IoT Devices in Password-Spraying Botnet Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at … Read more
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to “use Docker Swarm’s orchestration features for command-and-control (C2) purposes,” Datadog researchers Matt Muir and Andy Giron said in an … Read more
The Nokia Menace Intelligence Report 2023 has discovered that IoT botnet DDoS (Distributed Denial of Service) visitors, originating from a lot of insecure IoT units with the purpose of disrupting telecom community providers for tens of millions of customers, elevated fivefold over the previous yr, following Russia’s invasion of Ukraine and stemming from the rising … Read more
