Botnet stories

Cloudflare blocked a record 7.3 Tbps DDoS attack targeting a client, marking the largest ever publicly disclosed, using its fully automated global defence system.

The US has charged Russian Rustam Gallyamov for running the Qakbot malware network, seizing USD $24m in cryptocurrency from cybercrime activities.

The US DOJ indicted Russian nationals behind DanaBot malware, linked to Russian intelligence and used for cybercrime, espionage, and attacks on Ukraine.

A newly uncovered botnet of over 130,000 compromised devices is exploiting Microsoft 365 accounts through password spraying attacks, raising security alarms.

A newly discovered botnet, consisting of over 130,000 compromised devices, is targeting Microsoft 365 accounts with password spraying attacks, linked to China-based actors.

CyberCX has warned consumers about the security dangers posed by Chinese-manufactured internet-connected devices after a compromised doorbell incident in Australia.

Concerns are rising over TP-Link products amid reports of a potential ban, highlighting security risks associated with smart home devices in the US.

The return of Volt Typhoon, a state-sponsored cyber-espionage group, threatens global infrastructures, exploiting outdated devices for covert operations.

CloudSEK warns that the Androxgh0st botnet has significantly expanded its reach, now targeting critical vulnerabilities in various systems and IoT devices.

Akamai’s latest report reveals financial services face escalating DDoS attacks, with politically motivated strikes and rampant brand impersonation and phishing threats.

The takedown of Qakbot offers a brief respite for cybersecurity teams but highlights the persistent, evolving threat landscape and the complexity of combating cybercrime.

Cado Security's latest report reveals a troubling evolution in P2Pinfect malware, now featuring ransomware and cryptomining capabilities targeting servers.

Malwarebytes has launched a free Digital Footprint Portal offering a detailed analysis of sources including the dark web.

Ensign InfoSecurity reveals a zero-day vulnerability in D-Link DIR-822 routers, putting users at risk of cyber attacks including data theft.

SentinelOne threat researchers identify malware macOS.Bkdr.Activator, spreading via illicitly modified versions of popular software, potentially threatening macOS users at an extensive scale.

Cado Security Labs unveils a sophisticated variant of the P2Pinfect botnet, targeting MIPS-based devices, including IoT products.

OracleIV campaign uses Docker Engine API exploit to deliver malicious Docker containers for executing DDoS attacks.

Cybersecurity leader Check Point unveils Global Threat Index, identifying Formbook as September's dominant malware.

Secureworks' Counter Threat Unit researchers have long maintained active monitoring of the botnet and detected the disruption activity on August 25.

ESET Research has published a summary of what happened with the Emotet botnet since its comeback after a limited takedown.