‘Win-DDoS’: Researchers unveil botnet technique exploiting Windows domain controllers

Threat Score:

CSO Online

2 days ago

Part of cluster #1833

Overview

At DEF CON 33, security researchers demonstrated a novel distributed denial-of-service technique using weaponized Windows domain controllers (DCs), along with a set of zero-click vulnerabilities affecting Windows services. Dubbed “Win-DDoS,” the attack strategy involves remotely crashing domain controllers or other Windows endpoints on internal networks, using the remote procedure call (RPC) framework. “We discovered a novel DDoS technique that could be used to create a malicious botnet leveragi...

Continue Reading on Original Site

5 articles

Xerox patches critical vulnerability in FreeFlow Core application

Cybersecurity Dive • 5 hours ago

Researchers at Horizon3.ai discovered the flaw after flagging unusual behavior in a customer environment.

Score

Patch Now: Attackers Target OT Networks via Critical RCE Flaw

Dark Reading • 4 hours ago

Researchers observed exploitation attempts against a vulnerability with a CVSS score of 10 in a popular Erlang-based platform for critical infrastructure and OT development.

Score

The MedusaLocker ransomware gang is hiring penetration testers

Graham Cluley • 6 hours ago

MedusaLocker, the ransomware-as-a-service group that has been active since 2019 is openly recruiting for penetration testers to help it compromise more businesses. in my article on the Fortra blog.

Score

US Authorities Seize $1m from BlackSuit Ransomware Group

Infosecurity Magazine • 11 hours ago

The US Department of Justice has announced the seizure of domains, servers and $1m in proceeds from the BlackSuit ransomware group

Score

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 5 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

CVES

CVE-2024-49113

CVE-2025-26673

CVE-2025-32724

CVE-2025-49113

CVE-2025-49716

VULNERABILITIES

DDoS

Denial of Service

DoS

RCE

Remote Code Execution

COMPANIES

Microsoft

SafeBreach

SafeBreach Labs

PLATFORMS

Windows

RANSOMWARE

Blind

First

One

MALWARE

Industroyer

ATTACK TYPES

DDoS

Denial of Service

Distributed Denial of Service

DoS

LDAP Manipulation

MITRE ATT&CK

T1055

T1059

T1071

T1071.001

T1071.003

INDUSTRIES

Cybersecurity

Information Technology

SECURITY VENDORS

SafeBreach

ARTICLE INFORMATION

Article #10467

Published 2 days ago

CSO Online

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

Xerox patches critical vulnerability in FreeFlow Core application

Patch Now: Attackers Target OT Networks via Critical RCE Flaw

The MedusaLocker ransomware gang is hiring penetration testers

US Authorities Seize $1m from BlackSuit Ransomware Group

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies