Tag: botnet
-
No, Elon, X DDoS was NOT by Ukraine
X marks the botnet: Outage outrage was a Ukrainian cyberattack, implies our favorite African billionaire comedy villain. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/elon-musk-x-ddos-ukraine-richixbw/
-
‘Ballista’ Botnet Exploits 2023 Vulnerability in TP-Link Routers
In the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it’s being used once more for another botnet campaign with its own malware. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/ballista-botnet-campaign-exploits-2023-vuln-tp-link-routers
-
Emerging botnet exploits TP-Link router flaw posing risk to US organizations
Ballista’s attacks on TP-Link devices comes as U.S. lawmakers consider banning the company’s products over suspected links to China. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/-botnet-exploits-tp-link-router/742319/
-
Previously unidentified botnet targets unpatched TP-Link Archer home routers
Researchers at Cato Networks said that during a recent investigation into router vulnerabilities, they discovered a new botnet, which they named Ballista, infecting TP-Link Archer devices. First seen on therecord.media Jump to article: therecord.media/ballista-botnet-tp-link-archer-routers
-
New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?
The Ballista botnet is exploiting an unpatched TP-Link vulnerability, targeting over 6,000 Archer routers, Cato CTRL researchers warn. Cato CTRL researchers observed a new botnet, called Ballista botnet, which is exploiting a remote code execution (RCE) vulnerability, tracked as CVE-2023-1389 (CVSS score 8.8), in TP-Link Archer routers. The CVE-2023-1389 flaw is an unauthenticated command injection…
-
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Targets Over 6,000 Devices
Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.”The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a technical…
-
Previously unidentified botnet infects unpatched TP-Link Archer home routers
Researchers at Cato Networks said that during a recent investigation into router vulnerabilities, they discovered a new botnet, which they named Ballista, infecting TP-Link Archer devices. First seen on therecord.media Jump to article: therecord.media/ballista-botnet-tp-link-archer-routers
-
New Ballista IoT Botnet Linked to Italian Threat Actor
Cato Networks has analyzed a new IoT botnet named Ballista, which targets TP-Link Archer routers. The post New Ballista IoT Botnet Linked to Italian Threat Actor appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-ballista-iot-botnet-linked-to-italian-threat-actor/
-
Knockout of X Tied to Pro-Palestinian Hacktivists’ Botnet
Experts Express Surprise Over Major Social Platform Falling Victim to DDoS Attacks. One of the world’s biggest social networks continued to face intermittent outages Tuesday, apparently due to unsophisticated, distributed denial-of-service attacks. Experts said the attacks were traced to malware-infected devices – many based in the U.S. – and pro-Palestinian hacktivists. First seen on govinfosecurity.com…
-
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.”The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a technical…
-
Edimax Says No Patches Coming for Zero-Day Exploited by Botnets
Edimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago. The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/edimax-says-no-patches-coming-for-zero-day-exploited-by-botnets/
-
>>Eleven11bot” Botnet Compromises 30,000 Webcams in Massive Attack
Tags: attack, botnet, communications, cyber, cybersecurity, ddos, linkedin, network, service, threatCybersecurity experts have uncovered a massive Distributed Denial-of-Service (DDoS) botnet known as >>Eleven11bot.
-
Mirai-Based Botnets Set Sights On Edimax IP Camera Zero-Day
First seen on scworld.com Jump to article: www.scworld.com/brief/mirai-based-botnets-set-sights-on-edimax-ip-camera-zero-day
-
A Brand-New Botnet Is Delivering Record-Size DDoS Attacks
Eleven11bot infects webcams and video recorders, with a large concentration in the US. First seen on wired.com Jump to article: www.wired.com/story/eleven11bot-botnet-record-size-ddos-attacks/
-
Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras
Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to achieve remote command execution. US CISA warns that multiple botnets are exploiting a recently disclosed vulnerability, tracked as CVE-2025-1316 (CVSS score of 9.8), in Edimax IC-7100 IP cameras. The issue is an Improper Neutralization of Special Elements used in an…
-
Unpatched Edimax IP camera flaw actively exploited in botnet attacks
A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/unpatched-edimax-ip-camera-flaw-actively-exploited-in-botnet-attacks/
-
Eleven11bot estimates revised downward as researchers point to Mirai variant
The botnet has been involved in DDoS activity targeting telecom;companies and gaming platforms. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/eleven11bot-revised-downward-mirai/741923/
-
A Brand New Botnet Is Delivering Record-Size DDoS Attacks
Eleven11bot infects webcams and video recorders, with a large concentration in the US. First seen on wired.com Jump to article: www.wired.com/story/eleven11bot-botnet-record-size-ddos-attacks/
-
Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets
Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution. The post Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/edimax-camera-zero-day-disclosed-by-cisa-exploited-by-botnets/
-
The Badbox botnet is back, powered by up to a million backdoored Androids
Best not to buy cheap hardware and use third-party app stores if you want to stay clear of this vast ad fraud effort First seen on theregister.com Jump to article: www.theregister.com/2025/03/07/badbox_botnet_returns/
-
Expanded BadBox botnet partly disrupted
Tags: botnetFirst seen on scworld.com Jump to article: www.scworld.com/brief/expanded-badbox-botnet-partly-disrupted
-
Over 86K IoT Devices Impacted By Novel Global Eleven11bot Botnet
First seen on scworld.com Jump to article: www.scworld.com/brief/over-86k-iot-devices-impacted-by-novel-global-eleven11bot-botnet
-
Breach Roundup: US Sanctions Iran-Based Nemesis Admin
Also, BianLian Ransomware Hackers Aren’t Really Mailing You. This week, the U.S. sanctioned the Nemesis admin, Poco RAT spotted in Latin America, Apple challenged a British order to weaken encryption and the FBI warned against scam letters purportedly from BianLian. Also, a Nigerian tax scammer extradited to the U.S., a new botnet and a Webex…
-
BadBox Malware Infects 50,000+ Android Devices via 24 Apps on Google Play
HUMAN’s Satori Threat Intelligence and Research team has uncovered a complex cyberattack dubbed >>BADBOX 2.0,
-
BadBox malware disrupted on 500K infected Android devices
The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/badbox-malware-disrupted-on-500k-infected-android-devices/
-
New Eleven11bot botnet infected +86K IoT devices
The Eleven11bot botnet has infected over 86,000 IoT devices, mainly security cameras and network video recorders (NVRs). Researchers from Nokia Deepfield Emergency Response Team (ERT) discovered a new botnet named Eleven11bot that has already infected over 86,000 IoT devices. Most infected devices are security cameras and network video recorders (NVRs), which are used to launch…
-
Eleven11bot Captures 86,000 IoT Devices for DDoS Attacks
The massive Eleven11bot has compromised more than 86,000 IoT devices, including security cameras and network video recorders, to launch hundreds of DDoS attacks, and security researchers say the threat actors behind the botnet are trying to grow it even more. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/eleven11bot-captures-86000-iot-devices-for-ddos-attacks/
-
New Eleven11bot DDoS Botnet Powered by 80,000 Hacked Devices
The Eleven11bot botnet has been described as one of the largest known DDoS botnets observed in recent years. The post New Eleven11bot DDoS Botnet Powered by 80,000 Hacked Devices appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-eleven11bot-ddos-botnet-powered-by-80000-hacked-devices/