botnet

CISA’s Known Exploited Vulnerabilities (KEV) catalog has been updated to include a vulnerability tied to the DigiEver DS‑2105 Pro network video recorder (NVR) — CVE‑2023‑52163 — a command‑injection flaw that security researchers have observed being weaponized by Mirai‑style botnets against...

On October 24, Microsoft Azure’s automated DDoS protection neutralized an unprecedented, multi‑vector flood that reached a peak of 15.72 terabits per second (Tbps) and nearly 3.64 billion packets per second (pps) against a single public IP in Australia — an event Azure says it mitigated without...

The Downadup/Conficker worm’s sudden surge in early 2009 forced a brutal reminder onto the Windows ecosystem: unpatched systems and lax patch management can turn ordinary desktops and servers into the backbone of a global botnet in a matter of days. Background Microsoft released an out‑of‑cycle...

Security researchers have observed a coordinated, large‑scale reconnaissance campaign probing Microsoft Remote Desktop services that began as a sudden one‑day spike and escalated into a torrent of scans — a pattern that looks less like opportunistic background noise and more like deliberate...

The recent discovery of a critical vulnerability in Network Thermostat’s X-Series WiFi thermostats has sent ripples throughout both industrial and commercial building automation circles. For many, these smart thermostats serve as the silent backbone of environmental control—regulating...

The digital landscape was shaken recently when Cloudflare, a web infrastructure and security firm protecting many of the internet’s busiest destinations, reported successfully mitigating the largest distributed denial-of-service (DDoS) attack ever documented. At its peak, the attack surged to...

As cybersecurity threats continuously evolve, last week underscored just how varied and sophisticated the modern threat landscape can be. From ingenious methods for initial compromise to the persistent challenges of AI hallucinations, the headlines and interviews offered stark reminders for the...

Networks worldwide are facing an advanced and resilient form of cyberattack that leverages a sophisticated DNS-based evasion technique known as “fast flux.” Despite constant advancements in cybersecurity tools and awareness, fast flux remains an often underappreciated Achilles’ heel by which...

A newly surfaced cybersecurity threat has put over 130,000 devices under the control of a sophisticated botnet, leveraging these compromised endpoints to mount large-scale password spraying attacks against Microsoft 365 accounts. This troubling development, uncovered by SecurityScorecard’s...

Microsoft Ecosystem Updates: Edge Redesign, Expanded Copilot & Cyber Threat Alerts The digital landscape this week has been bustling with developments across the Microsoft ecosystem. From Paul Thurrott’s spirited commentary in Windows Weekly to transformative updates in Microsoft Edge and...

In today’s fast-paced digital battlefield, cybercriminals are continually refining their tactics—and the latest assault is a prime example. A recent ITPro report reveals that threat actors are orchestrating a massive password spraying campaign targeting Microsoft 365 accounts. As Windows users...

Stealthy Botnets Exploit Basic Authentication in Microsoft 365 A new cyber threat campaign is making waves within the Microsoft 365 ecosystem, and if you’re an IT professional or Windows user, it’s time to take a closer look. Recent findings from Security Scorecard reveal that state-backed...

A new cybersecurity menace is on the rise, and Microsoft 365 users should sit up and take notice. Recent reports from Petri.com reveal that a Chinese-affiliated botnet, orchestrating attacks from over 130,000 compromised devices, is conducting a stealthy password spray campaign aimed at...

A new wave of cyber threats is targeting Microsoft 365 users in a sophisticated attack campaign. A suspected China-linked botnet—comprising over 130,000 compromised devices—has been launching password-spraying attacks against Microsoft 365 accounts. By exploiting legacy Basic Authentication...

A recent report from SecurityScorecard's STRIKE Threat Intelligence team has raised alarm bells across the IT security landscape. Over 130,000 compromised devices have been co-opted into a massive botnet campaign that leverages password spraying attacks, targeting Microsoft 365 accounts with an...

A new wave of cyber mischief is currently sweeping through the digital sphere—a premeditated botnet assault orchestrated by a BSS computers network is targeting Microsoft 365 accounts around the globe. In this in-depth analysis, we break down how the attack unfolds, its technical particulars...

A sophisticated botnet is silently targeting Microsoft 365 accounts around the globe. This stealthy campaign leverages a unique password spraying technique against non-interactive sign-ins—a method designed to evade traditional security measures. In this article, we delve into the mechanics of...

A newly uncovered cyberattack campaign has sent shockwaves through the IT security community, with a massive botnet targeting Microsoft 365 accounts using an unusually stealthy method. This campaign, orchestrated by a network of over 130,000 compromised devices, is leveraging password spraying...

In a rapidly evolving cybersecurity landscape, a newly discovered botnet comprising over 130,000 compromised devices has set its sights on Microsoft 365 accounts. This stealthy campaign, uncovered by SecurityScorecard’s STRIKE Threat Intelligence team, leverages sophisticated password spraying...

A new cybersecurity threat is casting a long shadow over Microsoft 365 environments. A mega-botnet—comprising over 130,000 compromised devices—is reportedly executing a high-scale password spray attack on Microsoft 365 accounts. This sophisticated onslaught exploits a little-discussed...