19 Sep 2019

Smominru Mining Botnet In Cyber Turf War With Rival Malware

New research by Guardicore sheds light on the evolution of the Smominru mining botnet that infected over 500,000 devices last year. Last month, the botnet added 90,000 new victims to its tally and currently continues to grow at around 4.7 infections per day. It mostly targets Windows 7 and Windows

Read More
17 Sep 2019

Emotet, today’s most dangerous botnet, comes back to life

Four months after seemingly shutting down, the notorious Emotet botnet is once again being used to distribute spam, security researchers at SpamHaus warn. The new campaign involves emails with malicious links or attachments targeting Polish and German-speaking users. In May of this year, the command and control (C&C) servers of

Read More
22 Aug 2019

A botnet has been cannibalizing other hackers’ web shells for more than a year

Security researchers at Positive Technologies are tracking a major botnet campaign that attacks web shells used by threat actors as part of other malware campaigns. The hackers behind the botnet previously operated a Windows Trojan called Neutrino that was used to attack desktop users. Their new campaign started in 2018

Read More
29 May 2019

Emotet Botnet Behind Most Email-Based Threats in Q1 2019

The latest threat report by Proofpoint points to Emotet as the top email-based threat in Q1 of this year. While Emotet was initially designed a banking Trojan, the malware has become a highly sophisticated, multifunctional (modular) threat that Proofpoint currently classifies as a botnet because it is used for “spam

Read More
22 May 2019

Ransomware Not Gone but More Targeted, Report Says

A new Fortinet report underscores the current trend toward sophisticated, targeted cyberattacks involving custom code and living-off-the-land (LotL) techniques that enable attackers to take advantage of applications and processes already present on victim machines. Ransomware is no exception in this regard, for even though ransomware rates have dropped, targeted ransomware

Read More
29 Mar 2019

Cyber Threat Analysis Report Volume 1, Edition 3

Can you trust NSA tools? This and more as OODA Network Expert Michael Tanji provides insightful analysis of the most recent and significant cyber news.

Read More
01 Mar 2019

Bots Plague Ticketing Industry

A new report by Distil Networks shows that ticketing companies are getting overwhelmed by malicious bots. Bad bot traffic now makes up 39.9% of all ticketing traffic, which is far higher than the average across all industries and marks a tremendous increase from previous reports mentioning a rate of 22.9%.

Read More
28 Feb 2019

28 Billion Credential Stuffing Attempts During Second Half of 2018

A new Akamai report sheds light on the immense popularity of credential stuffing attacks among cyber criminals. In a credential stuffing attack, a threat actor uses leaked or stolen login credentials for user accounts of one service, to try to gain access to accounts for another service, based on the

Read More
01 Feb 2019

IoT botnet used in YouTube ad fraud scheme

Security researchers with CenturyLink have released a report documenting the recent evolution of TheMoon, an internet of things (IoT) botnet that was first detected in 2014. While TheMoon was originally used by cybercriminals to carry out DDoS attacks, it is now being used for other malicious purposes, such as brute-force attacks

Read More
31 Jan 2019

DOJ moves to take down Joanap botnet operated by North Korean state hackers

In order to take down Joanap, a powerful cyberweapon operated by North Korean hackers, the US Department of Justice (DOJ) will start reaching out to victims whose machines have been enslaved by the botnet that has been operating since 2009. The DOJ initiative is a new phase in an ongoing operation targeting

Read More