Skip to main content

Tag: botnets

17 articles

Law enforcement officials gather around a podium in a briefing room, dismantling a malware network.

Law Enforcement Disrupts SocGholish Malware Network, Cleans 15,000 WordPress Sites

In a major win for cybersecurity, an international team of law enforcement agencies has dismantled a notorious malware network, freeing 15,000 WordPress sites from infection and dealing a significant blow to cybercriminals. This decisive action is just the beginning, with authorities vowing to continue the fight against botnets and cybercrime.

Analyst 207
A router on a rack in a network closet with multiple cables connected.

China-Linked Hackers Exploit Global Infrastructure in Covert Network Attacks

Be on high alert: China-linked hackers are secretly building global covert networks using compromised routers and devices, putting anyone who's a target at risk of devastating cyber attacks and data theft. This sinister plot, revealed by a joint advisory from 16 government agencies worldwide, has far-reaching implications for organizations and individuals alike.

Analyst 207
Interconnected devices in a dimly lit server room with daylight visible through tall windows.

UK Warns of Chinese Hackers' Proxy Network Tactics to Evade Detection

The UK's National Cyber Security Centre has warned that Chinese hacking groups are using a sophisticated network of proxies to evade detection, with multiple covert networks constantly being updated and used by multiple threat actors. This alarming shift in tactics has prompted a coordinated warning from the NCSC-UK and nine international partners.

Analyst 207
Dimly lit server room with spotlight on a router emitting an ominous glow, surrounded by tangled cables and shadows of locks.

Iran Accuses US of Using Backdoors to Disrupt Networking Gear

Iranian media is accusing the US of sneaking backdoors into networking gear to disrupt operations amid the ongoing war, with Chinese state media echoing the claims globally. But what's really at stake when these explosive cyber-accusations make international headlines?

Analyst 207
Dark cityscape with giant cracked lock and sprawling botnet network of glowing lines and nodes, pulsing with malicious red…

Botnets Revive 13-Year-Old Apache Flaw in Global Campaign

A shocking resurgence of a 13-year-old Apache flaw has been exploited in a global campaign, highlighting the ongoing threat of old vulnerabilities getting new life. A hybrid P2P botnet and 18 other alarming stories have been uncovered, serving as a stark reminder to stay vigilant in the face of evolving cyber threats.

Analyst 207
Aisuru and Kimwolf Botnets Exclusive: Stunning Devastation

Aisuru and Kimwolf Botnets Exclusive: Stunning Devastation

Get an exclusive look at the Aisuru and Kimwolf botnets and the stunning devastation they’ve caused—an eye-opening read for anyone concerned about today’s cyberthreat landscape.

Analyst 207
KrebsOnSecurity.com Exclusive: Best Security Insights at 16

KrebsOnSecurity.com Exclusive: Best Security Insights at 16

For its 16th year, KrebsOnSecurity pulls back the curtain on how organized extortion rings, DDoS‑for‑hire botnets and scaled social‑engineering tradecraft turned lone hackers into multimillion‑dollar criminal businesses.

Analyst 207
CISA Exclusive: Critical Bulletproof Hosting Threat Alert

CISA Exclusive: Critical Bulletproof Hosting Threat Alert

Bulletproof hosting—the shadow infrastructure that shelters botnets, ransomware and fraud—has long let bad actors dodge takedowns. CISA’s new practical guide gives ISPs and hosts straightforward, actionable steps to detect, disrupt and remediate those services so defenders can finally keep pace.

Analyst 207
credential stuffing: Risky Scourge, Must-Have Defenses

credential stuffing: Risky Scourge, Must-Have Defenses

Think one reused password can’t hurt? A £2.31m fine proves it can — credential stuffing uses recycled logins and bots to drain money, steal data and wreck trust, and regulators are now forcing companies to adopt MFA, breached-password checks and smarter anti-bot defenses.

Analyst 207
hyper-volumetric DDoS attacks: Stunning Critical Threat

hyper-volumetric DDoS attacks: Stunning Critical Threat

Cloudflare says its automated defenses just stopped a record 11.5 Tbps DDoS assault, proving big providers can scrub massive traffic — but the scale is a wake-up call that attackers are growing bolder and organizations must invest in layered, shared defenses to stay ahead.

Analyst 207
DDoS attacks: Must-Have Defenses for Best Protection

DDoS attacks: Must-Have Defenses for Best Protection

When a small-town hospital’s patient portal or a county election website goes dark from a DDoS attack, the fallout can be disastrous — yet these digital sieges are often overlooked despite becoming cheaper, more frequent, and more damaging. It’s time to stop treating DDoS as a nuisance and start taking it seriously to protect healthcare, elections, and everyday businesses.

Analyst 207
cloud providers: Stunning Privacy Risk Exposed

cloud providers: Stunning Privacy Risk Exposed

When a DDoS bot tied to a rapper’s online persona was unmasked, it wasn’t a darknet mastermind but major cloud platforms that helped federal agents follow the trail—raising urgent questions about privacy, accountability and the growing role of cloud firms as both protectors and informants.

Analyst 207
exposed GeoServer: Critical Must-Have Fixes

exposed GeoServer: Critical Must-Have Fixes

Old misconfigs plus a fresh GeoServer RCE (CVE‑2024‑36401) are letting attackers turn exposed GeoServer and Redis instances into botnets, proxy farms, and covert miners—patch now, lock down management interfaces, and assume compromise until you can prove otherwise.

Analyst 207
Win-DDoS vulnerabilities: Stunning Critical Threat

Win-DDoS vulnerabilities: Stunning Critical Threat

Researchers at DEF CON 33 revealed Win-DDoS, a worrying new technique that could turn thousands of public domain controllers into a massive DDoS botnet—putting everything from online banking to emergency services at risk. Stay vigilant: patch systems, monitor networks, and train staff now to prevent trusted infrastructure from being weaponized.

Analyst 207
AI-Generated Ransomware: Critical, Dangerous Alert

AI-Generated Ransomware: Critical, Dangerous Alert

AI-generated ransomware is reshaping cybercrime—combining adaptive, stealthy malware with cryptomining botnets to create faster, more profitable attacks. Learn why this shift matters and what practical steps organizations and users can take now to reduce risk.

Analyst 207
Malware-as-a-Service: Must-Have Defense for Risky Threats

Malware-as-a-Service: Must-Have Defense for Risky Threats

Malware-as-a-Service is turning trusted platforms like GitHub into convenient delivery channels for threats like the Amadey botnet, letting even novice attackers rent powerful tools and hide payloads in seemingly legitimate repos. Learn how to spot risky repos, lock down CI and developer workflows, and keep collaboration safe without stifling innovation.

Analyst 207
New Method Discovered to Halt Cryptominer Campaigns with Bad Shares and XMRogue

New Method Discovered to Halt Cryptominer Campaigns with Bad Shares and XMRogue

New method unveiled to combat cryptominer campaigns using bad shares and XMRogue, enhancing security and efficiency in crypto mining operations.

Analyst 207