DDoS Threats & Security Attacks: DDoS Reports & Cyber Security Threats

New cyber security attacks and DDoS threats are lurking in the shadows everyday. Read the latest information and stay head of these vulnerabilities with updated DDoS reports and cyber security threat reports from Radware's Emergency Response Team (ERT).

Dark.IoT, OMIGOD & UDP Technology Update

Over the past several months, Radware researchers have been monitoring the ongoing evolution of the Mirai variant campaign known as Darvk.IoT. In August, we reported [1] that the operators behind the botnet had begun leveraging a vulnerability, CVE-2021-35395, in Realtek's SDK only a week after it was disclosed. This month, the operators of Dark.IoT integrated two new exploits in their most recent malware binaries. CVE-2021-38647, also known as OMIGOD, was disclosed [2] by the Wiz Research Team on September 14 and is an unauthenticated Remote Code Execution vulnerability affecting more than half of all Microsoft Azure cloud instances. The second, CVE-2021-33544, was disclosed [3] in July of 2021 by RandoriSec and is a command injection vulnerability that impacts about a dozen IP camera manufacturers who use firmware by UDP Technology.


September 21, 2021 02:09 PM Vulnerability

Dark.IoT Botnet

Over the past several months, Radware researchers have been monitoring the evolution of a Mirai variant we have named "Dark.IoT." Palo Alto Networks first reported on this botnet on March 15, 2021. On August 6, 2021, Juniper Threat Labs reported that this botnet began propagating via CVE-2021-20090, a supply chain vulnerability recently disclosed by Tenable that impacts IoT devices manufactured by nearly two dozen vendors. Two weeks later, on August 19, 2021, Radware researchers discovered updated binaries for this unnamed botnet showing the operators are preparing to leverage yet another supply chain vulnerability disclosed recently by IoT Inspectors Research Lab. The vulnerability, CVE-2021-35395, disclosed less than a week before Dark.IoT integrated it, impacts IoT devices manufactured by 65 vendors who use the Realtek chipsets and SDK.


August 24, 2021 11:18 AM Vulnerability

DragonForce Malaysia – #OpsBedil

During the month of May, increasing tensions in the Middle East resulted in renewed hacktivist operations throughout the region. The digital attacks in May presented a certain level of risk for unprotected sites as threat actors targeted organizations in the telecommunications, financial sectors and government agencies. At the moment, physical actions have deescalated in the region since the last incursion, but digital attacks have persisted into June. Cyber events in the Middle East have become reactionary over the past year; cases of hacktivism in the region typically follow physical or political confrontations.


July 13, 2021 01:05 PM Threat Alert

Ransom DDoS Update: The Hunt For Unprotected Assets

In the past few weeks, Radware's Cloud DDoS Protection Service has been seeing a significant increase in DDoS activity and has been rapidly onboarding new customers in distress. Several internet service providers (ISPs) and cloud service providers (CSPs) have reported receiving ransom letters followed by DDoS attacks that impacted their services and availability.


June 11, 2021 12:24 PM Threat Alert

Mass Scanning For VMWare vCenter RCE

Weaponized exploits and mass scanning activity for two critical vCenter vulnerabilities. Attackers are actively scanning for two critical remote command execution (RCE) vulnerabilities in VMWare vCenter servers.


June 7, 2021 05:35 PM Threat Alert

Ransom DDoS Campaign: Circling Back

During the last week of December, 2020 and the first week of January, 2021, Radware customers were targeted by DDoS extortionists for a second time by a global ransom DDoS campaign that initially started in August.


January 22, 2021 09:43 AM Threat Alert

SolarWinds Orion Supply Chain Attack

FireEye published their analysis of what turned out to be a global intrusion campaign, a supply chain attack "trojanizing" SolarWinds Orion software updates performed by an advanced and sophisticated threat actor and that distributes a backdoor dubbed SUNBURST.


December 15, 2020 12:00 AM Threat Alert

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support

Get Social

Connect with experts and join the conversation about Radware technologies.

Radware Blog
Security Research Center