Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts say aRead More »Aisuru Botnet Shifts from DDoS to Residential Proxies
A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted execution environment (TEE) in a computer’s main processor, including Intel’s Software Guard eXtensions (SGX) and Trust Domain Extensions (TDX) and AMD’sRead More »New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves
Witnesses on the Thai side of the border reported hearing explosions and seeing smoke coming from the center over the past several nights starting on Friday. The post Stragglers From Myanmar Scam Center Raided by Army Cross Into Thailand as Buildings are Blown Up appeared first on SecurityWeek.
Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover (DTO) attacks. “Herodotus is designed to perform device takeover while making first attempts to mimic human behaviour and bypass behaviour biometrics detection,”Read More »New Android Trojan ‘Herodotus’ Outsmarts Anti-Fraud Systems by Typing Like a Human
Threat actors tied to North Korea have been observed targeting the Web3 and blockchain sectors as part of twin campaigns tracked as GhostCall and GhostHire. According to Kaspersky, the campaigns are part of a broader operation called SnatchCrypto that has been underway since at least 2017. The activity is attributedRead More »Researchers Expose GhostCall and GhostHire: BlueNoroff’s New Malware Chains
Approximately 40 billion records (13 TB) were found in an exposed database.
The critical-severity flaw allows attackers to smuggle HTTP requests and access sensitive data, modify server files, or cause DoS conditions. The post QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability appeared first on SecurityWeek.
SimSpace provides realistic cyber ranges where organizations can test attack preparedness and validate defenses. The post SimSpace Raises $39 Million for Cyber Range Platform appeared first on SecurityWeek.
A new class of Mirai-based DDoS botnets have been launching massive attacks, but their inability to spoof traffic enables device remediation. The post TurboMirai-Class ‘Aisuru’ Botnet Blamed for 20+ Tbps DDoS Attacks appeared first on SecurityWeek.
Sublime Security’s Series C funding round brings the total raised by the company to more than $240 million. The post Sublime Security Raises $150 Million for Email Security Platform appeared first on SecurityWeek.
