botnet
-
Blog
Botnet exploits GeoVision zero-day to install Mirai malware
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 and was discovered by Piort Kijewski of The Shadowserver Foundation. It is a critical severity (CVSS v3.1 score: 9.8) OS command injection problem, allowing unauthenticated attackers to execute arbitrary system commands…
Read More » -
Blog
Chinese hackers use Quad7 botnet to steal credentials
Microsoft warns that Chinese threat actors use the Quad7 botnet, compromised of hacked SOHO routers, to steal credentials in password-spray attacks. Quad7, also known as CovertNetwork-1658 or xlogin, is a botnet first discovered by security researcher Gi7w0rm that consists of compromised SOHO routers. Later reports by Sekoia and Team Cymru reported that the threat actors are targeting routers and networking devices from TP-Link,…
Read More » -
Blog
FBI disrupts 260,000-strong botnet targeting universities and government agencies in US
The FBI has disrupted a vast botnet being used by a Chinese threat group to target universities, government agencies, and other organizations in the US. The Five Eyes intelligence alliance recently issued a joint advisory warning organizations to take protective action after identifying the botnet being used to deploy DDoS attacks against or compromise US organizations. Talking at the Aspen…
Read More »