Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper (Reaper for this article), researchers estimate its current size at nearly two million infected devices.
Google has removed eight apps from the official Play Store that were infected with the Sockbot Android malware.
Malware families evolve on a daily basis, but some updates catch your eye more than others. Necurs has just gone through one of these "interesting" updates, according to US security firm Symantec.
Researchers at Akamai have identified a botnet of over 14,000 IP addresses used in malware distribution operations. The botnet is still up and running, and experts believe it will be hard to take it down because its operators are employing a clever technique called Fast Flux.
Security researchers have spotted a new type of low-and-slow brute-force attack — which they nicknamed KnockKnock — aimed at companies with Office 365 accounts.
A DDoS botnet first discovered in 2015 has ramped up activity during the summer and is responsible for over 900 DDoS attacks during the past four months, the biggest of which reached 45 Gbps.
Embedi, a hardware security firm, has published details about two vulnerabilities that have yet to be patched in the firmware of D-Link routers. This marks the second incident of this sort in the last five days.
A Russian-speaking hacker has been infecting Netgear routers over the past months with a new strain of malware named RouteX that he uses to turn infected devices into SOCKS proxies and carry out credential stuffing attacks.
In one of the most epic fails of epic fails, a malware dev used the same Skype ID to advertise his IoT botnet, but also to apply for jobs on freelancing portals.
Daniel Kaye, a 29-year-old hacker known under the nicknames of BestBuy and Popopret, will appear in a UK court today to face hacking charges related to his activity as master of one of the biggest Mirai botnets ever assembled.
Security researchers from Akamai, Cloudflare, Flashpoint, Google, Oracle Dyn, RiskIQ, Team Cymru, and a few other companies have worked together to take down a DDoS botnet made up of Android devices.
A list of thousands of fully working Telnet credentials has been sitting online on Pastebin since June 11, credentials that can be used by botnet herders to increase the size of their DDoS cannons.
Last Friday, on August 4, a jury in the US found Fabio Gasperini, an Italian citizen, guilty of building a botnet that he used to hijack remote servers and surreptitiously click on ads for his personal profits.
Website-building service Wix.com was the subject of a massive cyber-attack in April 2016 when a botnet of rogue Chrome extensions was creating Wix websites to spread itself to new users.
A 29-year-old man pleaded guilty in court on Friday to hijacking over 900,000 routers from the network of Deutsche Telekom, according to several reports in the German press.
Simple statistics can tell you a lot about the state of security in a market niche. For example, if we'd said that just five passwords would grant you access to 10% of all the IoT devices available online, you'd be right to feel concerned.
Security researchers from Pen Test Partners have discovered a new vulnerability that could allow the Mirai IoT worm to survive between device reboots, allowing the creation of a permanent IoT botnet.
In a US-CERT report released yesterday afternoon, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have published IOCs about a malware family known as DeltaCharlie, used by North Korea to create its private DDoS botnet.
The author of the Rakos malware has built himself a nicely-sized botnet, according to a post today by Renato Marinho of Morphus Labs.