A new ongoing malware campaign is currently being distributed in the wild targeting TP-link wireless routers, leveraging a post-authenticated remote command execution, or RCE, vulnerability, according to FortiGuard Labs researchers.
A recently discovered botnet is infecting thousands of AT&T internet subscribers in the U.S., using a critical-severity blind command injection flaw first reported in 2017, according to new findings from China-based cybersecurity researchers.
Telecom company Voipfone has come under a severe "extortion-based" DDoS attack from foreign entities, according to a tweet by the U.K.-based company. The attack is likely a continuation of the one observed on Thursday, although the company stated that all its systems remained operational.
The latest edition of the ISMG Security Report features an analysis of attempts made by European law enforcement to encourage young cybercriminals to channel their skills in more ethical ways. Also featured: Fraud detection and response; inspiring behavioral change.
Dutch cybercrime police have a message for almost 30 users of an on-demand distributed denial-of-service site: We see what you're doing; now cut it out or we're going to arrest you. And not for the first time, the move shows police in Europe emphasizing ethical hacking pursuits instead for young adults.
Microsoft disclosed that it mitigated a 2.4 Tbps DDoS attack, which was 140% higher in scale than any previously recorded network volumetric event on Azure. The firm and some security experts say that attacks of this magnitude could wreak havoc on targeted companies and are difficult to mitigate.
Russian cybersecurity firm Rostelecom-Solar reports that it prevented what it believes is the Mēris botnet from an attempted takeover of 45,000 new devices. The company's president says it also stopped 19 distributed denial-of-service attacks targeting Russia’s remote electronic voting system.
The Mēris botnet, responsible for huge waves of DDoS attacks recorded by cybersecurity firms Qrator Labs and Cloudflare, is still active, using "abandoned" MikroTik routers. The attack signatures saw a spike of 21.8 million requests per second, exploiting a vulnerable version of MikroTik RouterOS.
New Zealand's Computer Emergency Response Team says it is aware of ongoing distributed denial-of-service attacks that have disrupted services at several organizations in the country, including some financial institutions and the national postal service.
Scientists from the University of Maryland and the University of Colorado Boulder say they have discovered a new way that attackers could launch reflected denial-of-service amplification attacks over TCP by abusing middleboxes and censorship infrastructure.
The daily peak of DDoS attack traffic increased 100% from January 2020 to May 2021, reaching 3 Tbps, with most of the high-bandwidth, high-intensity attacks originating from fewer than 50 hosting companies, Nokia Deepfield reports.
Traditional ransomware attacks may have taken over the news, but Proofpoint researchers say the malicious actors who presents themselves as the North Korean-backed Lazarus advanced persistent threat group have revamped their distributed denial-of-service ransom extortion strategy and rebranded.
Forescout Research Labs and the Israeli security firm JSOF have found nine Domain Name System vulnerabilities affecting four TCP/IP stacks that, if exploited, could lead to remote code execution or denial-of-service attacks - potentially on millions of devices.
Researchers with NetScout are warning that attackers are abusing certain versions of the Plex media server app to strengthen and amplify DDoS attacks. The FBI has also warned about increases in DDoS attacks that use these types of amplification techniques.