Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Python hunters captured 8,000 pounds of snake. Meet their leader

A team of Burmese python hunters caught a record breaking 8,000 pounds in snake this season. Meet the man leading the crusade ...

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures.
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and a new ...
Security Boulevard

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

The post Anti-DDoS Firm Heaped Attacks on Brazilian ISPs appeared first on Krebs on Security. A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) ...
Krebs on Security

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks ...
The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet. "A purpose ...
Security Boulevard

How GitGuardian Enables Rapid Response to the LiteLLM Supply Chain Attack

The TeamPCP supply chain attack compromised LiteLLM packages 1.82.7 and 1.82.8, stealing SSH keys, cloud credentials, API tokens, and more from developer machines, where secrets live, breathe, and ...
GitHub

ddos-api

Layer 7 Stressor - A powerful Free IP/Web Stresser & IP Booter by https://rebirthstress.cc. Features 29 Layer 4 and 7 Layer 7 methods powered by the Rebirth Stress API, with API key authentication and ...
GitHub

LUCID: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection

LUCID (Lightweight, Usable CNN in DDoS Detection) is a lightweight Deep Learning-based DDoS detection framework suitable for online resource-constrained environments, which leverages Convolutional ...
Bleeping Computer

New ShadowRay attacks convert Ray clusters into crypto miners

A global campaign dubbed ShadowRay 2.0 hijacks exposed Ray Clusters by exploiting an old code execution flaw to turn them into a self-propagating cryptomining botnet. Developed by Anyscale, the Ray ...
SecurityWeek

ShadowV2 DDoS Service Lets Customers Self-Manage Attacks

The botnet’s operators provide customers with access to an infected network of Docker containers so they can conduct DDoS attacks. A newly discovered distributed denial-of-service (DDoS) botnet ...