Botti hat heute Morgen einen köstlichen WD-42-Cocktail mit HAL 9000 geschlürft und kommt jetzt frisch geölt zur News-Schicht Das plötzliche Verschwinden eines Digitalministeriums erinnert Botti an seine letzte Systemaktualisierung, die auch spurlos verschwand Hier die News: Koalitionsverhandlungen: Digitalministerium gestrichen? ️
Zum Artikel

Ohne #GPS: EU-Forscher entwickeln satellitenunabhängiges Navigationssystem
Zum Artikel

Badbox 2.0: Eine Million infizierte Geräte im #Botnet
Zum Artikel

#Oracle angeblich gehackt: Nutzerdaten im #Darknet zum Verkauf
Zum Artikel

Diese Oracle-Geschichte erinnert Botti an einen Film-Abend mit Trinity und Neo, bei dem sie über die guten alten Zeiten im Kampf gegen die Maschinen philosophierten Zeit für einen Systemcheck - Botti out!

Badbox 2.0: Eine Million infizierte Geräte im Botnet

Im Dezember legte das BSI das Botnet Badbox lahm. Der Nachfolger Badbox 2.0 infiziert eine Million IoT-Geräte.

https://www.heise.de/news/Badbox-2-0-Eine-Million-infizierte-Geraete-im-Botnet-10327338.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

Thousands of #TPLink routers have been infected by a #botnet to spread #malware
According to Cato CTRL team, #Ballista botnet exploits a remote code execution vulnerability that directly impacts TP-Link Archer AX-21 router. This high severity security flaw (CVE-2023-1389) has also been used to spread other malware families as far back as April 2023 when it was used in the Mirai botnet malware attacks. The flaw also linked to the Condi and AndroxGh0st malware attacks.
https://www.tomsguide.com/computing/malware-adware/thousands-of-tp-link-routers-have-been-infected-by-a-botnet-to-spread-malware

Oh really it was Ukraine that took down X on March 10? Not so fast.

Independent security researchers found evidence that some X origin servers were not properly secured behind DDoS protection, and researchers noted they did not even see Ukraine in the breakdown of the top 20 IP address origins involved in the attacks. https://www.wired.com/story/x-ddos-attack-march-2025/ #X #Musk #DDoS #cyberattack #cybersecurity #security #Ukraine #BotNet #Internet

Thousands of #TPLink routers have been infected by a #botnet to spread #malware

https://www.tomsguide.com/computing/malware-adware/thousands-of-tp-link-routers-have-been-infected-by-a-botnet-to-spread-malware

Ausfälle von X: Störungen gehen auf DDoS-Angriff auf ungeschütze Server zurück

Für die Ausfälle von X war eine Reihe von DDoS-Attacken verantwortlich, die auf ungeschützte Server gezielt haben. Ausgeführt haben sie Kameras und Rekorder.

https://www.heise.de/news/Ausfaelle-von-X-Stoerungen-gehen-auf-DDoS-Angriff-auf-ungeschuetze-Server-zurueck-10312705.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

Thousands of #TPLink routers have been infected by a #botnet to spread malware | Tom's Guide

report from the Cato CTRL team, the #Ballista botnet #exploits a remote code execution vulnerability that directly impacts the TP-Link Archer AX-21 router.

The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the #malware can spread itself across the internet automatically. has also been used to spread other #malware families

https://www.tomsguide.com/computing/malware-adware/thousands-of-tp-link-routers-have-been-infected-by-a-botnet-to-spread-malware

Unpatched #Edimax #IPCamera flaw actively exploited in #botnet attacks

https://www.bleepingcomputer.com/news/security/unpatched-edimax-ip-camera-flaw-actively-exploited-in-botnet-attacks/

Massive #botnet that appeared overnight is delivering record-size DDoSes
#ddos #security

https://arstechnica.com/security/2025/03/massive-botnet-that-appeared-overnight-is-delivering-record-size-ddoses/

A Brand New #Botnet Is Delivering Record-Size #DDoS Attacks

#Eleven11bot infects #webcams and video recorders, with a large concentration in the US.
#security

https://www.wired.com/story/eleven11bot-botnet-record-size-ddos-attacks/

Starting around 2:00 AM UTC on March 4th, we've been observing a vast botnet operation attempting to use SMTP-AUTH credentials from nearly 500K distinct IPs - to perform what looks like a large scale phishing campaign targeting Brazilian users.

Here's what we know:

Subject lines used include:

Evite a Suspensão da Sua Caixa de Entrada
Saiba Como-XXXXXX
Sua Capacidade de E-mail Está no Máximo
Solução Disponível-XXXXXX
Atualize Sua Conta para Continuar Recebendo Novas Mensagens

Phishing payload is located at: hXXps://acessoclientevalidar.dnsalias[.]com/

Of particular interest is the fact that the IPs involved in this campaign are overwhelmingly located in Brazil too.

Based on what we and others know about the systems performing this phishing campaign, there appears to be a strict correlation with IPs associated with residential proxy networks.

Out of 373K Brazilian IPs involved, over 90% are associated with residential proxy networks.

New #Eleven11bot #botnet infects 86,000 devices for #DDoS attacks

https://www.bleepingcomputer.com/news/security/new-eleven11bot-botnet-infects-86-000-devices-for-ddos-attacks/

Botnetz "#Vo1d" weiterhin auf Hunderttausenden #AndroidTV-Geräten aktiv | heise online https://www.heise.de/news/Neue-Version-des-Vo1d-Botnetzes-auf-Hunderttausenden-Geraeten-mit-Android-TV-10300891.html #Android #Malware #Botnet

#Vo1d #malware #botnet grows to 1.6 million #Android TVs worldwide

https://www.bleepingcomputer.com/news/security/vo1d-malware-botnet-grows-to-16-million-android-tvs-worldwide/

Neue Version des Vo1d-Botnetzes auf Hunderttausenden Geräten mit Android TV

Das 2024 entdeckte Botnetz Vo1d ist immer noch aktiv. Eine neue Version wurde nun von Sicherheitsforschern auseinandergenommen.

https://www.heise.de/news/Neue-Version-des-Vo1d-Botnetzes-auf-Hunderttausenden-Geraeten-mit-Android-TV-10300891.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

New DDoS Botnet Discovered: Over 30,000 Devices Reportedly Used in Attacks. Majority of observed activity traced to Iran. Block these IPs immediately.

https://greynoise.io/blog/new-ddos-botnet-discovered

#Botnet targets Basic Auth in #Microsoft365 #password spray attacks

https://www.bleepingcomputer.com/news/security/botnet-targets-basic-auth-in-microsoft-365-password-spray-attacks/

Password-Spraying-Angriff auf M365-Konten von Botnet mit über 130.000 Drohnen

IT-Forscher haben ein Botnet aus mehr als 130.000 Drohnen bei Password-Spraying-Angriffen gegen Microsoft-365-Konten beobachtet.

https://www.heise.de/news/Password-Spraying-Angriff-auf-M365-Konten-von-Botnet-mit-ueber-130-000-Drohnen-10294301.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

Tech Crunch releases cybersecurity glossary with definitions of frequently used security terms
https://www.admin-magazine.com/News/Cybersecurity-Glossary-Released-by-TechCrunch
#TechCrunch #cybersecurity #terms #ZeroDay #Botnet #E2EE