A new Mirai-based botnet is causing internet backbone provider Akamai to sound the alarm. Known as Aquabotv3, the malware exploits a vulnerability in a series of Mitel internet-connected phones. The aim of the threat actors, according to Akamai researchers Larry Cashdollar and Kyle Lefton, is to create a platform for denial-of-service attacks. “Aquabot is a … Read more
Jan 21, 2025Ravie LakshmananBotnet / Vulnerability Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet. The ongoing activity “demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks,” Qualys … Read more
Dec 25, 2024Ravie LakshmananCyber Attack / Malware The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a “recent” investigation into a compromised machine in … Read more
Oct 17, 2024Ravie LakshmananThreat Intelligence / Malware The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka … Read more
A MedusaLocker ransomware variant called “BabyLockerKZ” is being spread by a threat actor using a custom toolkit known as “paid_memes,” according to research published by Cisco Talos on Thursday. MedusaLocker ransomware first appeared around September 2019 and uses a combination of AES and RSA-2048 to encrypt victims’ files. Threat actors using MedusaLocker have been known … Read more
