DOJ, international law enforcement disrupt massive RSOCKS botnet

Written by AJ Vicens Jun 17, 2022 | CYBERSCOOP An international operation involving the U.S. Department of Justice alongside law enforcement officials in Germany, the Netherlands and the United Kingdom…

Europol says it disabled FluBot botnet infecting 'huge' number of devices

Written by Suzanne Smalley Jun 2, 2022 | CYBERSCOOP The European Union’s law enforcement agency announced Wednesday that an operation involving 11 countries led to its recent takedown of a…

FSB's Fronton DDoS tool was actually designed for widespread 'massive' fake info campaigns, researchers say

Written by AJ Vicens May 19, 2022 | CYBERSCOOP In March 2020, a Russian hacktivist group published a dozen documents showing that the Russian Federal Security Service was seeking technology…

Ukrainian cybercriminal sentenced to four years in U.S. prison for credential theft scheme

Written by AJ Vicens May 12, 2022 | CYBERSCOOP A Ukrainian man convicted in February of trafficking in stolen username and password credentials was sentenced to four years in federal…

Group behind Emotet botnet malware testing new methods to get around Microsoft security

Written by AJ Vicens Apr 26, 2022 | CYBERSCOOP The hackers behind Emotet — one of the longest-tenured and most prolific malware variants dating back to 2014 — have been…

US says it disrupted Russian botnet 'before it could be weaponized'

Written by Joe Warminsky Apr 6, 2022 | CYBERSCOOP The U.S. government disrupted a botnet attributable to Russia’s GRU intelligence agency before it could be used for malicious purposes, Attorney…

Sandworm-linked botnet has another piece of hardware in its sights

Written by Joe Warminsky Mar 17, 2022 | CYBERSCOOP Botnet activity that drew loud warnings last month from U.S. and U.K. cybersecurity agencies has expanded to a second type of…

The Log4j Vulnerability Is Now Used by State-Backed Hackers

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…

Relentless Log4j Attacks Include State Actors, Possible Worm

More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell. Call it a “logjam” of threats: Attackers including nation-state actors have already targeted…

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily-exploited…