The Lemon Duck cryptocurrency mining botnet has adapted its tactics, now targeting Microsoft Exchange servers via ProxyLogon in a new campaign against North American targets. The botnet is leveraging the ProxyLogon exploits to conduct effective attacks while incorporating new techniques such as anti-detection capabilities and the addition of the Cobalt

A new update designed by law enforcement has begun the process of removing the Emotet botnet across the world, ridding nearly 1.6 million infected computers of the malware. Law enforcement agencies in the US, Canada, and Europe coordinated a takedown of Emotet infrastructure in January of this year, seeking to

Emotet, one of the world’s more notorious botnets in the world, has been wrecking chaos all over the internet for half a decade. However, a massive global police investigation has allegedly resulted in Emotet’s takedown and the arrest of multiple operators and members of the criminal operation behind the botnet.

A botnet called KashmirBlack has been infecting thousands of websites running on content management systems such as WordPress, Joomla, and Drupal. The botnet uses Dropbox and GitHub to avoid detection and is focused on spamming and defacing hundreds of thousands of websites.  Security firm Imperva was the first to report

Researchers have been monitoring a spike in the cryptocurrency mining botnet Lemon Duck, occurring since this August. The Lemon Duck botnet is a complex mining botnet that has the capability to tap into victims’ computer resources and mine the Monero virtual currency. Researchers warn that although the botnet has been

Several security firms, including ESET, Black Lotus Labs, and Symantec have teamed up with Microsoft and the financial services industry to combat the use of Trickbot through eliminating the ransomware’s C2 infrastructure. The notorious Trickbot ransomware has infected more than a million computing devices to date, according to a statement

A relatively recent peer-to-peer botnet has just been discovered by researchers. The botnet has been actively breaching Secure Shell servers since at least January and has been named FritzFrog. The botnet utilizes a worm malware that is multi-threaded, file-less, and leaves no signs of infection on the disks of targeted

A new botnet is reportedly actively targeting IoT devices through the use of payloads compiled for a dozen CPUs. The botnet uses these payloads to launch different types of DDoS attacks and spread malware. The botnet has been named the Dark Nexus by researchers at Bitdefender after they discovered it

Hackers are capitalizing on the public fear of the coronavirus, using headlines related to the global health emergency to spread malicious files, including the notorious Emotet malware. The botnet driven emails are using the coronavirus as a theme to target populations, luring victims into clicking on bad links. The emails

The Great Cannon Distributed Denial of Service (DDoS0 tool was deployed against the LIHKG platform used by Hong Kong protesters to coordinate. The Great Cannon is a tool that hijacks traffic between IP addressed, resulting in the ability to replace unencrypted content using man-in-the-middle techniques. The Great Cannon is currently