La guerra digital volvió a mostrar su cara más devastadora. Un proveedor europeo de servicios de defensa frente a ataques […]| OpenSecurity
Executive Summary In a deep-dive analysis, Cyble Research and Intelligence Labs (CRIL) identified an ongoing in-the-wild Linux botnet campaign, which we have dubbed “Luno.” This campaign combines cryptocurrency mining, remote command execution, and modular DDoS attack capabilities. Additionally, it uses watchdog-based respawning and unusually strong anti-analysis defences into a single malware framework, indicating active professional threat actor involvement. Unlike conventional cryptomi...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Article Link: https://www.fbi.gov/contact-us/field-offices/jacksonville/news/staying-one-step-ahead| Project Hyphae
In early 2025, security researchers uncovered RapperBot. This sophisticated IoT botnet exploits zero-day vulnerabilities in network video recorders (NVRs) to orchestrate massive distributed denial-of-service (DDoS) attacks within seconds. By harnessing legacy devices, many of which are no longer supported by manufacturers, the operators of RapperBot can unleash floods exceeding terabits per second, crippling high-profile targets in […] The post RapperBot Hijacking Thousands of Devices to O...| Cyber Security News
ASEC Blog publishes Ransom & Dark Web Issues Week 3, August 2025 WARLOCK launched a ransomware attack targeting a telecommunications provider in France. The pro-Israeli hacktivist group “313 Team” claims to have conducted DDoS attacks against nine institutions in Saudi Arabia. Qilin carried out ransomware attacks targeting financial and […]| ASEC
Fogos.pt, a volunteer-run wildfire tracker in Portugal, grew from a side project into a critical national resource used by citizens, media, and government. During 2025 fire season it was hit by DDoS attacks, but stayed online thanks to Cloudflare’s protections under Project Galileo.How a volunteer-run wildfire site in Portugal stayed online during DDoS attacks| The Cloudflare Blog
概述 近期,我们的BotMon系统连续捕获到一个由Go编写的DDoS类型的僵尸网络家族,它用于DDoS攻击,使用了包括SSH/Telnet弱口| 360 Netlab Blog - Network Security Research Lab at 360
Background On April 13, 2022, 360Netlab first disclosed the Fodcha botnet. After our article was published, Fodcha suffered a crackdown from the relevant authorities, and its authors quickly responded by leaving "Netlab pls leave me alone I surrender" in an updated sample.No surprise, Fodcha's authors| 360 Netlab Blog - Network Security Research Lab at 360
背景 2022年4月13日,360Netlab首次向社区披露了Fodcha僵尸网络,在我们的文章发表之后,Fodcha遭受到相关部门的打击,其作者| 360 Netlab Blog - Network Security Research Lab at 360
Excerpts from DDoS attack surveys conducted in 2023 will provide your organization with statistics to bolster its cybersecurity strategy.| Help Net Security
There has been an increase in the volume of DDoS attacks over the last two years, and in H1 of 2023, we see a capacity of about 800 Gbps.| Help Net Security
Cybersecurity - Cybersecurity Threats - What is Cybersecurity Threat? - Types of Cybersecurity Threats - Cybersecurity Attacks| Gridinsoft Blogs
Ukrainian Computer Emergency Response Team (CERT-UA) said that Ukraine hit by large-scale DDoS attacks.| Gridinsoft Blogs
AhnLab SEcurity intelligence Center (ASEC) is monitoring attacks targeting poorly managed Linux servers by utilizing multiple honeypots. One of the most common honeypots is the SSH service using weak credentials, and a large number of DDoS and CoinMiner threat actors are attacking this service. ASEC has recently identified a case of an attack that installs […]| ASEC
Cybersecurity researcher has performed a diligent OSINT investigation and managed to uncover the personality of a hacker behind X DDoS attack| Gridinsoft Blogs
Over 20,000 Ubiquiti G4 Wi-Fi cameras are still vulnerable to the flaw discovered back in 2017, that allows for DDoS attacks and data leaks.| Gridinsoft Blogs
Actively exploited SLP vulnerability (CVE-2023-29552) poses high-severity threat. CISA recommends swift mitigation measures.| Gridinsoft Blogs
