Cloudflare recently mitigated a new record-breaking Aisuru attack that peaked at 14.1 Bpps.
The post Aisuru Botnet Powers Record DDoS Attack Peaking at 29 Tbps appeared first on SecurityWeek.
Cybersecurity researchers uncover a sophisticated Linux campaign that blends legacy botnet capabilities with modern evasion techniques. A newly discovered Linux malware campaign is demonstrating the evolving sophistication of threat actors by combining Mirai-derived distributed denial-of-service (DDoS) functionality with a stealthy, fileless cryptocurrency mining operation. According to research from Cyble Research & Intelligence Labs (CRIL), the […]
The post New Stealthy Linux Malware Merges Mirai-based DDoS Botnet with Fileless Cryptominer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Boy, was 1992 a different time for computer games. Epic MegaGames’ Jill of the Jungle illustrates that as well as any other title from the era. Designed and programmed by Epic Games CEO Tim Sweeney, the game was meant to prove that console-style games of the original Nintendo era could work just as well on PCs. (Later, the onus of proof would often be in the reverse direction.)
Also, it had a female protagonist, which Sweeney saw as a notable differentiator at the time. That’s pretty wild to think about in an era of Tomb Raider‘s Lara Croft, Horizon Forbidden West‘s Aloy, Life is Strange‘s Max Caulfield, Returnal‘s Selene Vassos, Control‘s Jesse Faden, The Last of Us‘ Ellie Williams, and a seemingly endless list of others—to say nothing of the fact that many players of all genders who played the games Mass Effect and Cyberpunk 2077 seem to agree that the female protagonist options in those are more compelling than their male alternatives.
As wacky as it is to remember that the idea of a female character was seen as exceptional at any point (and with the acknowledgement that this game was nonetheless not the first to do that), it’s still neat to see how forward-thinking Sweeney was in many respects—and not just in terms of cultural norms in gaming.
© GOG
Agencies with the US and other countries have gone hard after bulletproof hosting services providers this month, including Media Land, Hypercore, and associated companies and individuals, while the FiveEyes threat intelligence alliance published BPH mitigation guidelines for ISPs, cloud providers, and network defenders.
The post U.S., International Partners Target Bulletproof Hosting Services appeared first on Security Boulevard.
The vulnerabilities could be exploited to cause a denial-of-service (DoS) condition, execute arbitrary code, or access arbitrary files and directories.
The post SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance appeared first on SecurityWeek.
Microsoft said the DDoS attack was aimed at an endpoint in Australia and reached 15.72 Tbps and 3.64 Bpps.
The post Largest Azure DDoS Attack Powered by Aisuru Botnet appeared first on SecurityWeek.
What does it really take to deliver tech that transforms government?
For our second season of Delivering the Tech That Delivers for Government, top federal systems integrators shared how they’re driving digital maturity — not just with cutting-edge tools, but with intentional innovation, secure cloud strategies, and human-centered change. We’ve gathered the takeaways from all our FSI experts.
Hear directly from:
If you’re leading transformation in the public sector, you will want to check it out. Download this exclusive Federal News Network Expert Edition now!
The post Expert Edition: How FSIs drive innovation, evolve toward digital maturity first appeared on Federal News Network.
© Federal News Network
Bitcoin Magazine
Bitcoin Knots Has Been Nothing More Than A Denial-of-Service Attack On Bitcoin
In computing, a denial-of-service attack (DoS attack; UK: /dɒs/ doss US: /dɑːs/ daas[1]) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. -The Wikipedia definition of denial-of-service attack.
This is a very basic concept. Someone makes use of their own resources to disrupt the functioning of other machines on a network.
DoS attacks have been an issue for as long as the internet existed. One of the commonly argued “first Distributed Denial-of-service (DDoS) attacks” was against the Internet Service Provider (ISP) Panix in the mid-90s. There were of course many prior technical examples on older internet services, but this was one of, if not the, first major examples of such an attack on the modern World Wide Web.
This attack had numerous computers start to initiate a Transmission Control Protocol (TCP) connection with the ISPs servers, but never finishing the handshake protocol that finalized the connection. This consumes the server’s resources for managing network connections and prevents honest users from accessing the internet through the ISP’s servers.
Ever since this “initial” DDoS attack, they have been as common on the internet as storms are in nature, a regular occurrence that massive pieces of internet infrastructure have been built to defend against.
The blockchain is one of the core components of Bitcoin, and a required dependency for Bitcoin’s functionality as a distributed ledger. I am sure many people in this space would call so-called “spam” transactions a DoS attack on the Bitcoin blockchain. In order to call it that, you would have to define the “service” that the blockchain is offering as a system, and explain how spam transactions are denying that service to others in a way not intended by the design of the system.
