection and coverage for the following threats is subject to updates, pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net. For each threat described below, this blog post only lists 25...

Web infrastructure and security company Cloudflare disclosed this week that it halted a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet. Characterizing it as a "multi-vector attack consisting of UDP and TCP floods," researcher Omer Yoachimik said the DDoS attack targeted the Minecraft server Wynncraft in Q3 2022. "The entire 2.5 Tbps attack lasted about 2 minutes,

Nexusguard DDoS Statistical Report reveals key attack observations and analysis from the first half of 2022.

Skybox Security Cloud Edition ushers in a new era of proactive cybersecurity .

By Deeba Ahmed The phishing email, which was marked as safe by Microsoft, was aimed at 21,000 users of a national healthcare firm. This is a post from HackRead.com Read the original post: Zoom Phishing Scam Steals Microsoft Exchange Credentials

An analysis of the malware and its infection strategies finds nearly 21,000 minor and 139 major variations on the malware — complexity that helps it dodge analysis.