Surge in DDoS Attacks Linked to Variants of Mirai Botnet Recent investigations reveal that distinct offshoots of the notorious Mirai botnet are driving a new wave of distributed denial-of-service (DDoS) attacks around the globe. One variant is taking advantage of specific vulnerabilities in Internet of Things (IoT) devices to construct…
Data Protection and Cybersecurity Stocks Diverge in 2024: Analysis and Implications In 2024, cyber security stocks exhibited polarized performance, with companies focused on data protection experiencing significant gains largely driven by rising investments in artificial intelligence. In contrast, established firms in the vulnerability management segment faced double-digit declines in stock…
Recent analyses indicate that users of cybercrime forums have been discussing and recommending the “Big Mama” proxy service over the past year. Notably, in April, Cisco Talos, a cybersecurity division of Cisco, reported seeing traffic from Big Mama Proxy among other proxies, utilized by attackers trying to brute force access…
Cyberwarfare / Nation-State Attacks, Endpoint Security, Fraud Management & Cybercrime Possible State-Sponsored Exploit Kit Leveraging Browser Vulnerabilities for Spyware Deployment Anviksha More (AnvikshaMore) • December 6, 2024 Inside a “vocational skills education and training center” in Wensu County, Aksu Prefecture, Xinjiang. (Image: Shutterstock) In recent developments, a potential threat group…
A newly identified botnet, known as Goldoon, has emerged with a focus on exploiting a long-standing vulnerability within D-Link routers. This vulnerability, designated as CVE-2015-2051, has been present for nearly ten years, affecting models like the D-Link DIR-645. The flaw permits remote attackers to execute arbitrary commands through specially crafted…
The cyber threat landscape continues to evolve as researchers from Trend Micro report that the perpetrators behind the RedLine and Vidar information stealers are shifting their tactics to include ransomware attacks. This alarming trend has been facilitated through phishing campaigns that distribute malware utilizing Extended Validation (EV) code signing certificates,…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced on Thursday the inclusion of a significant security vulnerability associated with the Oracle WebLogic Server in its Known Exploited Vulnerabilities (KEV) catalog. This action follows compelling evidence that the flaw is actively being exploited in the wild, raising concerns for organizations…
The FBI has announced that it possesses over 7,000 decryption keys related to the LockBit ransomware operation, a significant development aimed at assisting victims in recovering their data at no cost. Bryan Vorndran, the assistant director of the FBI’s Cyber Division, highlighted this initiative during his keynote address at the…
Microsoft Addresses 51 Vulnerabilities in June Patch Tuesday Update In its latest Patch Tuesday update for June 2024, Microsoft has rolled out security updates to address 51 vulnerabilities across its products. Among these, one vulnerability has been classified as Critical, while the remaining 50 are deemed Important. This release also…
