ID | Votes | Profile Description |
---|---|---|
Gafgyt | 3 | Gafgyt, also known as Bashlite, is a form of malware that infects Linux architecture operating systems to launch Distributed Denial of Service (DDoS) attacks. The malware infiltrates systems through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrup |
Gafgyt Variant | 2 | The Gafgyt variant is a malicious software that poses a significant threat to computer systems and devices. This malware can infiltrate your system through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information, |
Moobot | 2 | Moobot is a malicious software (malware) that has been causing significant disruption in the digital world. The malware, which can infiltrate systems through various methods such as suspicious downloads, emails, or websites, is known for its capability to steal personal information, disrupt operatio |
Miori | 1 | Miori is a variant of the notorious Mirai malware, which shares similar modules with it. Like other types of malware, Miori is designed to exploit and damage computer systems, often infiltrating them through suspicious downloads, emails, or websites. Once it has infected a system, it can steal perso |
Agoent | 1 | AGoent is a sophisticated malware, a malicious software designed to exploit and damage computer systems. This Golang-based agent bot has been observed in multiple attacks, exploiting a year-old vulnerability to launch various nefarious activities. It operates by fetching the script file "exec.sh" fr |
skid.x86 | 1 | None |
ID | Type | Votes | Profile Description |
---|---|---|---|
Mirai | Unspecified | 13 | Mirai is a type of malware that primarily targets Internet of Things (IoT) devices to form botnets, which are networks of private computers infected with malicious software and controlled as a group without the owners' knowledge. In early 2022, Mirai botnets accounted for over 7 million detections g |
Kinsing | Unspecified | 1 | Kinsing is a type of malware, short for malicious software, that is designed to exploit and damage computer systems or devices. It typically infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt o |
Mozi Botnet | Unspecified | 1 | The Mozi botnet, a form of malware, wreaked havoc on the internet from 2019 to 2023. During this period, it became the largest botnet in existence, incorporating over 1.5 million unique devices into its network. The botnet primarily exploited known vulnerabilities in NETGEAR DGN devices and JAWS web |
Mozi | Unspecified | 1 | Mozi is a type of malware, a malicious software designed to exploit and damage computer systems or devices. It can infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst to the user. Once it gains access, Mozi has the potential to steal personal information, disrupt oper |
PLEAD | Unspecified | 1 | The PLEAD malware is a malicious software that was discovered by ESET researchers in 2019 to be utilized by the Chinese APT group known as BlackTech. The group was found to be performing Man-in-the-Middle (MitM) attacks through compromised ASUS routers and delivering the PLEAD malware through ASUS W |
Noabot | Unspecified | 1 | NoaBot is a sophisticated malware variant that primarily targets Linux systems, utilizing a cryptominer to exploit system resources. It is based on the Mirai botnet, a notorious malware strain known for its ability to compromise Internet of Things (IoT) devices. NoaBot has most of the capabilities o |
WannaCry | Unspecified | 1 | WannaCry is a type of malware, specifically ransomware, that caused significant global disruption in 2017. It exploited Windows SMBv1 Remote Code Execution Vulnerabilities (CVE-2017-0144, CVE-2017-0145, CVE-2017-0143), which allowed it to spread rapidly and infect over 200,000 machines across more t |
Lockbit | Unspecified | 1 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
Tunnelvision | Unspecified | 1 | TunnelVision is a potent malware that has been making headlines for its ability to bypass VPN encapsulation. This malicious software, designed to exploit and damage computer systems, infiltrates through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside a syst |
Kiraibot | Unspecified | 1 | KiraiBot is a recent and active malware, identified as part of the Mirai botnet variant family in September 2023 by NSFOCUS's global threat hunting system. It is one of several new botnet variants developed based on the Mirai source code, alongside hailBot and catDDoS. However, kiraiBot is unique in |
Catddos | Unspecified | 1 | CatDDoS, a variant of the Mirai distributed denial-of-service (DDoS) botnet, is a potent malware threat that has been compromising more than 300 targets daily in its latest wave of attacks. The malware infects systems through suspicious downloads, emails, or websites and can disrupt operations, stea |
Condi | Unspecified | 1 | Condi is a relatively new botnet, a type of malware, that has been exploiting unpatched TP-Link routers to spread and execute malicious activities. Identified by FortiGuard Labs, the Condi botnet leverages the vulnerability CVE-2023-1389 to gain control of devices. It was first advertised through a |
Jenx Mirai | Unspecified | 1 | JenX Mirai is a variant of malware, malicious software designed to exploit and damage computer systems. This particular variant was discovered in January 2018 and has been used primarily by the InfectedSlurs botnet, an unidentified group that uses offensive language in its command-and-control (C2) d |
