Security News

Fronton IOT Botnet Packs Disinformation Punch
2022-05-24 13:59

A fresh look at the Fronton DDoS-focused botnet reveals the criminal tool has more capabilities than previously known. The Fronton botnet first made the headline in March 2020.

Microsoft sounds the alarm on — wait for it — a Linux botnet
2022-05-23 06:57

Microsoft has sounded the alarm on DDoS malware called XorDdos that targets Linux endpoints and servers. Over the last six months, Microsoft threat researchers say they've witnessed a 254 percent spike in the malware's activity.

Fronton: Russian IoT Botnet Designed to Run Social Media Disinformation Campaigns
2022-05-23 04:01

"This system includes a web-based dashboard known as SANA that enables a user to formulate and deploy trending social media events en masse. The system creates these events that it refers to as Инфоповоды, 'newsbreaks,' utilizing the botnet as a geographically distributed transport." The existence of Fronton, an IoT botnet, became public knowledge following revelations from BBC Russia and ZDNet in March 2020 after a Russian hacker group known as Digital Revolution published documents that it claimed were obtained after breaking into a subcontractor to the FSB, the Federal Security Service of the Russian Federation.

Monero-mining botnet targets Windows, Linux web servers
2022-05-18 07:27

The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft. The strain, which Microsoft's Security Intelligence team calls Sysrv-K, scans the internet for web servers that have security holes, such as path traversal, remote file disclosure, and arbitrary file download bugs, that can be exploited to infect the machines.

Sysrv-K Botnet Targets Windows, Linux
2022-05-17 13:53

Unpatched vulnerabilities in the Spring Framework and WordPress plugins are being exploited by cybercriminals behind the Sysrv botnet to target Linux and Windows systems. The botnet variant is being called Sysrv-K by Microsoft Security Intelligence researchers that posted a thread on Twitter revealing details of the botnet variant.

New Sysrv Botnet Variant Hijacking Windows and Linux with Crypto Miners
2022-05-17 02:37

Microsoft is warning of a new variant of the srv botnet that's exploiting multiple security flaws in web applications and databases to install coin miners on both Windows and Linux systems. The tech giant, which has called the new version Sysrv-K, is said to weaponize an array of exploits to gain control of web servers.

Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits
2022-05-13 17:48

Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers. "The new variant, which we call Sysrv-K, sports additional exploits and can gain control of web servers" by exploiting various vulnerabilities, the Microsoft Security Intelligence team said in a Twitter thread. "These vulnerabilities, which have all been addressed by security updates, include old vulnerabilities in WordPress plugins, as well as newer vulnerabilities like CVE-2022-22947."

Emotet botnet switches to 64-bit modules, increases activity
2022-04-19 19:57

The Emotet malware is having a burst in distribution and is likely to soon switch to new payloads that are currently detected by fewer antivirus engines. Emotet is a self-propagating modular trojan that can maintain persistence on the host.

Microsoft Disrupts ZLoader Cybercrime Botnet in Global Operation
2022-04-19 19:32

Microsoft and a consortium of cybersecurity companies took legal and technical steps to disrupt the ZLoader botnet, seizing control of 65 domains that were used to control and communicate with the infected hosts. "ZLoader is made up of computing devices in businesses, hospitals, schools, and homes around the world and is run by a global internet-based organized crime gang operating malware as a service that is designed to steal and extort money," Amy Hogan-Burney, general manager of Microsoft's Digital Crimes Unit, said.

Microsoft-led move takes down ZLoader botnet domains
2022-04-14 19:45

Microsoft has announced a months-long effort to take control of 65 domains that the ZLoader criminal botnet gang has been using as command-and-control servers. The tech giant's Digital Crimes Unit obtained a court order to take down the domains, which are now directed to a Microsoft-controlled sinkhole so they can't communicate with the botnet.