Tag: iot

What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure

Apr 10, 2026 1:52 AM

Tags: access, advisory, ai, attack, authentication, automation, backup, cctv, chatgpt, cisa, communications, compliance, control, credentials, crypto, cve, cyber, cybersecurity, data, data-breach, defense, detection, dns, email, exploit, finance, firewall, flaw, government, group, healthcare, infrastructure, intelligence, international, Internet, iot, iran, kev, leak, linux, malicious, malware, mitigation, mitre, monitoring, network, office, openai, password, radius, resilience, risk, router, service, siem, software, strategy, switch, technology, threat, tool, update, vpn, vulnerability, vulnerability-management

An Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating under Iran’s IRGC Cyber-Electronic Command. The U.S. Treasury sanctioned six named officials in February 2024 and the State Department…
Masjesu botnet targets IoT devices while evading high-profile networks

Apr 9, 2026 5:52 PM

Tags: botnet, ddos, iot, jobs, network, router

Masjesu is a stealthy DDoS-for-hire botnet targeting IoT devices, active since 2023 and designed to stay hidden by avoiding high-profile networks. Masjesu is a stealthy botnet active since 2023, advertised as a DDoS-for-hire service. It targets IoT devices like routers and gateways, spanning multiple architectures. Designed for persistence, it executes carefully, avoiding high-profile IP ranges…
How botnet-driven DDoS attacks evolved in 2H 2025

Apr 8, 2026 8:52 PM

Tags: ai, attack, botnet, dark-web, ddos, defense, dns, finance, government, group, infrastructure, intelligence, international, Internet, iot, jobs, law, LLM, mitigation, network, resilience, risk, service, strategy, tactics, threat, tool, usa, vulnerability

Massive attack capacity: Demonstration attacks peaked at 30Tbps and 4 gigapackets per second, primarily launched by Internet of Things (IoT) botnets such as Aisuru and TurboMirai variants.AI integration: The use of AI, including dark-web large language models (LLMs), moved from emerging trend to operational reality, making sophisticated attacks accessible to a wider range of threat actors.Persistent threat…
Masjesu Botnet Emerges as DDoSHire Service Targeting Global IoT Devices

Apr 8, 2026 7:54 PM

Tags: botnet, cybersecurity, ddos, iot, jobs, router, service

Cybersecurity researchers have lifted the curtain on a stealthy botnet that’s designed for distributed denial-of-service (DDoS) attacks.Called Masjesu, the botnet has been advertised via Telegram as a DDoS-for-hire service since it first surfaced in 2023. It’s capable of targeting a wide range of IoT devices, such as routers and gateways, spanning multiple architectures.”Built for First…
Masjesu Botnet Targets Routers in Commercial DDoS Attacks

Apr 8, 2026 12:52 PM

Tags: attack, botnet, cyber, data-breach, ddos, hacker, Hardware, infrastructure, iot, jobs, network, router

Hackers are abusing the Masjesu botnet to run high-volume DDoS-for-hire attacks against routers, gateways, and other exposed IoT infrastructure, turning everyday network hardware into commercial attack firepower. Operating quietly since early 2023 and still active in 2026, Masjesu (also known as XorBot) shows how mature, stealth-focused botnets are reshaping the DDoS marketplace. Masjesu is a commercially run…
5 practical steps to strengthen attack resilience with attack surface management

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, container, control, credentials, cvss, cyber, cybersecurity, data, data-breach, detection, dns, email, endpoint, exploit, framework, government, identity, iot, malicious, monitoring, msp, network, nist, phishing, ransomware, resilience, risk, service, social-engineering, software, threat, tool, update, vpn, vulnerability, vulnerability-management, windows

What can attackers actually reach right now? By continuously identifying and prioritizing exposure across your environment, ASM transforms raw visibility into measurable cyber resilience.Below are five practical steps security teams can take to strengthen attack resilience using attack surface management principles. Effective attack surface management starts with complete visibility. Security gaps often appear because teams…
5 practical steps to strengthen attack resilience with attack surface management

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, container, control, credentials, cvss, cyber, cybersecurity, data, data-breach, detection, dns, email, endpoint, exploit, framework, government, identity, iot, malicious, monitoring, msp, network, nist, phishing, ransomware, resilience, risk, service, social-engineering, software, threat, tool, update, vpn, vulnerability, vulnerability-management, windows