I’d wager a bet that most people who believe spam is a DoS attack would say something like “the service the blockchain offers is processing financial transactions, and spam takes space away from people trying to do that.” The problem is, that is not specifically the service the blockchain offers.
The service it actually offers is the confirmation of any consensus valid transaction through a real-time auction that periodically settles whenever a miner finds a block. If your transaction is consensus valid, and you have bid a high enough fee for a miner to include your transaction in a block, you are using the service the blockchain provides exactly as designed.
This was a conscious design decision made over years during the “Block Size Wars” and finalized in the activation of Segregated Witness and the rejection of the Segwit2x blocksize increase through a hard fork pushed by major companies at the time. The blockchain would function by prioritizing the highest bidding fee transactions, and users would be free to compete in that auction. This is how blockspace would be allocated, with a global restriction to protect verifiability and a free market pricing mechanism.
Nothing about a transaction some arbitrarily define as “spam” winning in this open auction is a DoS of the blockchain. It is a user making use of that resource in the way they are supposed to, participating in the auction with everyone else.
Many, if not most, Bitcoin nodes offer transaction relay as a service to the rest of the network. If you broadcast your transactions to your peers on the network, they will forward them on to their peers, and so on. Because the peering logic deciding which nodes to peer with maintains wide connectivity, this service allows transactions to propagate across the network very quickly, and specifically allows them to propagate to all mining nodes.
Another service is block relay, propagating valid blocks as they are found in the same manner. This has been highly optimized over the years, to the point where most of the time an entire block is never actually relayed, just a shorthand “sketch” of the blockheader and the transactions included in it so you can reconstruct them from your own mempool. In other words, optimizations in block relay depend on a transaction relay functioning properly and propagating all valid and likely to be mined transactions.
When nodes do not have transactions in a block already in their mempool, they must request them from neighboring nodes, taking more time to validate the block in the process. They also explicitly forward those transactions along with the block sketch to other peers in case they are missing them, wasting bandwidth. The more nodes filtering transactions they classify as spam, the longer it takes blocks including those filtered transactions to propagate across the network.
Transaction filtering actively seeks to disrupt both of these services, in the case of transaction relay failing miserably to prevent them from propagating to miners, and in the case of block propagation having a marginal but noticeable performance degradation the more nodes on the network are filtering transactions.
These node policies have the explicit purpose of degrading the network service of propagating transactions to miners and the rest of the network, and view the degradation of block propagation as a penalty to miners who choose to include valid transactions they are filtering. They seek to create a degradation of service as a goal, and view the degradation of another service resulting from that attempt as a positive.
This actually is a DoS attack, in that it actually is degrading a network service contrary to the design of the system.
The entire saga of Knotz vs. Core, or “Spammers” vs. “Filterers”, has been nothing more than a miserably ineffective and failed DoS attack on the Bitcoin network. Filters do absolutely nothing to prevent filtered transactions from being included in blocks. The goal of disrupting transaction propagation to miners has had no success whatsoever, and the degradation of block relay has been marginal enough to not be a disincentive to miners.
I see this as a huge demonstration of Bitcoin’s robustness and resilience against attempted censorship and disruption on the level of the Bitcoin Network itself.
So now what?
A BIP by an anonymous author has been put forward to enact a temporary softfork that would expire after roughly a year making numerous ways to include “spam” in Bitcoin transactions consensus invalid through that time period. After realizing the DoS attack on the peer-to-peer network has been a total failure, filter supporters have moved to consensus changes, as many of them were told would be necessary over two years ago.
Will this actually solve the problem? No, it won’t. It will simply force people who wish to submit “spam” to this forked network, if they actually follow through on implementing it, to use fake ScriptPubKeys to encode their data in unspendable outputs that will bloat the UTXO set.
So even if this fork was met with resounding support, activated successfully, and did not result in a chainsplit, it would still not achieve the stated goal and leave “spammers” no option but to “spam” in the most damaging way to the network possible.
This post Bitcoin Knots Has Been Nothing More Than A Denial-of-Service Attack On Bitcoin first appeared on Bitcoin Magazine and is written by Shinobi.
DEEP DIVE — When Secret Service agents swept into an inconspicuous building near the United Nations General Assembly late last month, they weren’t tracking guns or explosives. Instead, they dismantled a clandestine telecommunications hub that investigators say was capable of crippling cellular networks and concealing hostile communications.
