Why the toothbrush DDoS story fooled us all

I'll be the first to admit that, like many people on the internet last week, I got caught up in the toothbrush distributed denial-of-service attack that wasn't.
There was about a 24-hour period where many news outlets reported on a reported DDoS attack that involved a botnet made up of thousands of internet-connected toothbrushes, it all started with one international newspaper report, and then was aggregated to death and spread quickly on social media.
This attack was only a hypothetical that a security researcher posed in an interview but was reported or translated as an attack that happened.
I'll admit, the aggregated stories seemed a little fishy to me at first, because all the reports didn't include any specifics about which company was targeted, how long the attack lasted, or the name of the device that was reportedly compromised.
That last part should be a red flag going forward for any of us wanting to share a meme about something the next time a cybersecurity story goes viral - in my opinion, responsible disclosure of an attack or compromise should always include information about whatever vulnerability it was that was exploited.
In this hypothetical scenario, I don't think an adversary would have been able to compromise an internet-connected toothbrush without first exploiting some sort of vulnerability, which if it's being reported on in public, should at least include information on patches or mitigations.
The toothbrush botnet that wasn't does serve as a reminder to all of us to be a bit more mindful before clicking share or posting a story on social media.
Turla has been widely known to target entities across the world using a huge set of offensive tools in geographies including the U.S., European Union, Ukraine and Asia.
Chinese state-sponsored actor Volt Typhoon may have silently sat on U.S. critical infrastructure networks for more than five years, according to a new report from American intelligence agencies.
Authorities in Canada, Australia and New Zealand also contributed to last week's advisory, citing their concern for similar activity in their countries.
The FBI's director recently said in testimony to U.S. Congress that authorities had dismantled a bot network of hundreds of compromised devices that was connected to VoltTyphoon.
A new spyware network called TheTruthSpy may have compromised hundreds of Android devices using silent tracking apps that users download thinking they're legitimate.
Security researchers uncovered the information of thousands of devices that have already been compromised, including their IMEI numbers and advertising IDs.
The spyware is downloaded via an app, which doesn't appear on the victim's home screen and operates quietly in the background.
The phony LassPass used a similar logo to that of the legitimate LastPass and was up on the App Store for an unknown amount of time.
Apple also said it was removing the creator of the app from its Developer Program.
This is a very rare case for the Apple App Store, as it has a strict review policy.
LastPass released a warning to all users last week of the fake app's existence, including a link to the legitimate LastPass app.
It's safe to assume that the app was likely set up as some sort of phishing scam meant to get users to enter their legitimate LastPass login information to be stolen by the fake app's creator.
Joe Marshall from Talos' Strategic Communications team will tell an incredible story of how a group of engineers and security professionals from a diverse coalition of organizations came together to solve this electronic warfare GPS problem in an unconventional technical way, and helped stabilize parts of the transmission grid of Ukraine.


This Cyber News was published on blog.talosintelligence.com. Publication date: Thu, 15 Feb 2024 19:13:16 +0000


