The VPNFilter malware that infected over 500,000 routers and NAS devices across 54 countries during the past few months is much worse than previously thought.
Cyber-criminals have managed to assemble a gigantic botnet of over 40,000 infected web servers, modems, and other IoT devices, which they used for cryptocurrency mining, and for redirecting users to malicious sites.
Botnet operators can be as clueless about security as their victims, according to Ankit Anubhav Principal Researcher at NewSky Security, a cyber-security company specialized in IoT security.
Security researchers from Cisco said today that they've detected a giant botnet of hacked routers that appears to be preparing for a cyber-attack on Ukraine.
A malicious PHP script found on over 5,000 compromised websites has been fingered as the source of a large-scale spam campaign that has been silently redirecting users to web pages hosting diet and intelligence boosting pills.
Attacks on Dasan GPON routers are continuing to happen using two vulnerabilities disclosed last month, but today, researchers from Qihoo 360 Netlab have revealed that one botnet operator appears to have deployed a new zero-day affecting the same router types.
The operators of the Satori botnet are mass-scanning the Internet for exposed Ethereum mining rigs, according to three sources in the infosec community who've observed the malicious behavior —SANS ISC, Qihoo 360 Netlab, and GreyNoise Intelligence.
Attackers are experimenting with a new method of avoiding some DDoS mitigation solutions by employing the Universal Plug and Play (UPnP) protocol to mask the source port of network packets sent during the DDoS flood.
Security researchers have discovered the first IoT botnet malware strain that can survive device reboots and remain on infected devices after the initial compromise.
Two vulnerabilities affecting over one million routers, and disclosed earlier this week, are now under attack by botnet herders, who are trying to gather the vulnerable devices under their control.
A recent survey of 2,205 regular users has proven once again that most people don't update router firmware, don't change default credentials, and don't generally know how to secure their devices.
A botnet made up of servers and smart devices has begun the mass exploitation of a severe Drupal CMS vulnerability and is using already compromised systems to infect new machines, in a worm-like behavior.
Botnet operators and cyber-espionage groups (APTs) are abusing the Universal Plug and Play (UPnP) protocol that comes with all modern routers to proxy bad traffic and hide their real location from investigators.
Security experts have discovered a new strain of malware that targets vulnerable Linux-based systems and tries its best to avoid infecting devices on government and military networks.
A Chinese malware operation is currently building a massive botnet of nearly 5 million Android smartphones using a strain of malware named RottenSys.
Security researchers have spotted a new variant of the Mirai malware that focuses on infecting IoT and networking equipment with the main purpose of turning these devices into a network of proxy servers used to relay malicious traffic.