A group of researchers has conducted a rigorous comprehensive characterization of this DDoS attacks and of countermeasures to mitigate the associated risks. Denial of Service (DoS) attacks have been around about as long as computers have been network connected. A website’s purpose is to accept connections from the Internet and return information. A bad

The CSE CybSec Z-Lab Malware Lab spotted a new botnet, dubbed Wonder botnet, while it was investigating malicious code in the dark web. While investigating the malicious code in the dark web, ZLab experts discovered a “NetflixAccountGenerator.exe” that promises to generate a premium account for Netflix services for free. Unfortunately, the software downloade

Operators behind Locky ransomware campaigns have switched to new attack techniques to evade detection leveraging the DDE protocol. Security experts are continuing to observe the Locky ransomware spreading via spam campaigns that rely on the Necurs botnet. Now operators behind Locky ransomware campaigns have switched to new attack techniques to evade detectio

Security researchers with Trend Micro discovered a backdoor dubbed SYSCON that uses an FTP server for command and control (C&C) purposes. The SYSCON backdoor is spreading through tainted documents that refer North Korea and target individuals connected to the Red Cross and the World Health Organization. The use of an FTP server as C&C is uncommon fo

According to Imperva DDoS report, over 75% of targets were hit multiple times in Q2 2017, while the percentage was only 43.2% in the same period of 2016. Imperva published the Global DDoS Threat Landscape for Q2 2017, the report shows an increase in the amount of persistent application layer DDoS attack over a one-year period. According to Imperva, over 75%

Experts from security firm ESET discovered cyber criminals exploiting Microsoft Servers to mine Monero and already earned $63,000 in 3 Months. Mining cryptocurrencies is a profitable business, but it is also expensive because it needs significant investment in computing power. Crooks are using malicious code that steals computing resources of victims’

We first detected the banking malware EMOTET back in 2014, we looked into the banking malware’s routines and behaviors and took note of its information stealing abilities via network sniffing. After a period of relative inactivity, it appears it’s making a comeback with increased activity from new variants (Detected by Trend Micro as TSPY_EMOTET.AUSJLA

Google removed almost 300 Android apps from the official Play Store after expert at ESET reported they were abused for a DDoS attack. This week Google has removed at least 300 apps from the Official Play Store after learning that apps were being hijacked to power DDoS attacks. “We identified approximately 300 apps associated with the issue, blocked them from

Malware writer is offering for free a malware dubbed Cobian RAT in the underground, but the malicious code hides an ugly surprise. In the dark web, it is quite easy to find alone vxers and hacking forums that offer malware and customize them according to buyers’ needs. Recently researchers from Zscaler have spotted a remote access trojan dubbed Cobian

Security researchers are warning of the availability online of a list of IoT devices and associated telnet credentials. The list has been available on Pastebin since June, but last week it was also shared via Twitter by the researcher Ankit Anubhav becoming rapidly viral. The original list was posted by someone who has previously published a dump of valid lo

An estimated 175,000 Internet of Things (IoT) connected security cameras manufactured by Shenzhen Neo Electronics are vulnerable to cyber attacks. According to a new report from security provider Bitdefender, roughly 175,000 connected security cameras are vulnerable to cyber attacks. The vulnerable cameras are manufactured by the Chinese company Shenzhen Neo

The hacker BestBuy pleaded guilty in court on Friday to hijacking more than 900,000 routers from the network of Deutsche Telekom The notorious hacker BestBuy, also known as Popopret, pleaded guilty in court on Friday to hijacking more than 900,000 routers from the network of Deutsche Telekom. The 29-year-old man, whom name wasn’t revealed by authoritie

Threat actors behind the financial trojan TrickBot have been updating its campaigns targeting Payment Processors and CRM Providers. Threat actors behind Banking Trojan TrickBot switched from financial institutions to Payment processors and CRM providers. TrickBot was initially observed in September 2016 by the researchers at security firm Fidelis Cybersecuri

Pinkslipbot banking Trojan is a banking Trojan that uses a complicated multistage proxy for HTTPS-based control server communication. Security researchers at McAfee Labs have spotted a new strain of the Pinkslipbot banking malware (also known as QakBot/QBot) that leverages UPnP to open ports, allowing incoming connections from anyone on the Internet to commu

A study conducted by the security firm Rapid7 revealed that millions of devices remain exposed to cyber attacks via  SMB, Telnet, RDP, and other types of improper configurations. Rapid7 published the second report National Exposure Index that provides Internet service providers (ISPs) worldwide information about the global exposure of devices. The researche