Threat Researchers goes live on Thursday, May 26 at 4pm Paris, 10am New York, 7am Los Angeles, 11pm Tokyo. Join us as we go through the recent and notable security events.
Join us on telegram: https://t.me/RadwareResearchChat
References and Resources:
Crisis & Escalation of the Threat Landscape Webinar
https://www.brighttalk.com/webcast/18348/541186
https://www.brighttalk.com/webcast/18348/541196
Exploitcon
https://exploitcon.com
CERT-UA BrownFlood Alert
https://cert.gov.ua/article/39923
Liberator
https://disbalancer.com/
https://blog.disbalancer.com/disbalancer-how-it-works/
https://github.com/denisbrodbeck/machineid
https://blog.disbalancer.com/liberator-stats-in-the-first-three-months-of-the-cyberwarfare/
Boxmining
https://www.youtube.com/watch?v=k9LwqbowGMk
IT ARMY of Ukraine Automation Bot
https://itarmy.com.ua/bot/
https://github.com/porthole-ascend-cinnamon/mhddos_proxy
https://meduza.io/news/2022/05/05/rossiyskie-proizvoditeli-alkogolya-ne-smogli-postavit-produktsiyu-v-magaziny-iz-za-ddos-ataki-storonnikov-ukrainy
IPStress
https://www.digitaljournal.com/pr/ipstress-offers-one-of-the-finest-ddos-for-hire-service
https://www.radware.com/getattachment/3d26f50b-f2a7-4ffa-9a84-1b5a598a0b27/2021-2022-Global-Threat-Analysis-Report_2022-FINAL-V2.pdf.aspx
Victory Day DDoS
https://cip.gov.ua/en/news/rosiiski-khakeri-zdiisnili-masshtabnu-ddos-ataku-na-saiti-ukrayinskikh-telekom-operatoriv
https://novayagazeta.eu/articles/2022/05/02/ukraines-kherson-switches-to-russian-network-after-internet-cut-off-news
Killnet recent DDoS Attacks
https://www.bloomberg.com/news/articles/2022-04-29/romanian-government-border-police-websites-hit-by-ddos-attack
https://therecord.media/italy-killnet-hacking-military-parliament-national-health-institute/
https://www.reuters.com/world/europe/italian-police-prevents-pro-russian-hacker-attacks-during-eurovision-contest-2022-05-15/
https://www.verfassungsschutz.de/SharedDocs/kurzmeldungen/DE/2022/2022-05-11-wis3.html
Anonymous vs Killnet
https://twitter.com/ANOVNI1/status/1525618052116643841?s=20&t=a17naUDIjEPby-mZZ3uHjw
https://twitter.com/AnonNewsItalia/status/1526880928945020930?s=20&t=7kpuqunWLkMZRHVRB-KLPQ
Who is Killnet
https://cyberknow.medium.com/killnet-pro-russian-hacktivists-e916ac7201a3
https://github.com/firstapostle/Blood
CISA Alert AA22-110A
https://www.cisa.gov/uscert/ncas/alerts/aa22-110a
CyberKonw UA/RU Threat Group tracker
https://cyberknow.medium.com/update-13-2022-russia-ukraine-war-cyber-group-tracker-may-1-f0188bc96af3
15M rps attacks
https://blog.cloudflare.com/15m-rps-ddos-attack
Terabit DDoS attack
https://blog.radware.com/security/2022/05/radware-mitigates-1-1tbps-ddos-attack
Anatomy of an Amplification Attack
https://www.microsoft.com/security/blog/2022/05/23/anatomy-of-ddos-amplification-attacks
Phantom Squad and REvil RDoS threat groups
https://www.radware.com/security/threat-advisories-and-attack-reports/ransom-denial-of-service-rdos-2022/
3VE fraud scheme recovery
https://therecord.media/us-recovers-15-million-in-profits-from-3ve-ad-fraud-scheme
Linux Mirai Malware Doubles
https://www.crowdstrike.com/blog/linux-mirai-malware-double-on-stronger-chips
Fronton Botnet update
https://www.nisos.com/blog/fronton-botnet-report
Fbot Attack Profile
https://blog.netlab.360.com/botnet-group-behind-attack-bjjkb
Rise in XorDdos malware
https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/
Weaponizing CVE-2022-1388
https://twitter.com/1ZRR4H/status/1523572874061422593
Teen Arrested for Romanian DDoS
https://www.biziday.ro/214202-2/
Thanos creator charged
https://www.justice.gov/usao-edny/pr/hacker-and-ransomware-designer-charged-use-and-sale-ransomware-and-profit-sharing
Botherder sentenced
https://www.justice.gov/usao-mdfl/pr/cybercriminal-sentenced-federal-prison-decrypting-credentials-thousands-computers
Interpol on cybercrime
https://www.theregister.com/2022/04/29/interpol_cybercrime_partnerships/
NSA on hacktivism
https://techmonitor.ai/technology/cybersecurity/ukraine-hacktivism-problematic-nsa-ncsc
DOJ on CFAA
https://www.justice.gov/opa/pr/department-justice-announces-new-policy-charging-cases-under-computer-fraud-and-abuse-act
CrateDepression
https://www.sentinelone.com/labs/cratedepression-rust-supply-chain-attack-infects-cloud-ci-pipelines-with-go-malware
Malicious PyPI package open backdoors on Windows, Linux and Macs
https://www.bleepingcomputer.com/news/security/malicious-pypi-package-opens-backdoors-on-windows-linux-and-macs/
Malicious NPM Packages Target German Companies
https://thehackernews.com/2022/05/malicious-npm-packages-target-german.html
https://jfrog.com/blog/npm-supply-chain-attack-targets-german-based-companies/
Comments
Post a Comment