Researchers discovered 21 vulnerabilities affecting all the Sierra AirLink routers; they can potentially cause RCE, XSS and DoS attacks.| Gridinsoft Blogs
Mirai botnet Pandora has been discovered infiltrating inexpensive Android-based TV sets. through the firmware spread via third party websites.| Gridinsoft Blogs
GorillaBot is a new offspring of Mirai virus, posessing all the qualities of the original malware and bringing even more threatening features| Gridinsoft Blogs
IP Stresser & DDoS-Booter is a special tool that tests a network or server for stress tolerance. The administrator can run the stress test.| Gridinsoft Blogs
Before considering how to prevent DDoS attacks, we first consider this definition. Because without understanding what is at stake, it will be hard for us to take action.| Gridinsoft Blogs
In Q3, DDoS attacks increased by 111% YoY, Cloudflare auto-mitigated a 2.5 Tbps attack targeting a Minecraft server as multi-terabit scale DDoS attacks become increasingly frequent. Read more in our 2022 Q3 DDoS Report| The Cloudflare Blog
Discover what the NIS2 Directive means for businesses in 2025. Learn about the latest updates in cybersecurity regulations, compliance requirements, and audit expectations under the EU's revamped framework.Ask ChatGPT| Big Data Analytics News
Beware of “blame the vendor” distractions. https://bsky.app/profile/rgblights.bsky.social/post/3ltshf3lvc22e Rob Joyce posted this on his BlueSky account as a response to Alexander Martin’s article, “Spain awards Huawei contracts to manage intelligence agency wiretaps.” Both Rob and Alex are exasperating “blame the vendor” fears when the real problem is more systemic, with nothing to do with which world Read More| SENKI
Introduction Distributed Denial of Service (DDoS) attacks remain one of the most disruptive threats in the cybersecurity landscape. By overwhelming systems with traffic, attackers aim to exhaust resources, crash services, and cause downtime. Traditional security measures struggle to defend against these attacks, especially in dynamic hybrid and remote environments. This is where DDoS Prevention with ZTNA becomes crucial. By implementing Zero Trust Network Access (ZTNA), organizations can sign...| hyper-ict.com
Fedezze fel, miért elengedhetetlen a DDoS elleni védelem VPS szerverek számára. Cikkünkben részletesen bemutatjuk, hogyan segíthet megvédeni honlapját és erőforrásait a DDoS támadásoktól, miközben kihasználja a virtuális szerverek előnyeit.| aWh
Welcome to the 19th edition of the Cloudflare DDoS Threat Report. Released quarterly, these reports provide an in-depth analysis of the DDoS threat landscape as observed across the Cloudflare network. This edition focuses on the third quarter of 2024.| The Cloudflare Blog
Ransom & Dark Web Issues Week 3, May 2025 ASEC| ASEC
2023 saw a surge in the duration of DDoS attacks, and in the first half of 2024, it’s clear that surge has become the new normal.| Help Net Security
DDoS attacks are surging. In 2025 Q1, Cloudflare blocked +20M attacks (a 358% YoY spike) along with 5.6 Tbps and 4.8 Bpps record-breaking attacks. And that's just the beginning. Read more in our latest DDoS Threat Report.| The Cloudflare Blog
A new vulnerability in Redis leads to potential Denial of Service with over 23,000 companies exposed to attacks| Gridinsoft Blogs
先日 Akamai SIRT からも報告のあった複数のゼロデイ脆弱性を悪用して感染を行う Mirai 亜種 Infect...| IIJ Security Diary
Discover how evolving DDoS attacks demand smarter defenses. Learn trends, challenges, and strategies to safeguard your digital infrastructure.| GlobalDots
Operating an online service like Report URI, it comes with the territory. The ever present threat of attack is something we are fully aware of, and prepare for as best we can. Being the regular subject of attacks, mostly handled by our robust systems and automated defences, these attacks mostly| Scott Helme
A few months ago, United States General Vincent Brooks warned the Senate about the growing threat from North Korean cyber-attacks, saying, "While I would not| Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Overview On 2021-06-22 we detected a sample of a mirai variant that we named mirai_ptea propagating through a new vulnerability targeting KGUARD DVR. Coincidently, a day later, on June 23, we received an inquiry from the security community asking if we had seen a new DDoS botnet, cross-referencing some| 360 Netlab Blog - Network Security Research Lab at 360
