Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.

Administered by:

Server stats:

300
active users

toad.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.8

#ddos

15 posts14 participants0 posts today
Public
OTX Bot

Operation Endgame 2.0

International law enforcement agencies have taken additional actions in Operation Endgame, targeting cybercriminal organizations, particularly those behind DanaBot. DanaBot is a powerful modular malware family written in Delphi, capable of keylogging, capturing screenshots, recording desktop videos, exfiltrating files, injecting content into web browsers, and deploying second-stage malware. It operates as a Malware-as-a-Service platform, enabling various attacks. DanaBot has been used in targeted attacks against government officials in the Middle East and Eastern Europe, and for DDoS attacks against Ukrainian servers. The malware implements a custom binary protocol encrypted with RSA and AES, and uses hardcoded C2 servers with Tor as a backup communication channel. Over 50 nicknames have been associated with DanaBot affiliates.

Pulse ID: 683046e8073360953a9307d2
Pulse Link: otx.alienvault.com/pulse/68304
Pulse Author: AlienVault
Created: 2025-05-23 09:59:04

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#Browser#CyberSecurity#DDoS
Continued thread
Public
Stéphane Bortzmeyer

#CENTR #dDoS Interesting talk since it was not a talk: after a short introduction, people in the room were told to gather in small groups (with no group hving two persons from the same domain registry), discuss on one of the proposed statements, and synthetize their discussion at the end.
Everybody agrees that we should share more information (heard many times in the last 25 years at CENTR...)

Public
Max Resing

Telegram Is Cooperating With Authorities, For Now - This is good news for the benign side of the cyber world. What we in the #DDoS mitigation industry observe are Telegram channels for e.g. #marketplaces for #DDoSforhire services or #threatactor coordination.

Seeing that #Telegram seizes to be the safe haven for shady, or straight up illegal activities that are a burden to the #Internet at large is really good news.

Risky.Biz · Telegram Is Cooperating With Authorities, For NowYour weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by SpecterOps. You can hear a podcast discussion of this newsletter by searching for
Public
ResearchBuzz: Firehose

Krebs on Security: KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS. “KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching […]

https://rbfirehose.com/2025/05/22/krebs-on-security-krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/

ResearchBuzz: Firehose | Individual posts from ResearchBuzz · Krebs on Security: KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS | ResearchBuzz: Firehose
More from ResearchBuzz: Firehose
#botnets#ddos#ddosattacks
Public
Neil Craig

Pretty much the only regions on the planet from which we *don't* see regular volumetric DDOS against www.bbc.co.uk & www.bbc.com is central Africa & the poles.

This is map shows the number of time each country was a DDOS traffic source in the last 30 days (larger circles == more DDOS attacks).

The botnets are really well globally distributed these days (and we typically see thousands or tens of thousands of source IPs per attack - mostly compromised servers).

World map with a red dot of varying sizes on virtually every country. Countries without a red dot are more or less only the central African countries from Senegal/Mauritania on the West coast to Eritrea on the East coast.
#DDOS#InfoSec#BotNet
Public
JBrickelt963 (φ)

Après quelques recherches j'ai compris qu'il pouvait y avoir un certains défis à réintroduire les #regex sur #mastodon que ce soit par la complexité d'utilisation ou le ralentissement les services avec possible faille #DDOS le risque est le taille.

Personnellement, j'aurais bien aimé avec a profiter des nombreux avantages qui en découle malgré tout. Et j'ai cru comprendre qui que beaucoup de #moderation en aurait apprécié l'efficacité.

1/n

framapiaf.org/@JBrickelt963/11

FramapiafJBrickelt963 (φ) (@JBrickelt963@framapiaf.org)@toddalstrom@mastodon.social oh je découvre qu'il est possible d'ajouter des expression "Regex" dans les filtres Mastodon !? L'expression pour Thread me sera sans doute moins utile maintenant qu'il est bien largement défédéré, mais ça ouvre le champ des possible. EDIT : Zut voilà que je déchante en apprenant que ça l'était jusqu'en 2018 dans l'implémentation officielle ... #Regex #Mastodon #Fediverse #feditips
Replied in thread
Public *
Kevin Karhan :verified:

@briankrebs yeah, cuz every #SecOps of any #ISP is gonna read that and look into the affected hosts if they were in their netwirk and obviously share the findings with investigators.

  • And I don't blame them since #DDoS attacks espechally at that scale do create a lot if cost and anger at their end as well.

So everyone but the malicious actor is gonna be mad...

  • Which makes it an even worse decision!
Replied in thread
Public
Kevin Karhan :verified:

@Npars01 and even then to me this looks more like a "bad" #PR stunt to me.

It's the digital equivalent of kids shooting paintballs at a parked cop car in a monsoon rain and that got only noticed retroactively...

  • I just think it's wasteful to #DDoS @briankrebs 's website because it's only a #blog, he doesn't pay any #ransom, is extremely well protected and outage of it doesn't generate the same public or financial pressure compared to businesses and governmental institutions.

Like even if they had succeeded, what would've been the outcome? Maybe line that reads: "Congrats Kiddo, you just wasted thousands if not millions of dollars worth in Monero just to create an outage of a tiny blog. Go give yourself a star in your exercise book!"

  • Someone just had more money than sense I guess...
Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)@briankrebs@infosec.exchange TBH, I think #DDoS'ing *your blog* is kinda wasteful beyond *"#BraggingRights"* because it's not only *well protected* but the amount of damage / revenue by #blackmailing they could expect is just zero. - I mean, it shure is a way to get *your attention* but that doesn't mean any #BlackHat should *ask for that*! But there are thousands if not millions of weaker targets they could've attacked. - Seems like the [muggers from Crocodile Dundee](https://www.youtube.com/watch?v=qi0G0b1dNzE) *but dumber* cuz they try to puncture your tires but you're sitting in a tracked tank. Pretty shure had #Google not told you or anyone else you would not have even noticed it.
Replied in thread
Public
Kevin Karhan :verified:

@briankrebs TBH, I think #DDoS'ing your blog is kinda wasteful beyond "#BraggingRights" because it's not only well protected but the amount of damage / revenue by #blackmailing they could expect is just zero.

  • I mean, it shure is a way to get your attention but that doesn't mean any #BlackHat should ask for that!

But there are thousands if not millions of weaker targets they could've attacked.

Pretty shure had #Google not told you or anyone else you would not have even noticed it.

YouTubeThat’s not a knife…THAT’S A KNIFE.” 😅 Crocodile Dun #movies #shortsBy universe of clips
Public
Anonymous 🐈🐾☕🍵🏴🇵🇸 :af:

A new Botnet family, HTTPBot, is expanding its attacks on the Windows ecosystem, primarily targeting the gaming industry with sophisticated HTTP-based DDoS techniques that evade traditional defenses, warns NSFOCUS Fuying Lab. #CyberSecurity #DDoS nsfocusglobal.com/high-risk-wa

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. · High Risk Warning for Windows Ecosystem: New Botnet Family HTTPBot is Expanding - NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.Overview In April 2025, the Global Threat Hunting system of NSFOCUS Fuying Lab detected a significant increase in the activity of a new Botnet Trojan developed based on Go language. Given that many of its built-in DDoS attack methods are HTTP-based, Fuying Lab named it HTTPBot. The HTTPBot Botnet family first came into our monitoring […]
ExploreLive feeds
About