CyberSecurityBoard
Sponsor Register Login

Killnets Published Collection of Proxy IP Addresses

Cybersecurity researchers have recently released a list of IP addresses used by the pro-Russian group Killnet to neutralize its attacks. This list, which contains over 17,746 IPs, was made public by SecurityScorecard researchers. Since March 2022, Killnet has been targeting governments and key infrastructure in countries that have shown support for Ukraine, including Italy, Romania, Moldova, the Czech Republic, Lithuania, Norway, and Latvia. The Dutch National Cyber Security Centre reported that the websites of many hospitals in the Netherlands and Europe were attacked by Killnet. The group of hackers also launched an offensive on hospitals in the United Kingdom, Germany, Poland, Scandinavia, and the United States due to their support for Ukraine. Security Affairs reported that the attacks were announced on the group's Telegram channel last week, and they also called for an attack on the US healthcare system. The list of IP addresses, which is available on GitHub, can be used by organizations to blacklist these IPs and protect themselves from DDoS attacks. SecurityScorecard has also published a list of proxy IPs to help block the Killnet DDoS bot. Last week, the organization increased its operations and launched a series of DDoS attacks against German airports, government agencies, and banks websites. The hacktivists carried out the attacks in response to the German government's decision to deliver Leopard 2 tanks to Ukraine. Killnet also claimed responsibility for the DDoS attack that brought down the European Parliament's website in November. Organizations can use the list of IPs to protect themselves from DDoS attacks, and SecurityScorecard has also provided a list of proxy IPs to help block the Killnet DDoS bot. To stay up to date on the latest cybersecurity news and topics, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram. If you liked this post, you can also sign up for our newsletter to get cybersecurity updates directly in your inbox.

This Cyber News was published on heimdalsecurity.com. Publication date: Thu, 09 Feb 2023 15:53:03 +0000


Cyber News related to Killnets Published Collection of Proxy IP Addresses

Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
3 months ago Cisa.gov
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
3 months ago Cisa.gov
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
7 months ago Cisa.gov
VB.NET Proxy and VPN Check with IP2Location.io - Virtual Private Network servers are proxy servers that people use daily when browsing the Internet. As most of us are aware, websites track their visitors for advertising and marketing purposes. That's the same reason that people use residential ...
6 months ago Feeds.dzone.com
CVE-2024-37891 - urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* ...
2 weeks ago
Killnets Published Collection of Proxy IP Addresses - Cybersecurity researchers have recently released a list of IP addresses used by the pro-Russian group Killnet to neutralize its attacks. This list, which contains over 17,746 IPs, was made public by SecurityScorecard researchers. Since March 2022, ...
1 year ago Heimdalsecurity.com
Google Chrome's new "IP Protection" will hide users' IP addresses - Google is getting ready to test a new "IP Protection" feature for the Chrome browser that enhances users' privacy by masking their IP addresses using proxy servers. Recognizing the potential misuse of IP addresses for covert tracking, Google seeks to ...
7 months ago Bleepingcomputer.com
How to secure on-prem apps with Entra Application Proxy - If your internal web applications are still internet-facing, then it's time to move away from turning your firewall into Swiss cheese just to externalize apps for your users. To reduce the attack surface, a traditional method, such as a VPN, has its ...
3 months ago Techtarget.com
Socks5Systemz proxy service infects 10,000 systems worldwide - A proxy botnet called 'Socks5Systemz' has been infecting computers worldwide via the 'PrivateLoader' and 'Amadey' malware loaders, currently counting 10,000 infected devices. The malware infects computers and turns them into traffic-forwarding ...
7 months ago Bleepingcomputer.com
Tech CEO Sentenced to 5 Years in IP Address Scheme - Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan's sentencing comes nearly two years after he pleaded guilty to using an elaborate ...
7 months ago Krebsonsecurity.com
Treasury Sanctions Creators of 911 S5 Proxy Botnet - The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through ...
1 month ago Krebsonsecurity.com
CVE-2022-34321 - Improper Authentication vulnerability in Apache Pulsar Proxy allows an attacker to connect to the /proxy-stats endpoint without authentication. The vulnerable endpoint exposes detailed statistics about live connections, along with the capability to ...
3 months ago
Pro-Russian Hackers Attack European Hospitals European Hospitals Targeted by Pro-Russian Hackers - According to the Dutch National Cybersecurity Center, several hospitals from European countries supporting Ukraine have been targeted by pro-Russian threat actors, including their own UMCG hospital in Groningen. The cause behind UMCGs shutdown seems ...
1 year ago Heimdalsecurity.com
Deploy Keycloak Single Sign-On With Ansible - In this article, you'll use Ansible to simplify and automate the installation of Keycloak, a popular open-source tool to implement single sign-on for Web applications. The tutorial in this article builds on an Ansible Collection named middleware ...
6 months ago Feeds.dzone.com
How to Use Ansible with CML - Similar to Terraform, Ansible is a common, open-source automation tool often used in Continuous Integration/Continuous Deployment DevOps methodologies. Although overlaps exist in the capabilities of Terraform and Ansible, they are very complementary. ...
5 months ago Feedpress.me
US dismantles 911 S5 botnet used for cyberattacks, arrests admin - The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator. As early as 2011, Wang and his conspirators pushed malware onto victims' devices using ...
1 month ago Bleepingcomputer.com
US govt sanctions cybercrime gang behind massive 911 S5 botnet - Researchers at the Canadian University of Sherbrooke revealed almost two years ago, in June 2022, that this illegitimate residential proxy service lured potential victims by offering free VPN services to install malware designed to add their IP ...
1 month ago Bleepingcomputer.com
US govt sanctions cybercrime gang behind massive 911 S5 botnet - Researchers at the Canadian University of Sherbrooke revealed almost two years ago, in June 2022, that this illegitimate residential proxy service lured potential victims by offering free VPN services to install malware designed to add their IP ...
1 month ago Bleepingcomputer.com
US govt sanctions cybercrime gang behind massive 911 S5 botnet - Researchers at the Canadian University of Sherbrooke revealed almost two years ago, in June 2022, that this illegitimate residential proxy service lured potential victims by offering free VPN services to install malware designed to add their IP ...
1 month ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
7 months ago Esecurityplanet.com
Trello API abused to link email addresses to 15 million accounts - An exposed Trello API allows linking private email addresses with Trello accounts, enabling the creation of millions of data profiles containing both public and private information. Trello is an online project management tool owned by Atlassian that ...
5 months ago Bleepingcomputer.com
What Is Dynamic Host Configuration Protocol (DHCP)? - DHCP, or Dynamic Host Configuration Protocol, is a network protocol that allows devices on a network to be automatically assigned an IP address. DHCP is used extensively in both home and enterprise networks, as it simplifies the process of ...
1 year ago Heimdalsecurity.com
CVE-2021-41136 - Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request ...
7 months ago
CVE-2022-24280 - Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy's IP address. When the Apache Pulsar Proxy component is used, it is possible to ...
1 year ago
CVE-2023-37544 - Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy allows an attacker to connect to the /pingpong endpoint without authentication. This issue affects Apache Pulsar WebSocket Proxy: from 2.8.0 through 2.8.*, from 2.9.0 through ...
6 months ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)