New research by Guardicore sheds light on the evolution of the Smominru mining botnet that infected over 500,000 devices last year. Last month, the botnet added 90,000 new victims to its tally and currently continues to grow at around 4.7 infections per day. It mostly targets Windows 7 and Windows
Four months after seemingly shutting down, the notorious Emotet botnet is once again being used to distribute spam, security researchers at SpamHaus warn. The new campaign involves emails with malicious links or attachments targeting Polish and German-speaking users. In May of this year, the command and control (C&C) servers of
Security researchers at Positive Technologies are tracking a major botnet campaign that attacks web shells used by threat actors as part of other malware campaigns. The hackers behind the botnet previously operated a Windows Trojan called Neutrino that was used to attack desktop users. Their new campaign started in 2018
The latest threat report by Proofpoint points to Emotet as the top email-based threat in Q1 of this year. While Emotet was initially designed a banking Trojan, the malware has become a highly sophisticated, multifunctional (modular) threat that Proofpoint currently classifies as a botnet because it is used for “spam
A new Fortinet report underscores the current trend toward sophisticated, targeted cyberattacks involving custom code and living-off-the-land (LotL) techniques that enable attackers to take advantage of applications and processes already present on victim machines. Ransomware is no exception in this regard, for even though ransomware rates have dropped, targeted ransomware
Can you trust NSA tools? This and more as OODA Network Expert Michael Tanji provides insightful analysis of the most recent and significant cyber news.
A new report by Distil Networks shows that ticketing companies are getting overwhelmed by malicious bots. Bad bot traffic now makes up 39.9% of all ticketing traffic, which is far higher than the average across all industries and marks a tremendous increase from previous reports mentioning a rate of 22.9%.
A new Akamai report sheds light on the immense popularity of credential stuffing attacks among cyber criminals. In a credential stuffing attack, a threat actor uses leaked or stolen login credentials for user accounts of one service, to try to gain access to accounts for another service, based on the
Security researchers with CenturyLink have released a report documenting the recent evolution of TheMoon, an internet of things (IoT) botnet that was first detected in 2014. While TheMoon was originally used by cybercriminals to carry out DDoS attacks, it is now being used for other malicious purposes, such as brute-force attacks
In order to take down Joanap, a powerful cyberweapon operated by North Korean hackers, the US Department of Justice (DOJ) will start reaching out to victims whose machines have been enslaved by the botnet that has been operating since 2009. The DOJ initiative is a new phase in an ongoing operation targeting