What can attackers actually reach right now? By continuously identifying and prioritizing exposure across your environment, ASM transforms raw visibility into measurable cyber resilience.Below are five practical steps security teams can take to strengthen attack resilience using attack surface management principles. Effective attack surface management starts with complete visibility. Security gaps often appear because teams…
5 practical steps to strengthen attack resilience with attack surface management

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, container, control, credentials, cvss, cyber, cybersecurity, data, data-breach, detection, dns, email, endpoint, exploit, framework, government, identity, iot, malicious, monitoring, msp, network, nist, phishing, ransomware, resilience, risk, service, social-engineering, software, threat, tool, update, vpn, vulnerability, vulnerability-management, windows

What can attackers actually reach right now? By continuously identifying and prioritizing exposure across your environment, ASM transforms raw visibility into measurable cyber resilience.Below are five practical steps security teams can take to strengthen attack resilience using attack surface management principles. Effective attack surface management starts with complete visibility. Security gaps often appear because teams…
When Your Own Eyes Turn Against You: How Compromised Security Cameras and IoT/OT Devices Become Tools for Your Attackers

Apr 3, 2026 1:51 AM

Tags: access, advisory, attack, botnet, cctv, china, cloud, control, corporate, credentials, cyber, cyberattack, cybersecurity, dark-web, data, data-breach, defense, detection, endpoint, espionage, exploit, finance, firmware, flaw, government, group, hacking, healthcare, infrastructure, intelligence, international, Internet, iot, iran, law, linux, malware, network, office, privacy, ransomware, resilience, risk, russia, service, supply-chain, technology, threat, tool, ukraine, unauthorized, update, vpn, vulnerability, warfare, windows, zero-day, zero-trust

TL;DR Security cameras, IoT, and OT devices that are meant to protect us, are easily compromised and turned against defenders, enabling nation-state reconnaissance (Iranian hacks on Hikvision/Dahua cameras during strikes, Russian webcam abuse in Ukraine), espionage via exposed live feeds, ransomware pivots (Akira group bypassing EDR), massive botnets (Mirai/Eleven11bot), and physical disruption. Structural weaknesses like…
Cybersecurity in the age of instant software

Apr 2, 2026 11:51 AM

Tags: access, ai, attack, computing, control, credentials, cybersecurity, deep-fake, defense, detection, exploit, flaw, injection, intelligence, iot, malicious, network, open-source, programming, risk, social-engineering, software, technology, tool, update, vulnerability, zero-day

Automating patch creation: But that’s just half of the arms race. Defenders get to use AI, too. These same AI vulnerability-finding technologies are even more valuable for defense. When the defensive side finds an exploitable vulnerability, it can patch the code and deny it to attackers forever.How this works in practice depends on another related…
The 10 Coolest IoT Security Companies: The 2026 Internet Of Things 50

Mar 31, 2026 5:29 PM

Tags: Internet, iot, network

From Verkada and Armis to TXOne Networks and iOT365, CRN spotlights 10 IoT security vendors to watch in 2026 for partners and MSSPs. First seen on crn.com Jump to article: www.crn.com/news/security/2026/the-10-coolest-iot-security-companies-the-2026-internet-of-things-50
APIs are the new perimeter: Here’s how CISOs are securing them

Mar 30, 2026 1:29 PM

Tags: access, ai, api, attack, authentication, banking, breach, business, ciso, cloud, compliance, computer, control, credentials, cyber, data, data-breach, defense, edr, endpoint, exploit, finance, gartner, governance, group, Hardware, identity, infrastructure, iot, least-privilege, malicious, mobile, monitoring, network, risk, risk-assessment, saas, service, software, strategy, technology, threat, tool, unauthorized, vulnerability, vulnerability-management, waf

Legacy defenses can’t keep up: Traditional perimeter-based defenses are often insufficient against API-layer attacks. Traditional security defenses, such as EDR, XDR, and WAF, “primarily focus on clients, hardware, and software endpoints, looking at IP-based attack vectors,” explains BECU’s Murphy. “APIs bring us into the world of business logic and runtime types of issues.”Others agree that…
Europe Girds for Looming IoT Security Regulations

