Recent law enforcement efforts reveal that individuals who engaged with DDoS-for-hire services may now be facing serious repercussions. Following the takedown of the world-renowned DDoS-for-hire platform Webstresser.org in April 2018, authorities are now focusing on the clients who utilized this service to orchestrate millions of cyber attacks against a range…
This week, VFEmail.net, a U.S.-based secure email provider, reported a catastrophic data breach that resulted in the complete loss of user data and backups. The attack, executed by unidentified hackers, devastated the company’s infrastructure, erasing nearly two decades of information in just a few hours. Such a loss is a…
A recent malware campaign has emerged, exploiting two zero-day vulnerabilities that enable remote code execution (RCE) to integrate routers and video recording devices into a Mirai-based distributed denial-of-service (DDoS) botnet. According to an advisory from Akamai, “The payload specifically targets routers and network video recorders (NVRs) with default admin credentials,…
In a significant development in cybersecurity, a new variant of the notorious Mirai botnet—dubbed “Mukashi”—is actively exploiting a newly discovered critical vulnerability affecting network-attached storage (NAS) devices. This attack aims to remotely compromise and commandeer vulnerable machines, reflecting an escalation in tactics employed by cybercriminals. Mukashi employs brute-force techniques, systematically…
In the third quarter of 2025, the Internet experienced a significant spike in cyberattacks, as documented in a thorough DDoS threat report from Cloudflare, a leading web security and infrastructure firm. This surge was notably driven by a prominent IoT botnet known as Aisuru, which executed some of the largest…
Apple Releases Critical Security Updates to Address Exploited Vulnerabilities Apple has issued new security updates aimed at mitigating significant flaws in its operating systems, including vulnerabilities that have reportedly been exploited in the wild. The updates come in response to the discovery of two critical memory corruption issues affecting the…
Okta, a prominent provider of authentication services, has identified security firm Sitel as a third-party entity involved in a critical security breach that occurred in late January. This incident permitted the LAPSUS$ extortion gang to gain unauthorized access to an internal account assigned to a customer support engineer. The breach…
A new hacktivist group named Hezi Rash, translating to “Black Force” in Kurdish, has gained prominence in the cyber landscape, as detailed in a recent report from Check Point’s External Risk Management team. Formed in 2023, this nationalist organization has adopted cyber warfare strategies, primarily deploying Distributed Denial-of-Service (DDoS) attacks…
Recent investigations conducted by Qihoo 360’s Netlab security team have unveiled an emergent botnet named “Abcbot.” This entity demonstrates worm-like propagation methods, targeting Linux systems to execute distributed denial-of-service (DDoS) attacks on various victims. The botnet’s inception can be traced back to July 2021, yet its latest variants, identified as…
