Coming soon: the 2025 Zeek Community Survey

We want to hear how you're using Zeek, what's working, and where we can improve. Your input will help guide how we support and grow the community. Survey launches June 23.

My new #DDoS book "DDoS: Understanding Real-Life Attacks and Mitigation Strategies" is now also available as an eBook!

Check it out here: https://ddos-book.com/

I’ve packed in everything I’ve learned from defending major German government sites against groups like Anonymous, Killnet, and NoName057(16).

It covers mitigations against #AI #crawlers and many other defenses for all network layers.

If you find it useful, I’d love it if you could boost and share to help more people defend themselves.

Thank you!

https://www.europesays.com/uk/146566/ IGEL Buys Stratodesk To Boost Endpoint Computing Capabilities #ApplicationAndPlatformSecurity #CloudPlatforms #CloudSecurity #CloudSoftware #Computing #Cybersecurity #DesktopClients #EndpointSecurity #ManagedSecurity #MergersAndAcquisitions #NetworkSecurity #SecurityOperations #tablets #Technology #UK #UnitedKingdom

https://www.europesays.com/2120517/ ConnectWise Hit by Cyberattack; Nation-State Actor Suspected in Targeted Breach #ComputerSecurity #CyberAttacks #CyberNews #CyberSecurityNews #CyberSecurityNewsToday #CyberSecurityUpdates #CyberUpdates #Data #DataBreach #HackerNews #HackingNews #HowToHack #InformationSecurity #NetworkSecurity #RansomwareMalware #SoftwareVulnerability #TheHackerNews

I love the new zone management of the Unifi firewall. I feel more comfortable now being more granular in my rules. Before, I was using Cloudflare DNS proxy to only allow three countries to connect to my public services.

Now, I’m no longer using the DNS proxy, and my rule is done with Unifi. Other improvement, my public services are in an isolated VLAN and are available on IPv4 and IPv6.

Types of DNS Attacks You Should Know

The Domain Name System (DNS) is a core part of how the internet works — and it’s also a prime target for attackers. Understanding DNS attack types is essential for defending network infrastructure.

Common DNS Attack Types:

1. DNS Spoofing / Cache Poisoning
→ Injects false DNS data into a resolver's cache to redirect users to malicious sites.

2. DNS Tunneling
→ Encodes data into DNS queries/responses to exfiltrate data or establish covert C2 channels.

3. DNS Amplification (DDoS)
→ Exploits open DNS resolvers to flood a target with amplified traffic.

4. NXDOMAIN Attack
→ Overloads DNS servers with queries for nonexistent domains, degrading performance.

5. Domain Hijacking
→ Unauthorized changes to DNS records or domain ownership to take control of web traffic.

6. Typosquatting / Homograph Attacks
→ Uses lookalike domains to trick users into visiting malicious sites.

7. Subdomain Takeover
→ Targets misconfigured DNS entries pointing to expired resources (e.g., GitHub Pages, AWS buckets).

Why it matters:
DNS is often overlooked in security strategies, but it’s a critical attack surface. Proper monitoring, DNSSEC, and logging can reduce risk.

Disclaimer: This content is for educational and awareness purposes only.

Join Wireshark core developer Sake Blok for pre-conference Class III: SSL/TLS Troubleshooting with #Wireshark — a deep dive into understanding and diagnosing TLS-based communication issues.

Sign up now and start your SharkFest journey strong: https://sharkfest.wireshark.org/sfus

SharkFest'25 US is almost here!
June 14–19 • Richmond, Virginia

Whether you're a packet analysis pro or just getting started, SharkFest is the place to sharpen your #Wireshark & #Stratoshark skills, learn from world-class instructor & connect with the community.

- Hands-on workshops
- Expert-led sessions
- Keynote from Vint Cerf
- Pre-conference classes with top analysts

Register now & be part of the packet party: https://sharkfest.wireshark.org/sfus/

Demystifying HTTP Proxies: Forward vs Reverse and Their Impact on Network Security

Understanding the nuances between forward and reverse proxies is essential for modern network security and performance optimization. This article delves into how these proxies function, their practica...

https://news.lavx.hu/article/demystifying-http-proxies-forward-vs-reverse-and-their-impact-on-network-security

Tor has launched Oniux, a new tool for anonymizing any Linux app’s network traffic via the Tor network.

Unlike previous solutions like Torsocks, Oniux uses Linux namespaces to isolate apps at the kernel level, ensuring leak-proof anonymity even with malicious apps.

Though experimental, Oniux could be a game-changer for enhanced privacy on Linux.

https://www.bleepingcomputer.com/news/security/new-tor-oniux-tool-anonymizes-any-linux-apps-network-traffic/

Over the past nine months, undocumented communication devices, including cellular radios, have been found in inverters and some batteries from multiple Chinese suppliers.

#EnergyTransition #EnergyMastodon #Climate #InfoSec #NetworkSecurity #CyberSecurity #China

https://www.reuters.com/sustainability/climate-energy/ghost-machine-rogue-communication-devices-found-chinese-inverters-2025-05-14/

The FBI has issued an alert about cybercriminals hijacking outdated routers to power massive proxy-for-hire networks—masking malware, fraud, and credential theft right under your nose.