Mar 27, 2026 11:30 PM

Tags: cyber, cybersecurity, iot, law, regulation, resilience

European Commission Publishes Draft Guidance for Cyber Resilience Act. Key implementation deadlines loom for one of Europe’s most consequential cybersecurity laws and draft guidance from the European Union may help manufacturers comply – up to a point. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/europe-girds-for-looming-iot-security-regulations-a-31249
Mirai Malware Evolves into Hundreds of Variants Driving Botnet Growth

Mar 25, 2026 9:47 PM

Tags: attack, botnet, iot, malware, risk, vulnerability

Mirai malware evolves into hundreds of variants, driving botnet growth, including Aisuru and KimWolf, powering large-scale attacks, and increasing risks to vulnerable IoT devices worldwide. First seen on hackread.com Jump to article: hackread.com/mirai-malware-variants-botnet-growth/
Mirai Malware Evolves into Hundreds of Variants Driving Botnet Growth

Mar 25, 2026 9:47 PM

Tags: attack, botnet, iot, malware, risk, vulnerability

Mirai malware evolves into hundreds of variants, driving botnet growth, including Aisuru and KimWolf, powering large-scale attacks, and increasing risks to vulnerable IoT devices worldwide. First seen on hackread.com Jump to article: hackread.com/mirai-malware-variants-botnet-growth/
Mirai Botnets Evolve Into Major DDoS and Proxy Abuse Threats

Mar 25, 2026 1:47 PM

Tags: attack, botnet, cyber, cybercrime, ddos, iot, malware, threat

Mirai-based botnets have evolved from simple IoT malware into large-scale DDoS and proxy abuse platforms that now underpin record-breaking attacks and stealthy cybercrime operations. In total, over 21,000 C2 servers were observed between July and December 2025, with a notable shift towards abusing bots as residential proxies in addition to classic DDoS use. This growth…
DOJ Disrupts Botnets, But DDoS Threats Remain, Security Pros Warn

Mar 23, 2026 4:47 PM

Tags: attack, botnet, ddos, infrastructure, iot, threat

The DOJ put a dent into the rising number of DDoS attacks this month when it dismantled the infrastructure used by four prominent IoT botnets, but security pros are warning that while the takedown was significant, it’s likely a temporary reprieve from the threat. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/doj-disrupts-botnets-but-ddos-threats-remain-security-pros-warn/
âš¡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Mar 23, 2026 3:47 PM

Tags: attack, backdoor, data, exploit, Internet, iot, malware, supply-chain

Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many still ignore basic advisories.This edition covers a mix of issues: supply chain attacks hitting CI/CD setups, long-abused IoT devices being shut down, and exploits moving quickly from disclosure to real attacks.…
âš¡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Mar 23, 2026 3:47 PM

Tags: attack, backdoor, data, exploit, Internet, iot, malware, supply-chain

Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many still ignore basic advisories.This edition covers a mix of issues: supply chain attacks hitting CI/CD setups, long-abused IoT devices being shut down, and exploits moving quickly from disclosure to real attacks.…
TDL 018 – How To Think, Not What To Think – Mitch Prior

Mar 20, 2026 11:09 PM

Tags: access, ai, apple, attack, backup, blockchain, business, cctv, china, ciso, cloud, computer, conference, control, credentials, cvss, cyber, cybersecurity, data, defense, detection, exploit, finance, firmware, google, infrastructure, intelligence, Internet, iot, jobs, law, mail, malware, military, network, phone, privacy, resilience, risk, router, software, strategy, switch, technology, threat, tool, vulnerability, wifi, zero-trust

The Human Algorithm in a Zero-Trust World In the latest episode of The Defender’s Log, host David Redekop sits down with cybersecurity expert Mitch Prior to discuss the intersection of high-tech security and human intuition. From their first meeting in 2018″, the early days of Zero Trust”, the duo explores why the “why” behind technical…
US, allies move to dismantle four high-volume IoT botnets

Mar 20, 2026 5:10 PM

Tags: botnet, computer, extortion, Internet, iot

The armies of hacked computers and internet of things gadgets powered disruption and extortion campaigns that sometimes cost victims tens of thousands of dollars. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/botnet-takedown-operation-us-canada-germany/815309/
Feds disrupt monster IoT botnets behind record-breaking DDoS attacks