Overview In August 2024, XLab observed a premeditated large-scale DDoS attack targeting the distribution platforms of the chinese game Black Myth: Wukong, namely Steam and Perfect World.This attack operation was divided into four waves, with the attackers carefully selecting the peak online hours of gamers in various time zones| 奇安信 X 实验室
概述 2024年8月XLab观察到一次有预谋的针对国产游戏《黑神话悟空》发行平台 Steam 和 完美世界的大规模DDoS攻击事件。此次攻击行动分为四个波次,攻击者精心挑选在各个时区的游戏玩家在线高峰时段发起长达数小时的持续攻击。并且同时攻击Steam和完美世界分布在全球13个地区的上百个服务器,以实现最大的破坏效果。而参与此次攻击行动的僵尸网络当时自称为AISURU。本文将...| 奇安信 X 实验室
Overview Countless script kiddies, dreaming of getting rich, rush into the DDoS black-market industry armed with Mirai source code, imagining they can make a fortune with botnets. Reality, however, is harsh—these individuals arrive full of ambition but leave in dismay, leaving behind a series of Mirai variants that survive| 奇安信 X 实验室
概述 无数脚本小子怀揣着发财梦,拿着 Mirai 的源码兴高采烈地杀入 DDoS 黑产行业,幻想着靠僵尸网络大赚一笔。现实是残酷的,这些人来时满怀雄心,去时却灰头土脸,只给安全社区留下一个又一个只能活跃 3–4 天的 Mirai 变种。然而,今天的主角Gayfemboy是一个例外。 Gayfemboy 僵尸网络首次于 2024 年 2 月初被 XLab 捕获,并持续活跃至今。它的早期版本并不起眼,仅仅是一个...| 奇安信 X 实验室
Configuration guide explaining how to set up Foomuuri firewall and how to tune Apache and configure mod_qos to mitigate DDoS attacks.| Frederik Himpe
Note: There has been considerable discussion in both the media and the security community about whether the Trump and Musk interview livestream on X yesterday was indeed the target of a DDoS attack. While many suggest that no attack took place, our analysis indicates that the attack did occur. Below| 奇安信 X 实验室
In recovering from recent cyberattacks on October 9, the Internet Archive has resumed the Wayback Machine (starting October 13) and Archive-It (October 17), and as of today (October 21), has begun offering provisional availability of archive.org in a read-only manner. Features like uploading, borrowing, reviewing items, interlibrary loan, and other services are not yet available. | Internet Archive Blogs
Although a fix is available to patch vulnerabilities, the EV industry is slow in applying the updates.| Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Kaspersky Unveils Alarming IoT Vulnerabilities and Dark Web's Thriving DDoS Economy.| Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Twitter @Hackread - Facebook @ /Hackread| Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Do you have a customer whose printer ports are open and vulnerable and can now be used for DDoS? Is your network’s “Internet Print Protocol” (IPP) port open and ready for exploitation? Last week, the Shadowserver Foundation alerted a “large increase in queries on 631/UDP seen in our sensors due to recent CUPS RCEs disclosure. Read More| SENKI
Incident Review On the evening of August 24th, Steam platform suddenly went down, with players around the world reporting that they were unable to log in. Many players speculate that the crash is caused by too many people online in Black Myth: Wukong. However, according to the announcement of Perfect| 奇安信 X 实验室
事件回顾 8月24日晚,Steam平台突然崩溃,国内外玩家纷纷反馈无法登录。许多玩家猜测崩溃是由于《黑神话:悟空》在线人数过多导致。然而,根据完美世界竞技平台的公告,此次Steam崩溃实际上是因为遭受了大规模DDoS攻击。 完美世界公告 Downdetector用户报告的Steam 中断情况 关于此次事件XLab的观察 XLAB大网威胁感知系统对最近的DDoS攻击事件进行了深入观察。我们注意到,此...| 奇安信 X 实验室
按: 昨天特朗普与马斯克访谈直播是否 x 真的遭受到了DDos攻击,我们看到安全社区有一些讨论,有一种倾向是认为实际上并没有攻击发生,从我们的视角看,攻击是真实的发生了,如下是一篇简要的情况介绍 事件回顾 按照原定计划,美东时间12日晚8时,埃隆·马斯克将对第60届美国总统大选候选人唐纳德·特朗普进行一次连麦直播访谈,并在X平台上通过马斯克和特朗普的个人账号进...| 奇安信 X 实验室
I feel the need, the need for speed.| Más Bandwidth
Follow us on Twitter (X) @Hackread - Facebook @ /Hackread| Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Follow us on Twitter @Hackread - Facebook @ /Hackread| Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Overview On June 17, 2024, we discovered an ELF sample written in C language with a detection rate of 0 on VT. This sample was packed with a modified upx packer. After unpacking, another modified upx-packed elf file was obtained which was written in CGO mode. After analysis, it was| 奇安信 X 实验室