According to federal officials, the operation seized more than 300 devices tied to roughly 100,000 SIM cards — an arsenal of network-manipulating tools that could disrupt the cellular backbone of New York City at a moment of geopolitical tension. The discovery, officials stressed, was not just a one-off bust but a warning sign of a much broader national security vulnerability.
The devices were designed to create what experts call a “SIM farm,” an industrial-scale operation where hundreds or thousands of SIM cards can be manipulated simultaneously. These setups are typically associated with financial fraud or bulk messaging scams. Still, the Secret Service warned that they can also be used to flood telecom networks, disable cell towers, and obscure the origin of communications.
In the shadow of the UN, where global leaders convene and security tensions are high, the proximity of such a system raised immediate questions about intent, attribution, and preparedness.
“(SIM farms) could jam cell and text services, block emergency calls, target first responders with fake messages, spread disinformation, or steal login codes,” Jake Braun, Executive Director of the Cyber Policy Initiative at the University of Chicago and former White House Acting Principal Deputy National Cyber Director, tells The Cipher Brief. “In short, they could cripple communications just when they’re needed most.”
Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.
How SIM Farms Work
At their core, SIM farms exploit the fundamental architecture of mobile networks. Each SIM card represents a unique identity on the global communications grid. By cycling through SIMs at high speed, operators can generate massive volumes of calls, texts, or data requests that overwhelm cellular infrastructure. Such floods can mimic the effects of a distributed denial-of-service (DDoS) attack, except the assault comes through legitimate carrier channels rather than obvious malicious traffic.
“SIM farms are essentially racks of modems that cycle through thousands of SIM cards,” Dave Chronister, CEO of Parameter Security, tells The Cipher Brief. “Operators constantly swap SIM cards and device identifiers so traffic appears spread out rather than coming from a single source.”
That makes them extremely difficult to detect.
“They can mimic legitimate business texts and calls, hide behind residential internet connections, or scatter equipment across ordinary locations so there’s no single, obvious signal to flag,” Chronister continued. “Because SIM farms make it hard to tie a number back to a real person, they’re useful to drug cartels, human-trafficking rings and other organized crime, and the same concealment features could also be attractive to terrorists.”
That ability to blend in, experts highlight, is what makes SIM farms more than just a criminal nuisance.
While SIM farms may initially be used for financial fraud, their architecture can be easily repurposed for coordinated cyber-physical attacks. That dual-use nature makes them especially appealing to both transnational criminal groups and state-backed intelligence services.
Who Might Be Behind It?
The Secret Service, however, has not publicly attributed the network near the UN to any specific individual or entity. Investigators are weighing several possibilities: a transnational fraud ring exploiting the chaos of UN week to run large-scale scams, or a more concerning scenario where a state-backed group positioned the SIM farm as a contingency tool for disrupting communications in New York.
Officials noted that the operation’s sophistication suggested it was not a low-level criminal endeavor. The hardware was capable of sustained operations against multiple carriers, and its sheer scale — 100,000 SIM cards — far exceeded the typical scale of fraud schemes. That raised the specter of hostile governments probing U.S. vulnerabilities ahead of potential hybrid conflict scenarios.
Analysts note that Russia, China, and Iran have all been implicated in blending criminal infrastructure with state-directed cyber operations. Yet, these setups serve both criminals and nation-states, and attribution requires more details than are publicly available.
“Criminal groups use SIM farms to make money with scams and spam,” said Braun. “State actors can use them on a bigger scale to spy, spread disinformation, or disrupt communications — and sometimes they piggyback on criminal networks.”
One source in the U.S. intelligence community, who spoke on background, described that overlap as “hybrid infrastructure by design.”
“It can sit dormant as a criminal enterprise for years until a foreign government needs it. That’s what makes it so insidious,” the source tells The Cipher Brief.
From Chronister’s purview, the “likely explanation is that it’s a sophisticated criminal enterprise.”
“SIM-farm infrastructure is commonly run for profit and can be rented or resold. However, the criminal ecosystem is fluid: nation-states, terrorist groups, or hybrid actors can and do co-opt criminal capabilities when it suits them, and some state-linked groups cultivate close ties with criminal networks,” he said.
The Broader National Security Blind Spot
The incident during the United Nations General Assembly also underscores a growing blind spot in U.S. protective intelligence: telecommunications networks as contested terrain. For decades, federal resources have focused heavily on cybersecurity, counterterrorism, and physical threats. At the same time, the connective tissue of modern communications has often been treated as a commercial domain, monitored by carriers rather than security agencies.
The Midtown bust suggests that assumption no longer holds. The Secret Service itself framed the incident as a wake-up call.