Mar 20, 2026 3:09 PM

Tags: attack, botnet, ddos, defense, iot

Millions of hijacked devices powered traffic floods targeting defense systems and beyond First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/botnet_disruption/
Botnetze zerschlagen: Millionen Router und IoT-Geräte für DDoS-Angriffe gekapert

Mar 20, 2026 1:10 PM

Tags: cyberattack, ddos, iot, router

Strafverfolger haben Kontrollsysteme mehrerer großer DDoS-Botnetze übernommen. Mehr als drei Millionen Router und andere Geräte sollen infiziert sein. First seen on golem.de Jump to article: www.golem.de/news/riesige-botnetze-zerschlagen-millionen-von-geraeten-fuer-ddos-attacken-missbraucht-2603-206724.html
Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators

Mar 20, 2026 12:10 PM

Tags: botnet, control, germany, infrastructure, iot, law

DoJ disrupted IoT botnets’ C2 infrastructure with global partners, targeting operators behind AISURU, Kimwolf, JackSkid, and others. The U.S. DoJ disrupted command-and-control infrastructure used by several IoT botnets, including AISURU, Kimwolf, JackSkid, and Mossad. The operation involved authorities from Canada and Germany, along with major tech companies, to target botnet operators and weaken their global…
Authorities disrupt four IoT botnets behind record DDoS attacks

Mar 20, 2026 12:10 PM

Tags: attack, botnet, ddos, international, iot

The U.S. Justice Department and international partners have disrupted four IoT botnets linked to DDoS attacks that reached 30 terabits per second, among the largest ever recorded. First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/20/us-disrupts-iot-botnets-ddos-attacks-aisuru-kimwolf/
Botnetze zerschlagen: Millionen Router und IoT-Geräte für DDoS-Traffic missbraucht

Mar 20, 2026 11:09 AM

Tags: ddos, iot, router

Strafverfolger haben Kontrollsysteme mehrerer großer DDoS-Botnetze übernommen. Mehr als drei Millionen Router und andere Geräte sollen infiziert sein. First seen on golem.de Jump to article: www.golem.de/news/riesige-botnetze-zerschlagen-millionen-von-geraeten-fuer-ddos-attacken-missbraucht-2603-206724.html
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

Mar 20, 2026 8:10 AM

Tags: attack, botnet, ddos, germany, infrastructure, Internet, iot, router, service

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets — named Aisuru, Kimwolf, JackSkid and Mossad — are responsible for…
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks

Mar 20, 2026 8:10 AM

Tags: attack, botnet, control, ddos, germany, infrastructure, Internet, iot, law

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of command-and-control (C2) infrastructure used by several Internet of Things (IoT) botnets like AISURU, Kimwolf, JackSkid, and Mossad as part of a court-authorized law enforcement operation.The effort also saw authorities from Canada and Germany targeting the operators behind these botnets, with a number of…
Authorities Dismantle IoT Botnet Linked to Record-Shattering 30 Tbps DDoS Campaigns

Mar 20, 2026 7:10 AM

Tags: attack, botnet, control, cyber, ddos, infrastructure, international, Internet, iot, law, network, service

A massive international law enforcement operation has successfully dismantled the command and control infrastructure behind four highly destructive Internet of Things (IoT) botnets. These sprawling networks were responsible for launching record-breaking Distributed Denial of Service (DDoS) attacks against global targets, with some traffic floods reaching an astonishing 30 Terabits per second (Tbps). The coordinated strike…
Authorities Dismantle IoT Botnet Linked to Record-Shattering 30 Tbps DDoS Campaigns

Mar 20, 2026 7:10 AM

Tags: attack, botnet, control, cyber, ddos, infrastructure, international, Internet, iot, law, network, service

A massive international law enforcement operation has successfully dismantled the command and control infrastructure behind four highly destructive Internet of Things (IoT) botnets. These sprawling networks were responsible for launching record-breaking Distributed Denial of Service (DDoS) attacks against global targets, with some traffic floods reaching an astonishing 30 Terabits per second (Tbps). The coordinated strike…