Watch the full Cyberside Chats episode to hear @sherridavidoff and @MDurrin 's insights on:

The FBI’s May 2025 alert
TheMoon malware and the Faceless proxy service
What these botnets mean for your enterprise
What you need to do now to stay protected

Watch the video: https://youtu.be/x_40BlvWsHk
Listen to the podcast: https://www.chatcyberside.com/e/outdated-routers-a-hidden-threat-in-your-neighborhood/?token=b0b648ff9ddf79f7cb1099945c74f7f0

https://www.europesays.com/2074244/ North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress #ComputerSecurity #Conflicts #CyberAttacks #CyberNews #CyberSecurityNews #CyberSecurityNewsToday #CyberSecurityUpdates #CyberUpdates #DataBreach #HackerNews #HackingNews #HowToHack #InformationSecurity #NetworkSecurity #NorthKorea #RansomwareMalware #SoftwareVulnerability #TheHackerNews

Cyber threat: Operation Moonlander dismantles a decades-old router botnet

Aging Linksys, Ericsson & Cisco routers were hijacked by TheMoon malware
Four foreign nationals indicted for running Anyproxy/5socks proxy-for-hire networks
FBI bulletin urges disposal of unsupported routers and firmware updates
Joint takedown by FBI, Dutch National Police & DOJ

Protect your network: replace EOL devices, apply patches, and monitor IoT traffic for anomalies.

#CyberSecurity #Botnet #IoT #OperationMoonlander #NetworkSecurity
https://www.theregister.com/2025/05/10/router_botnet_crashed/

𝗕𝘂𝗶𝗹𝗱𝗶𝗻𝗴 𝘁𝗿𝘂𝘀𝘁 𝗶𝗻𝘁𝗼 𝟲𝗚 𝘀𝘁𝗮𝗿𝘁𝘀 𝗳𝗿𝗼𝗺 𝘁𝗵𝗲 𝗴𝗿𝗼𝘂𝗻𝗱 𝘂𝗽

𝗶𝗧𝗿𝘂𝘀𝘁𝟲𝗚 explores how secure service orchestration is key to building resilient, next-gen networks.

𝗥𝗲𝗮𝗱 𝘁𝗵𝗲 𝗯𝗹𝗼𝗴 𝗽𝗼𝘀𝘁: https://www.sns-itrust6g.com/itrust6g-secure-service-orchestration-design/

The Rise of Artificial Intelligence in Cybersecurity: What to Expect

https://bytesectorx.blogspot.com/2024/11/the-rise-of-artificial-intelligence-in-cybersecurity-what-to-expect.html

https://www.europesays.com/2022415/ Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware #ComputerSecurity #CyberAttacks #CyberNews #CyberSecurityNews #CyberSecurityNewsToday #CyberSecurityUpdates #CyberUpdates #DataBreach #HackerNews #HackingNews #HowToHack #InformationSecurity #NetworkSecurity #RansomwareMalware #SoftwareVulnerability #SouthKorea #TheHackerNews

New Threat Alert: Rustobot Botnet
A new Rust-based botnet is making waves — and it's hijacking routers to do it. @FortiGuardLabs latest research dives into Rustobot, a stealthy, modular botnet that’s fast, evasive, and ready to wreak havoc.

Learn how it works, what makes it different, and how to protect your network:
https://www.fortinet.com/blog/threat-research/new-rust-botnet-rustobot-is-routed-via-routers

IOCs

URLs

hxxp://66[.]63[.]187[.]69/w.sh
hxxp://66[.]63[.]187[.]69/wget.sh
hxxp://66[.]63[.]187[.]69/t
hxxp://66[.]63[.]187[.]69/tftp.sh
hxxp://66[.]63[.]187[.]69/arm5
hxxp://66[.]63[.]187[.]69/arm6
hxxp://66[.]63[.]187[.]69/arm7
hxxp://66[.]63[.]187[.]69/mips
hxxp://66[.]63[.]187[.]69/mpsl
hxxp://66[.]63[.]187[.]69/x86

Hosts

dvrhelper[.]anondns[.]net
techsupport[.]anondns[.]net
rustbot[.]anondns[.]net
miraisucks[.]anondns[.]net
5[.]255[.]125[.]150

https://www.europesays.com/2014993/ Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan #ComputerSecurity #Conflicts #CyberAttacks #CyberNews #CyberSecurityNews #CyberSecurityNewsToday #CyberSecurityUpdates #CyberUpdates #DataBreach #HackerNews #HackingNews #HowToHack #InformationSecurity #NetworkSecurity #NorthKorea #RansomwareMalware #SoftwareVulnerability #TheHackerNews

https://www.europesays.com/2010679/ APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures #ComputerSecurity #CyberAttacks #CyberNews #CyberSecurityNews #CyberSecurityNewsToday #CyberSecurityUpdates #CyberUpdates #DataBreach #europe #HackerNews #HackingNews #HowToHack #InformationSecurity #NetworkSecurity #RansomwareMalware #SoftwareVulnerability #TheHackerNews