3M+ IoT devices hijacked into botnets launching record 31.4 Tbps DDoS attacks.
Command-and-Control (C2) infrastructure = the hidden servers attackers use to control infected devices (botnets) remotely.
These IoT botnets (AISURU, Kimwolf, JackSkid, Mossad) used C2 servers to coordinate global DDoS attacks, including targets in the U.S.
Attack type: hyper-volumetric DDoS (up to 31.4 Tbps) — capable of crippling ISPs, cloud services, and core internet infrastructure.
Command-and-Control (C2) infrastructure = the hidden servers attackers use to control infected devices (botnets) remotely.
These IoT botnets (AISURU, Kimwolf, JackSkid, Mossad) used C2 servers to coordinate global DDoS attacks, including targets in the U.S.
Attack type: hyper-volumetric DDoS (up to 31.4 Tbps) — capable of crippling ISPs, cloud services, and core internet infrastructure.
Cyber Dispatch™️
3M+ IoT devices hijacked into botnets launching record 31.4 Tbps DDoS attacks. Command-and-Control (C2) infrastructure = the hidden servers attackers use to control infected devices (botnets) remotely. These IoT botnets (AISURU, Kimwolf, JackSkid, Mossad)…
Quick explanation:Botnet: A network of hacked devices (routers, cameras, smart TVs) controlled by attackers.
C2 (Command-and-Control): The “brain” server sending instructions to those infected devices.
DDoS attack: Flooding a target with massive traffic to knock services offline.
C2 (Command-and-Control): The “brain” server sending instructions to those infected devices.
DDoS attack: Flooding a target with massive traffic to knock services offline.
Speagle malware is abusing Cobra DocGuard to quietly steal data. It sends exfiltration through a legitimate DocGuard server, blending into normal traffic and avoiding detection.
It only runs on systems with DocGuard installed, signaling targeted espionage activity.
It only runs on systems with DocGuard installed, signaling targeted espionage activity.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
The open-source vulnerability scanner Trivy—maintained by Israel's Aqua Security—has been hit by a supply chain attack, with hackers injecting malicious code into its repositories.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
הסורק לפגיעות בקוד הפתוח Trivy — שמפותח על ידי חברת Aqua Security הישראלית — הותקף בהתקפת שרשרת אספקה, כאשר האקרים הזריקו קוד זדוני למאגרי הקוד שלו.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Intoxalock Breathalyzer Systems Hit by Prolonged DDoS Attack
A cyberattack targeted Intoxalock, a provider of ignition interlock breathalyzer systems used to detect blood alcohol levels in vehicles of DUI offenders. Drivers must blow into the device to start their cars.
Post-attack, company servers went offline, blocking thousands of drivers across 45 US states from starting their vehicles.
The DDoS assault—ongoing since Saturday—marks an unusually extended disruption to critical infrastructure tied to public safety and compliance.[
@TheGhostITM
A cyberattack targeted Intoxalock, a provider of ignition interlock breathalyzer systems used to detect blood alcohol levels in vehicles of DUI offenders. Drivers must blow into the device to start their cars.
Post-attack, company servers went offline, blocking thousands of drivers across 45 US states from starting their vehicles.
The DDoS assault—ongoing since Saturday—marks an unusually extended disruption to critical infrastructure tied to public safety and compliance.[
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Israeli Military Secure Comms Codes Leaked
Hacktivists cracked IDF encrypted VoIP systems (Italy/Germany/Austria/France hardware), exposing battlefield C2 channels. Israel acknowledges breach, plans switch—but that's no quick fix.
@TheGhostITM
Hacktivists cracked IDF encrypted VoIP systems (Italy/Germany/Austria/France hardware), exposing battlefield C2 channels. Israel acknowledges breach, plans switch—but that's no quick fix.
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
IDF Comms Leak Exposes European Suppliers
Post-breach of Israeli military secure VoIP infra, 3 firms enabling IDF C2:
- NA-NET COMMUNICATION GmbH (Germany/Austria): Military telecom, VoIP, network infra
- Orange S.A. (France): Data centers, high-sec networks
- Enegan S.p.A. (Italy): Telecom disguised as "energy efficiency" services
@TheGhostITM
Post-breach of Israeli military secure VoIP infra, 3 firms enabling IDF C2:
- NA-NET COMMUNICATION GmbH (Germany/Austria): Military telecom, VoIP, network infra
- Orange S.A. (France): Data centers, high-sec networks
- Enegan S.p.A. (Italy): Telecom disguised as "energy efficiency" services
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
IDF Comms Leak Exposes European Suppliers Post-breach of Israeli military secure VoIP infra, 3 firms enabling IDF C2: - NA-NET COMMUNICATION GmbH (Germany/Austria): Military telecom, VoIP, network infra - Orange S.A. (France): Data centers, high-sec…
IDF Comms Breach—European Suppliers Named
Leak exposes vendors powering cracked IDF secure VoIP/C2 systems:
- NA-NET COMMUNICATION GmbH (DE/AT): Telecom, internet, VoIP, digital comms for military
- Orange S.A. (FR, ex-France Télécom): Telecom, internet/data, network infra, data centers
- Enegan S.p.A. (IT): Telecom services hidden behind "energy efficiency" facade
@TheGhostITM
Leak exposes vendors powering cracked IDF secure VoIP/C2 systems:
- NA-NET COMMUNICATION GmbH (DE/AT): Telecom, internet, VoIP, digital comms for military
- Orange S.A. (FR, ex-France Télécom): Telecom, internet/data, network infra, data centers
- Enegan S.p.A. (IT): Telecom services hidden behind "energy efficiency" facade
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Pro-Palestinian hacktivists Handala just dropped their new op hub: http://www.handala-team.to
@TheGhostITM
@TheGhostITM
Apple warns outdated iPhones are now exposed to mass-scale exploit kits like Coruna and DarkSword.
Compromised websites can silently trigger infections and steal sensitive data from unpatched devices.
Compromised websites can silently trigger infections and steal sensitive data from unpatched devices.
Trivy, a popular open-source vulnerability scanner, was compromised after attackers hijacked 75 version tags in #GitHub Actions to deliver an infostealer.
It ran in CI pipelines, stealing creds and tokens, then exfiltrating data or staging it via stolen GitHub PATs.
It ran in CI pipelines, stealing creds and tokens, then exfiltrating data or staging it via stolen GitHub PATs.
Nationwide power outage in Cuba; speculation of a cyberattack by US on the power plant.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Handala Team claims it has mapped and archived precise coordinates of Israeli water and power infrastructure, warning of escalation if Iranian facilities are targeted. #cyberwarfare
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Hacktivist group "Handala" issues threat: any strike on Iran’s energy sector will trigger a response "far beyond" parity, citing pre-collected infrastructure intelligence on Israel.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
New statement from "Handala" suggests coordinated cyber-intelligence effort tied to geopolitical tensions, highlighting critical infrastructure as a primary target set in potential escalation.
@TheGhostITM
@TheGhostITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Hacktivists reportedly targeted Israel’s public transportation infrastructure, disrupting the Ravkav ticketing platform and online bus services, causing widespread service outages across multiple cities.
@TheGhostITM
@TheGhostITM
FBI: Iranian cyber actors are using Telegram as command-and-control (C2) infrastructure.