Security
Headlines
HeadlinesLatestCVEs

Tag

#ddos

Russia Hackers Abusing BRc4 Red Team Penetration Tool in Recent Attacks

By Deeba Ahmed Palo Alto Networks’ Unit 42 security researchers have discovered that Russian state-sponsored hackers are abusing the latest Brute… This is a post from HackRead.com Read the original post: Russia Hackers Abusing BRc4 Red Team Penetration Tool in Recent Attacks

HackRead
Open in Source
#web#android#windows#ddos#git#intel#botnet
Teen Hackers on Discord Selling Malware for Quick Cash

By Deeba Ahmed Cybersecurity researchers urge parents to keep track of their children’s online activities. Avast security researchers have discovered a server on… This is a post from HackRead.com Read the original post: Teen Hackers on Discord Selling Malware for Quick Cash

The Worst Hacks and Breaches of 2022 So Far

From cryptocurrency thefts to intrusions into telecom giants, state-backed attackers have had a field day in the year’s first half.

ICYMI: A Microsoft Warning, Follina, Atlassian, and More

Dark Reading's digest of the other don't-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.

CVE-2022-25758: Regular Expression Denial of Service (ReDoS) in org.webjars.npm:scss-tokenizer | CVE-2022-25758 | Snyk

All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service (ReDoS) via the loadAnnotation() function, due to the usage of insecure regex.

CVE-2014-3648

The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered with bad deviceTokens, one can generate endless exceptions when those endpoints can't be reached or can slow the server down by purposefully wasting it's time with slow endpoints. Similarly, one can provide whatever HTTP end point they want. This turns the server into a DDOS vector or an anonymizer for the posting of malware and so on.

Pro-Russia Killnet Group Hit Top Lithuanian websites with Massive DDoS Attacks

By Deeba Ahmed The attack seems to be a retaliatory effort from Killnet following the diplomatic tensions between the two countries.… This is a post from HackRead.com Read the original post: Pro-Russia Killnet Group Hit Top Lithuanian websites with Massive DDoS Attacks

The Link Between AWM Proxy & the Glupteba Botnet

On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy -- a 14-year-old anonymity service that rents hacked PCs to cybercriminals -- suddenly went offline. Security experts had long seen a link between Glupteba and AWM Proxy, but new research shows AWM Proxy's founder is one of the men being sued by Google.

‘Killnet’ Adversary Pummels Lithuania with DDoS Attacks Over Blockade

Cyber collective Killnet claims it won’t let up until the Baltic country opens trade routes to and from the Russian exclave of Kaliningrad.