一、概述 2024年6月17号我们发现了一个VT 0检测的使用c语言编写的ELF样本,这个样本使用变形的upx加壳,脱壳后得到了另一个变形的upx加壳的elf文件,使用cgo的方式编写。经过分析发现这是来自“8220“挖矿团伙的新工具,用来安装其他恶意软件执行,主要是构建Tsunami DDoS僵尸网络和安装PwnRig挖矿程序。根据样本中的函数名称将其命名为“k4spreader”,进一步分析了VT的和蜜罐的...| 奇安信 X 实验室
Background On May 20, 2024, while everyone was happily celebrating the holiday, the tireless XLab CTIA(Cyber Threat Insight Analysis) system captured a suspicious ELF file around 2 PM, located at /usr/bin/geomi. This file was packed with a modified UPX, had a magic number of 0x30219101, and was| 奇安信 X 实验室
背景 2024年5月20日,当大家都在愉快地庆祝节日时,不知疲倦的XLab大网威胁感知系统于14点左右捕获了一个可疑的ELF文件,路径为/usr/bin/geomi。该文件使用变形的UPX加壳,幻数为0x30219101,从俄罗斯上传到VirusTotal,未被任何杀软引擎检测出恶意行为。当晚22点,另一个使用相同UPX幻数的geomi文件从德国上传到VT。可疑的文件路径的,变形的UPX壳,以及多国上传的情况引起了我们...| 奇安信 X 实验室
Overview XLab's CTIA(Cyber Threat Insight Analysis) System continuously tracks and monitors the active mainstream DDoS botnets. Recently, our system has observed that CatDDoS-related gangs remain active and have exploited over 80 vulnerabilities over the last three months. Additionally, the maximum number of targets has been observed to exceed 300+| 奇安信 X 实验室
Key points from the 2018 industry consultation on our anti-DDoS strategy. This is the trust peer community who daily battles DDoS.| SENKI
On Ukrainian Independence Day the IT Army of Ukraine announce a number of new victories, release a Youtube about their outage of Russian postal services, and promote a major leak of financial data from brand new hacktivist crew 2402.| The Cryptosphere
After a little time away, we’re back and sharing the official target lists from the IT Army of Ukraine. Want to know how to join the fight? Fire up Tor, then sign into your VPN, then go here: https://t.me/itarmyofukraine2022/439 Now,... Read More ›| The Cryptosphere
They’re on a roll, with three updates in 36 hours. Today they’re continuing to hit the Russian drone industry, and adding new targets suggested by hacktivist supporters around the world. Shall we get into it? Let’s get into it. Announcements... Read More ›| The Cryptosphere
The IT Army of Ukraine continues to target drone companies in Russia.| The Cryptosphere
Today, the IT Army of Ukraine and its hacktivist supporters target Russian drone companies.| The Cryptosphere
Sorry we’ve been offline: Ottawa has had a massive internet outage that’s still not fully resolved (we’d like to think that’s Russia trying to stop us from posting these, but we’d like the liability courts NOT to think that). And... Read More ›| The Cryptosphere
Learn about NoName057(16), a pro-Russian hacktivist group behind Project DDoSia targeting entities supporting Ukraine. Discover an overview of the changes made by the group, both from the perspective of the software shared by the group to generate DDoS attacks and the specifics of the evolution of the C2 servers. It also provides an overview of the country and sectors targeted by the group for 2024.| Sekoia.io Blog
背景 一段时间之前,我们捕获了一个VT 0 检测,使用变形UPX加壳,名为pandoraspear,MD5为9a1a6d484297a4e5d6249253f216ed69的可疑ELF样本。在分析过程中,我们发现它硬编码了9个C2域名,其中有2个域名过期的保护期已过,于是我们注册了这2个域名用以度量botnet的规模。在我们能观测的时间内bot的巅峰日活为17万左右,绝大部分位于巴西。 当这个团伙发现我们注册了他的域名之后,通过D...| 奇安信 X 实验室
Update 2019.12.04: Recently we have received quite a few requests of comment about this blog. We feel it necessary to list following facts here: 1. Kenneth Crurrin Schuchman, with nicknames "Nexus" or "Nexus-Zeta", a 21 years old young man, has pleaded guilty on 2019.09.03 to the| 360 Netlab Blog - Network Security Research Lab at 360
This post dives into the details of the HTTP/2 protocol, the feature that attackers exploited to generate the massive Rapid Reset attacks, and the mitigation strategies we took to ensure all our customers are protected| The Cloudflare Blog
本报告由国家互联网应急中心(CNCERT)与三六零数字安全科技集团有限公司共同发布。 概述 近期,CNCERT和三六零数字安全科技集团有限公司共同监测发现一个新的且在互联网上快速传播的DDoS僵尸网络,通过跟踪监测发现其每日上线境内肉鸡数(以IP数计算)已超过1万、且每日会针对超过100个攻击目标发起攻击,给网络空间带来较大威胁。由于该僵尸网络最初使用的C2域名fol...| 360 Netlab Blog - Network Security Research Lab at 360