Articles about botnet

A new cloud threat findings report from Cado Security looks at the evolving cloud threat landscape, shedding light on the heightened risk of cyberattacks due to the rapid adoption of cloud-focused services.

The report shows SSH is the most commonly targeted service accounting for 68.2 percent of the samples seen, followed by Redis at 27.6 percent, and Log4Shell traffic at a mere 4.3 percent, indicating a shift in threat actor strategy no longer prioritizing the vulnerability as a means of initial access.

Continue reading →

The final quarterly analysis of 2022's threat landscape from Nuspire confirms that last year saw the most threat activity in history.

While Q4 saw dips across all three sectors Nuspire monitors -- malware, botnets and exploits -- the net sum for the year shows a marked increase, especially in the case of exploits, which nearly doubled.

Continue reading →

Online fraud is becoming a scourge across the United Kingdom, and in the past year alone we’ve watched police tackle a record breaking number of scams.

One of the most dangerous attacks used by fraudsters is Account Takeover (ATO), whereby cybercriminals take ownership of online accounts by abusing stolen passwords and usernames, often accessed on the Dark Web. A Freedom of Information (FOI) request earlier this year revealed that ATO is the most common form of online fraud in the UK and new data from the 2022 Imperva Bad Bot Report shows ATO attacks rose a staggering 148 percent in 2021 alone. 

Continue reading →

Cybercriminals have become more adept at bypassing defenses with new DDoS attack vectors and successful methodologies, according to the latest DDoS Threat Intelligence Report from NETSCOUT.

The report is based on intelligence on attacks occurring in over 190 countries, 550 industries, and 50,000 autonomous system numbers (ASNs). It finds there were over six million DDoS attacks in first half of 2022, with TCP-based flood attacks (SYN, ACK, RST) still the most used attack vector, accounting for around 46 percent.

Continue reading →

In the second quarter of this year malware events increased over 25 percent, botnets doubled and exploit activity grew by nearly 150 percent, according to a new report.

The report from managed security services provider Nuspire, based on threat intelligence analyzed from Nuspire's trillion traffic logs from client sites and associated with thousands of devices from around the world, shows a substantial increase in botnet activity near the end of Q2, attributed to Torpig Mebroot botnet, a banking trojan designed to scrape and collect credit card and payment information from infected devices.

Continue reading →

The latest OT/IoT security report from Nozomi Networks shows that wiper malware and IoT botnets dominate threats to industrial control systems.

Researchers have observed the robust usage of wiper malware, and seen the emergence of an Industroyer variant, dubbed Industroyer2, developed to misuse the IEC-104 protocol, which is commonly used in industrial environments.

Continue reading →

Distributed Denial of Service (DDoS) attacks have become an ongoing threat for organizations. Using a variety of techniques, a wide range of threat actors from lone hackers, criminal gangs and hacktivists to nation-states are using DDoS attacks to disrupt or disable the performance of target systems. These targets can be small or large businesses, internet service providers, manufacturers, retailers, healthcare providers, schools and universities, or other nation-states. Essentially, any entity with an online presence can become a DDoS target.

Now, here is the why. There are three main reasons why people create botnets: For financial gain by extortion -- 'pay up or we keep attacking’; to make a point -- 'stop (or start) doing something or we continue’; or, in the case of nation-state actors, as an espionage or cyber warfare tactic.

Continue reading →

Several older botnets have seen a resurgence in activity in the first quarter of 2022, including Mirai, STRRAT and Emotet, according to the latest threat report from Nuspire.

Mirai, known for co-opting IoT devices to launch DDoS attacks and first seen in 2016, showed a spike in activity in February of this year. This corresponded with the discovery of Spring4Shell, a zero-day attack on popular Java web application framework, Spring Core. The attack allows for unauthenticated remote code execution, and data show Mirai exploited this vulnerability to its botnet.

Continue reading →

One of the more significant good news security stories of last year was the culmination of an international effort in January to take down the Emotet botnet.

Sadly it seems that you can't keep a bad botnet down for long. The latest Q4 and Year in Review Threat Report from Nuspire shows Emotet bouncing back, with steadily increasing levels of activity throughout December.

Continue reading →

Three months ago, law enforcement agencies from across the planet worked together to bring down Emotet, one of the world's most infamous botnets.

This action resulted in huge numbers of compromised email addresses being obtained by the various agencies, and the FBI has now offered these to Have I Been Pwned (HIBP) to make it easier for anyone to check if their information was harvested and used by Emotet.

Continue reading →