Cyber News related to Why the toothbrush DDoS story fooled us all

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
5 months ago Helpnetsecurity.com
Why the toothbrush DDoS story fooled us all - I'll be the first to admit that, like many people on the internet last week, I got caught up in the toothbrush distributed denial-of-service attack that wasn't. There was about a 24-hour period where many news outlets reported on a reported DDoS ...
10 months ago Blog.talosintelligence.com
The Rise of DDoS Attacks in Q3, 2023: Are You Prepared? - The Indusface AppSec Q3, 2023 Report reveals a staggering 67% surge in DDoS attacks compared to the previous quarter, highlighting a concerning trend with profound impacts on various industries. Over 41% of websites have shown signs of DDoS attacks ...
1 year ago Cybersecuritynews.com
The State of DDoS Attacks: Evolving Tactics and Targets Businesses Must Be Aware Of - Now, these attacks are becoming more dangerous, targeted, and detrimental as they evolve. As DDoS attacks become more sophisticated, adversaries are able to hone in on the most vulnerable targets, ranging from small- and medium-sized businesses to ...
11 months ago Cyberdefensemagazine.com
How to Prepare for DDoS Attacks During Peak Business Times - One common tactic that many security practitioners have witnessed is carrying out distributed denial-of-service attacks during peak business times, when companies are more likely to be short-staffed and caught unawares. While DDoS attacks are a ...
11 months ago Darkreading.com
Security Series: Protecting the Edge Against DDoS Attacks with a Simplified Integrated Solution - An unprecedented increase in distributed-denial-of-service attacks in recent years has resulted in lost revenue and productivity, increased ransomware costs, and impacted service-level agreements for network operators. According to Zayo Group's ...
1 year ago Feedpress.me
CVE-2021-42016 - A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < ...
1 year ago
CVE-2021-42017 - A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < ...
1 year ago
In Cybersecurity and Fashion, What's Old Is New Again - While distributed denial-of-service attacks and zero-day threats are nothing new in cybersecurity, they're still happening regularly for a simple reason: They work. In early November 2023, OpenAI blamed a DDoS attack for intermittent ChatGPT issues, ...
11 months ago Darkreading.com
Essential DDoS statistics for understanding attack impact - The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and ...
1 year ago Helpnetsecurity.com
VPN to protect against DDoS attacks on Twitch - Swarming or DDoS attacks pose a threat to streamers. Your data goes through a secure server, making it harder for attackers to target your actual IP address. A distributed denial-of-service attack globally harasses and attacks legitimate users and ...
11 months ago Itsecurityguru.org
How to Prevent DNS Attacks: DNS Security Best Practices - To protect against attack, best practices must be applied to protect the DNS protocol, the server on which the DNS protocol runs, and all access to the DNS processes. Implementing these best practices will not only protect DNS but also network ...
1 year ago Esecurityplanet.com
CVE-2021-37209 - A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < ...
1 year ago
Understanding the Escalating Threat of Web DDoS Tsunami Attacks - Whether it's hacktivists conducting cyberwarfare or ransom-seeking criminals targeting vulnerable firms in financial services, retail, energy, or transportation, a new breed of destructive distributed denial of service attack - the Web DDoS Tsunami - ...
11 months ago Cyberdefensemagazine.com
CVE-2024-38867 - A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.64), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) ...
5 months ago
DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia - Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks. On November 30, 2023, Rappler, the leading digital media company in the ...
1 year ago Hackread.com
How to Know If Someone Screengrabs Your Instagram Story? - Instagram doesn't inform its users when their Story or Reel has been screengrabbed - no matter whether they have millions of followers or just an everyday account - which means their content could go unnoticed if it gets screengrabbed. Once again, ...
1 year ago Hackercombat.com
CVE-2021-31895 - A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V4.3.7), RUGGEDCOM ROS M2200 (All versions < V4.3.7), RUGGEDCOM ROS M969 (All versions < V4.3.7), RUGGEDCOM ROS RMC (All versions < V4.3.7), RUGGEDCOM ROS RMC20 ...
3 years ago
Pro-Russian DDoS Attacks Alarm Denmark and US - Distributed denial-of-service (DDoS) attacks by pro-Russian hacking groups have caused alarm in the US and Denmark after several incidents affected websites of hospitals and government offices in both countries. On Tuesday, Denmark announced that it ...
1 year ago Therecord.media
CVE-2022-45044 - A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) ...
9 months ago
CVE-2019-19300 - A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), KTK ATE530S (All versions), SIDOOR ATD430W (All versions), ...
1 year ago
Russian state-owned Sberbank hit by 1 million RPS DDoS attack - Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service attack in recent history. Sberbank is a majority state-owned banking and financial services company and the ...
1 year ago Bleepingcomputer.com
Hackers are Launching DDoS Attacks During Peak Business Hours - Many security practitioners have seen distributed denial-of-service attacks carried out during peak business hours, when firms are more likely to be understaffed and caught off guard. DDoS attacks are a year-round threat, but we've seen an increase ...
11 months ago Cysecurity.news
CVE-2022-34821 - A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2), SCALANCE M804PB (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)