“The potential for disruption to our country’s telecommunications posed by this network of devices cannot be overstated,” stated U.S. Secret Service Director Sean Curran. “The U.S. Secret Service’s protective mission is all about prevention, and this investigation makes it clear to potential bad actors that imminent threats to our protectees will be immediately investigated, tracked down and dismantled.”
However, experts warn that U.S. defenses remain fragmented. Carriers focus on fraud prevention, intelligence agencies monitor foreign adversaries, and law enforcement investigates domestic crime. The seams between those missions are precisely where SIM farms thrive.
The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.
Hybrid Warfare and the Next Front Line
The rise of SIM farms reflects the evolution of hybrid warfare, where the boundary between criminal activity and state action blurs, and adversaries exploit commercial infrastructure as a means of attack. Just as ransomware gangs can moonlight as proxies for hostile intelligence services, telecom fraud networks may double as latent disruption tools for foreign adversaries.
Additionally, the threat mirrors patterns observed abroad. In Ukraine, officials have reported Russian operations targeting cellular networks to disrupt battlefield communications and sow panic among civilians. In parts of Africa and Southeast Asia, SIM farms have been linked to both organized crime syndicates and intelligence-linked influence campaigns.
That same playbook, experts caution, could be devastating if applied in the heart of a global city.
“If activated during a crisis, such networks could flood phone lines, including 911 and embassy hotlines, to sow confusion and delay coordination. They can also blast fake alerts or disinformation to trigger panic or misdirect first responders, making it much harder for authorities to manage an already volatile situation,” Chronister said. “Because these setups are relatively cheap and scalable, they are an inexpensive but effective way to complicate emergency response, government decision-making, and even protective details.”
Looking Ahead
The dismantling of the clandestine telecom network in New York may have prevented an imminent crisis, but experts caution that it is unlikely to be the last of its kind. SIM farms are inexpensive to set up, scalable across borders, and often hidden in plain sight. They represent a convergence of cyber, criminal, and national security threats that the U.S. is only beginning to treat as a unified challenge.
When it comes to what needs to be done next, Braun emphasized the importance of “improving information sharing between carriers and government, investing in better tools to spot hidden farms, and moving away from SMS for sensitive logins.”
“Treat SIM farms as a national security threat, not just telecom fraud. Limit access to SIM farm hardware and punish abuse. Help smaller carriers strengthen defenses,” he continued. “And streamline legal steps so takedowns happen faster.”
Chronister acknowledged that while “carriers are much better than they were five or ten years ago, as they’ve invested in spam filtering and fraud analytics, attackers can still get through when they rotate SIMs quickly, use eSIM provisioning, or spread activity across jurisdictions.”
“Law enforcement and intelligence have powerful tools, but legal, technical, and cross-border constraints mean detection often outpaces confident attribution and rapid takedown. Make it harder to buy and cycle through SIMs in bulk and strengthen identity verification for phone numbers,” he added. “Require faster, real-time information-sharing between carriers and government during traffic spikes, improve authentication for public alerts, and run regular stress-tests and red-team exercises against telecom infrastructure. Finally, build joint takedown and mutual-assistance arrangements with allies so attackers can’t simply reconstitute operations in another country.”
Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.
Mutton Barbacoa with pea mole (+Others!) I haven’t done any long cooks for a while, work has been crazy busy and I can’t keep an eye on cooks during the week but then I don’t want to be stuck in all weekend. With the addition of the Weber Smokefire to the ranks it opens up […]
The post Mutton Barbacoa (+Others!) appeared first on KungFuBBQ:.
Bash Scripting, often termed as one of the essential skills when you want to become Hacker. Often the guides are comprehensive, I am outlining bare minimum skills or topics we should understand regarding bash. This article like many other is a progressive one, that is will be updated with more related contents.This article was last […]
The post Bash for Hackers appeared first on Ethical Hacking Tutorials.
With the growing online availability of attack tools and services, the pool of possible attacks is larger than ever. Let’s face it, getting ready for the next cyber-attack is the new normal! This ‘readiness’ is a new organizational tax on nearly every employed individual throughout the world. Amazingly enough, attackers have reached a level of […]
The post New Threat Landscape Gives Birth to New Way of Handling Cyber Security appeared first on Radware Blog.
Another year has come and gone, full of all sorts of new cyber-attacks and vulnerabilities. Which subjects did our readers find the most fascinating this year? Privacy, open-source tools, and a new botnet threat called Reaper were just a few. Below are the top 10 posts that you kept coming back to: SMB Vulnerabilities – […]
The post 2017 in Review: Your Favorite Posts appeared first on Radware Blog.
Login