#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

Proxyware | Breaking Cybersecurity News | The Hacker News

Category — Proxyware
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet

Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet

Jan 22, 2025 Vulnerability / Network Security
Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks. According to QiAnXin XLab, the attacks have leveraged the security flaw since June 2024. Additional details about the shortcomings have been withheld to prevent further abuse. Some of the other flaws weaponized by the distributed denial-of-service (DDoS) botnet include CVE-2013-3307 , CVE-2016-20016 , CVE-2017-5259 , CVE-2018-14558 , CVE-2020-25499 , CVE-2020-8515 , CVE-2022-3573 , CVE-2022-40005 , CVE-2022-44149 , CVE-2023-28771 , as well as those impacting AVTECH IP cameras, LILIN DVRs, and Shenzhen TVT devices. "The operator of AIRASHI has been posting their DDoS capability test results on Telegram," XLab said. "From historical data, it can be observed that the attack capacity of the AIRASHI botnet remains stable around 1-3 Tbps." A majority ...
Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign

Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign

Jun 30, 2023 Server Security / Cyber Threat
An active financially motivated campaign is targeting vulnerable SSH servers to covertly ensnare them into a proxy network. "This is an active campaign in which the attacker leverages SSH for remote access, running malicious scripts that stealthily enlist victim servers into a peer-to-peer (P2P) proxy network, such as Peer2Profit or Honeygain," Akamai researcher Allen West said in a Thursday report. Unlike cryptojacking, in which a compromised system's resources are used to illicitly mine cryptocurrency, proxyjacking offers the ability for threat actors to leverage the victim's unused bandwidth to clandestinely run different services as a P2P node. This offers two-fold benefits: It not only enables the attacker to monetize the extra bandwidth with a significantly reduced resource load that would be necessary to carry out cryptojacking, it also reduces the chances of discovery. "It is a stealthier alternative to cryptojacking and has serious implications th...
What Is Attack Surface Management?

What Is Attack Surface Management?

Feb 03, 2025Attack Surface Management
Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what's exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker's perspective has never been more important. In this guide, we look at why attack surfaces are growing and how to monitor and manage them properly with  tools like Intruder . Let's dive in. What is your attack surface? First, it's important to understand what we mean when we talk about an attack surface. An attack surface is the sum of your digital assets that are 'reachable' by an attacker – whether they are secure or vulnerable, known or unknown, in active use or not. You can also have both internal and external attack surfaces - imagine for example a malicious email attachment landing in a colleague's inbox, vs a new FTP server being...
Expert Insights / Articles Videos
Cybersecurity Resources