Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks
https://thehackernews.com/2025/12/kimwolf-botnet-hijacks-18-million.html

#Infosec #Security #Cybersecurity #CeptBiro #Kimwolf #Botnet #Hijacks #Android #TVs #DDoSAttacks

Cloudflare reveals how bots and governments reshaped the internet in 2025

https://fed.brid.gy/r/https://nerds.xyz/2025/12/cloudflare-2025-year-review/

40 seconds, 22.2 Tbps, and a botnet of 300,000 hijacked devices—enough chaos to stream a million 4K videos at once. How did Cloudflare turn this digital assault into a masterclass in defense? Dive into the story.

https://thedefendopsdiaries.com/understanding-and-mitigating-modern-ddos-attacks-lessons-from-the-222-tbps-incident/

#ddosattacks
#cloudflare
#cybersecurity
#botnet
#iotsecurity

For some reason a LOT of Microsoft-tagged (whois) IPs are **very** interested in the query "IN ANY fysh.org".

I'm seeing *thousands* of TCP connections to the name server at once, all for that same query.

I'm still going through the list of IPs from about 30 minutes ago, but so far whois is mostly saying "Microsoft", sometimes with a "cloud" tag. There's one bunch of Google in there too, but for all I know they're just because the MSFT ones are causing a lot of:

named[2218860]: Accepting TCP connection failed: quota reached

So, are Microsoft cloud IPs known to do something like this, perhaps some web scraper gone wrong? Or is someone leveraging Azure for some sort of DoS attack ? It's not *incredibly* effective if so, no immediate sign of other issues with fysh.org services, but I've not gotten to checking that in detail yet.

#infosec #ddos #DDoSAttacks #microsoft #cloud #azure

Cloudflare just stopped an 11.5 Tbps DDoS attack—a jump from 3.8 Tbps that's rewriting the playbook on cyber warfare. Want to see how tech and tactics are evolving in real time?

https://thedefendopsdiaries.com/the-evolution-of-ddos-attacks-from-38-tbps-to-115-tbps/

#ddosattacks
#cybersecurity
#cloudflare
#networksecurity
#iotsecurity

Krebs on Security: Oregon Man Charged in ‘Rapper Bot’ DDoS Service. “On August 6, 2025, federal agents arrested Ethan J. Foltz of Springfield, Ore. on suspicion of operating Rapper Bot, a globally dispersed collection of tens of thousands of hacked Internet of Things (IoT) devices. The complaint against Foltz explains the attacks usually clocked in at more than two terabits of junk data per […]

https://rbfirehose.com/2025/08/20/krebs-on-security-oregon-man-charged-in-rapper-bot-ddos-service/

Internet-wide Vulnerability Enables Giant DDoS Attacks
https://www.darkreading.com/vulnerabilities-threats/internet-wide-vulnerability-giant-ddos-attacks

#Infosec #Security #Cybersecurity #CeptBiro #Vulnerability #DDoSAttacks

Ars Technica: Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic. “Large-scale attacks designed to bring down Internet services by sending them more traffic than they can process keep getting bigger, with the largest one yet, measured at 7.3 terabits per second, being reported Friday by Internet security and performance provider Cloudflare.”

https://rbfirehose.com/2025/06/22/ars-technica-record-ddos-pummels-site-with-once-unimaginable-7-3tbps-of-junk-traffic/