There is a new botnet that is infecting TP-Link routers:
The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high severity security flaw (tracked as CVE-2023-1389) has also been used to spread other malware families as far back as April 2023 when it was used in the Mirai botnet malware attacks. The flaw also linked to the Condi and AndroxGh0st malware attacks.
[…]
Of the thousands of infected devices, the majority of them are concentrated in Brazil, Poland, the United Kingdom, Bulgaria and Turkey; with the botnet targeting manufacturing, medical/healthcare, services and technology organizations in the United States, Australia, China and Mexico.
More Stories
Cloudflare Introduces E2E Post-Quantum Cryptography Protections
Cloudflare introduces E2E post-quantum cryptography, enhancing security against quantum threats Read More
UK’s Online Safety Act: Ofcom Can Now Issue Sanctions
From March 17, Ofcom will enforce rules requiring tech platforms operating in the UK to remove illegal content, including child...
Researchers Confirm BlackLock as Eldorado Rebrand
DarkAtlas researchers have uncovered a direct link between BlackLock and the Eldorado ransomware group, confirming a rebranded identity of the...
Improvements in Brute Force Attacks
New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and...
US Legislators Demand Transparency in Apple’s UK Backdoor Court Fight
A bipartisan delegation of US Congresspeople and Senators has asked the hearing between the UK government and Apple to be...
£1M Lost as UK Social Media and Email Account Hacks Skyrocket
Action Fraud reported a spike in social media and email account hacks in 2024, resulting in losses of nearly £1m...