Infectedslurs | Unspecified | 1 | InfectedSlurs is a newly discovered malware that operates as a Mirai-based botnet. This malicious software is designed to exploit and damage computer systems and devices, often infiltrating the system through suspicious downloads, emails, or websites without the user's knowledge. Once inside, it can |
ID | Type | Votes | Profile Description |
---|---|---|---|
Medusa | Unspecified | 1 | Medusa, a threat actor group, has been identified as a rising menace in the cybersecurity landscape, with its ransomware activities escalating significantly. In November 2023, Medusa and other groups like LockBit and ALPHV (BlackCat) exploited a zero-day vulnerability known as Citrix Bleed (CVE-2023 |
Sandworm | Unspecified | 1 | Sandworm, a threat actor linked to Russia, has been implicated in numerous high-profile cyber attacks. This group's activities have primarily targeted Ukraine, compromising the country's critical infrastructure and telecommunications providers. The Sandworm group is known for its fileless attack met |
APT28 | Unspecified | 1 | APT28, also known as Fancy Bear, is a threat actor linked to Russia and has been involved in numerous cyber espionage campaigns. The group is notorious for its sophisticated tactics, techniques, and procedures (TTPs). Recently, NATO and the EU formally condemned APT28's activities, acknowledging the |
Unc5221 | Unspecified | 1 | UNC5221, a threat actor linked to China, has been identified as the group behind recent cyberattacks involving new malware specifically designed to exploit vulnerabilities in Ivanti Connect Secure VPN and Policy Secure devices. The discovery was made by Mandiant researchers who observed the deployme |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2023-1389 | Unspecified | 6 | CVE-2023-1389 is a significant software vulnerability, specifically a command injection flaw, found in TP-Link Archer AX21 routers. The flaw was publicly released in March of this year and has since been exploited by malicious actors to gain unauthorized access to devices. Attack traffic through the |
CVE-2023-28771 | Unspecified | 1 | CVE-2023-28771 is a software vulnerability, specifically a command injection flaw, in Zyxel ZyWALL firewalls. The vulnerability was detected by FortiGuard Labs in June 2023 when it was being exploited by several Distributed Denial of Service (DDoS) botnets. It's worth noting that this vulnerability |
CVE-2023-26801 | Unspecified | 1 | None |
CVE-2023-46805 | Unspecified | 1 | CVE-2023-46805 is a significant software vulnerability discovered in the web component of all supported versions of Ivanti Connect Secure and Ivanti Policy Secure (versions 9.x and 22.x). This flaw, which allows for authentication bypass, was first brought to the attention of the Cyber Centre on Jan |
CVE-2024-21887 | Unspecified | 1 | CVE-2024-21887 is a command injection vulnerability identified in the web components of Ivanti Connect Secure and Ivanti Policy Secure (versions 9.x and 22.x). This flaw was publicly disclosed on January 10, 2024, alongside an authentication bypass vulnerability (CVE-2023-46805), affecting the same |
CVE-2016-20016 | Unspecified | 1 | CVE-2016-20016 is a significant software vulnerability identified in MVPower CCTV DVR systems. This flaw, known as a remote code execution vulnerability, allows unauthorized users to execute arbitrary code on the system remotely, potentially leading to full system compromise. The vulnerability, also |
CVE-2018-10561 | Unspecified | 1 | None |
CVE-2017-17215 | Unspecified | 1 | CVE-2017-17215 is a significant vulnerability found in Huawei HG532 routers, characterized as a flaw in software design or implementation. This vulnerability has been exploited to distribute malware through exposed Hadoop YARN servers and security flaws in Realtek SDK devices (CVE-2014-8361) and Hua |
CVE-2023-49606 | Unspecified | 1 | None |
CVE-2024-3273 | Unspecified | 1 | None |
CVE-2022-29303 | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
Securityaffairs | 6 days ago | Security Affairs Malware Newsletter - Round 3 |
Securityaffairs | 6 days ago | Security Affairs Malware Newsletter - Round 3 |
Securityaffairs | 12 days ago | Security Affairs Malware Newsletter - Round 2 |
Securityaffairs | 20 days ago | Security Affairs Malware Newsletter - Round 1 |
Securityaffairs | a month ago | Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION |
InfoSecurity-magazine | a month ago | Cyber Attackers Turn to Cloud Services to Deploy Malware |
Securityaffairs | a month ago | Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | a month ago | Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 3 months ago | Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs |
CERT-EU | 10 months ago | Where Linux is in your home, and how to protect Linux devices from hacking |
CERT-EU | 10 months ago | Are your smart lightbulbs spying on you? - Panda Security |
CERT-EU | a year ago | SYN Flood Explained. How to Prevent this Attack from Taking over your Server |
CERT-EU | a year ago | Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware Vendor |
CERT-EU | a year ago | AndoryuBot DDoS Botnet Exploiting Ruckus AP Vulnerability |
DARKReading | a year ago | Mirai Common Attack Methods Remain Consistent, Effective |
Malwarebytes | a year ago | Port scan attacks: Protecting your business from RDP attacks and Mirai botnets |
CERT-EU | a year ago | History of Computer Hacking and Cybersecurity Threats: From the 50s to Today | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware – National Cyber Security Consulting |
Unit42 | a year ago | IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging Multiple IoT Exploits |