Explore cybersecurity trends, news and insights from the experts at Black Lotus Labs, the threat research and operations arm of Lumen.
The Black Lotus Labs team at Lumen Technologies recently discovered a hacktivist campaign affecting internet-exposed routers and switches that occurred primarily on May 13, 2021. During this campaign, the threat actor abused the victims’ misconfigured Cisco Smart Install protocol, which […]
In recent years, Distributed Denial of Service (DDoS) events have become an ever-present threat, featuring attack traffic pushing to levels measured in terabits per second (Tbps). One of the key tools in the hands of cybercriminals seeking to increase the […]
Black Lotus Labs’ analysis has uncovered a cluster of compromised websites previously used in a series of watering hole attacks. Any visitors who browsed to one of the sites would unknowingly be infected and vulnerable to the threat actor stealing […]
Since the second half of 2020, Lumen Black Lotus Labs® has observed an unsettling number of entities receiving emails containing a threat of sustained DDoS attack unless a Bitcoin ransom was paid. These attacks – known as Ransom Distributed Denial […]
Bolstered by contributions from Black Lotus Labs and others, Microsoft and FS-ISAC recently took court action to disrupt a particularly insidious botnet called TrickBot – a significant source of ransomware and banking credential theft. As the threat intelligence arm of […]
As we’ve previously written, adversaries continue to ramp up DNS-based attacks to support a wide range of criminal activities. As part of our mission to leverage our network visibility to both help protect customers and keep the internet clean, Black […]
Summary The explosion of Internet of Things (IoT) devices has long served as a breeding ground for malware distribution. The inability for users to patch many IoT devices has only compounded this problem, as bad actors continue to evolve tactics […]
Despite the ubiquity of DNS, too many security teams today do not adequately prioritize it as a focus for monitoring and mitigation of risk. As recent security headlines demonstrate, one increasingly common cyberattack employed by malicious actors is DNS tunneling, […]
Over the past several years, Emotet has established itself as a pervasive and continually evolving threat, morphing from a prominent banking trojan to a modular spam and malware-as-a-service botnet with global distribution. After emerging in June 2014 targeting German and […]
Introduction The Necurs botnet has a well-known and sordid history of criminal endeavors. Today, it is regarded as one of the most prolific spam and malware distribution botnets in existence. However, despite its reputation for delivering spam, its operators have […]
