Botnet
Botnet exploits GeoVision zero-day to install Mirai malware
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 and was discovered by Piort Kijewski of The Shadowserver Foundation. It is a critical severity (CVSS v3.1 score: 9.8) OS command injection problem, allowing unauthenticated attackers to execute […]
Volt Typhoon rebuilds malware botnet following FBI disruption
The Chinese state-sponsored hacking group Volt Typhoon has begun to rebuild its “KV-Botnet” malware botnet after it was disrupted by law enforcement in January, according to researchers from SecurityScorecard. Volt Typhoon is a Chinese state-sponsored cyberespionage threat group that is believed to have infiltrated critical U.S. infrastructure, among other networks worldwide, since at least five years ago. Their primary […]
Chinese botnet infects 260,000 SOHO routers, IP cameras with malware
The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called “Raptor Train” that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries. The botnet has been used to target entities in the military, government, higher education, telecommunications, defense industrial base (DIB), and IT sectors, mainly in […]
Malware exploits 5-year-old zero-day to infect end-of-life IP cameras
The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. The flaw, discovered by Akamai’s Aline Eliovich, is tracked as CVE-2024-7029 and is a high-severity (CVSS v4 score: 8.7) issue in the “brightness” function […]