EC-Council ATC Mongolia

🚨 Windows 11 Alert ⚠️ | Microsoft Confirms KB5074109 Issues

The first Windows 11 update of 2026 (KB5074109) is causing major problems with Outlook:
📌 POP accounts not responding
📌 PST files freezing or hanging
📌 Outlook stuck or crashing

✅ Temporary Fix:
🔹 Uninstall update KB5074109
🔹 Restart your PC
🔹 Wait for Microsoft’s patched update

⚠️ If Outlook is critical for your work, take action now!

Кибер аюулгүй байдлын индекс урагшилсан, төсөл хөтөлбөр цөөнгүй хэрэгжсэн, байгууллага бүр тодорхой төсөвтэй болсон (ялангуяа төрийн байгууллага) гэтэл бодит амьдрал дээр юу ч өөрчлөгдөөгүй хэвээрээ байсаар байна.

Meeting_a_Russian_Hacker_Who_Was_Hacking_VICE___CYBERWAR #SecurityEcosystem #DigitalDefense #motivation #cybersecurity

🚨A critical vulnerability in MongoDB (CVE-2025-14847) allows unauthenticated attackers to remotely leak sensitive data from MongoDB server memory.

Are you alert to phishing? This cyber scam occurs when hackers manipulate people, often via email, to hand over sensitive information or install malware on their machines. And the rise of Gen AI has taken it to a whole new level. Fortunately, AI isn’t only a weapon in the hands of cybercriminals: it can also be used to fight fire with fire and supercharge defences against #phishing - by monitoring suspicious messages, patrolling systems for vulnerabilities and scanning the torrent of incoming emails for the most dangerous attacks so that human experts can investigate them. As #cybercrime evolves at an unprecedented pace, phishing and AI-driven scams have emerged as significant global threats, affecting users, consumers, organizations and countries alike. The World Economic Forum’s Partnership against Cybercrime has published a white paper highlighting the urgent need for systemic solutions that enhance the inherent security and trustworthiness of the digital environment, reduce the risk of exploitation, and build a more resilient and secure cyberspace. You can read it here: https://ow.ly/8GMk50XKjB9 Under the theme ‘A Spirit of Dialogue’, the World Economic Forum Annual Meeting, from 19-23 January 2026, will gather voices from across sectors and regions – from heads of state to young changemakers – to build trust and develop solutions to the world’s most pressing challenges. Follow coverage of this year’s event using the hashtag #WEF26. For more, check out our Forum Stories piece: https://ow.ly/hpGH50XIzR4

Нээлттэй эхийн системийг subscription төлж хэрэглэх шаардлагатай бөгөөд үнэгүй repository ашиглах нь эрсдэлтэй байдаг болохыг харуулжээ.

1.8 million Android TV devices are attacking the internet right now. Without their owners knowing. 👀 A botnet called Kimwolf has infected smart TVs, TV boxes, and set-top boxes across 222 countries.

These devices are launching DDoS attacks and running proxy services for criminals. Your streaming box could be one of them.

How big is this? One of Kimwolf's control servers became the most visited domain on earth for a short period. More traffic than Google. This is Cloudflare data.

Between November 19 and 22, the botnet issued 1.7 billion attack commands. In three days. Spraying DDoS attacks randomly across the internet. It looked like the operators were showing off. Building reputation. Proving what they can do.

The infected devices are mostly cheap Android TV boxes. They run outdated firmware, never receive security updates.

Affected device models:
→ TV BOX
→ SuperBOX
→ X96Q
→ MX10
→ SmartTV
→ HiDPTAndroid
→ P200

Countries with most infections:
→ Brazil: 14.6%
→ India: 12.7%
→ USA: 9.6%
→ Argentina: 7.2%
→ South Africa: 3.9%
→ Philippines: 3.6%

Kimwolf is hard to stop. The operators use multiple evasion techniques that make security researchers' jobs extremely difficult.

DNS-over-TLS hides their communication. The malware sends encrypted DNS queries to Google (8.8.8.8) or Cloudflare (1.1.1.1) on port 853. Traditional network monitoring doesn't catch it.

They also use XOR obfuscation for their server IPs. The address you see in DNS isn't real. The malware takes the last 4 bytes and XORs them with a hardcoded key to get the actual IP. Intercepting traffic shows you the wrong destination.

When researchers started taking down their infrastructure, the operators upgraded to blockchain. They now use an Ethereum Name Service domain to store their C2 addresses. Decentralized. Can't be seized by authorities. Can't be blocked by ISPs.

After researchers took over one of their domains, the hackers responded within hours: "we have 100s of servers keep trying LOL!" But they weren't bluffing. Every takedown was followed by new infrastructure within a day.

What does Kimwolf actually do with your device?

96.5% of all commands are for proxy services. Your TV box becomes part of a network that routes criminal traffic. Hackers, fraudsters, and anyone who needs to hide their real location pays to use your IP address.

The remaining 3.5% is DDoS attacks. The botnet supports 13 different attack methods across UDP, TCP, and ICMP. Estimated total capacity: around 30 Tbps. This is not theoretical. The same group already broke DDoS records this year with a 29.6 Tbps attack on gaming platforms.

The operators also installed ByteConnect SDK on infected devices. It's a "legitimate" monetization tool that sells bandwidth. With 1.8 million devices, researchers estimate they're making around $88,200 per month.

Researchers found that Kimwolf shares code and infrastructure with AISURU, another massive botnet responsible for some of the largest DDoS attacks ever recorded. Same group. Different tools.

Are you affected?

Cheap Android TV box with no updates for years? It might be compromised.

→ Unusually high network traffic
→ Device running hot even when idle
→ Slower internet speeds
→ Strange outbound connections in your router logs

What you can do:

→ Check your router's connected devices list for unusual activity. If your TV box is constantly sending data when you're not using it, something is wrong.
→ Avoid cheap Android TV boxes from unknown manufacturers.
→ Never install APKs from unknown sources on streaming devices.
→ If your device hasn't received updates in over a year, consider replacing it.

Millions of these devices will stay infected. They're abandoned by their makers and forgotten by their owners. Perfect for botnet operators.

Security researchers at QiAnXin XLab exposed this botnet after noticing that strange domain climbing to #1 globally. Their full technical report includes IOCs, malware hashes, and infrastructure details for anyone doing threat hunting.

Your entertainment device is someone else's weapon.

Want to understand how botnets work, how attackers maintain persistence, and how to analyze network traffic for malicious activity? I cover malware analysis, network attacks, and post-exploitation techniques in my ethical hacking course:
→ https://www.udemy.com/course/ethical-hacking-complete-course-zero-to-expert/?couponCode=FEBRUARY26

(The link supports me directly as your instructor!)

Hacking is not a hobby but a way of life. 🎯



Research & writing: Jolanda de Koff | HackingPassion.com
Sharing is fine. Copying without credit is not.

There’s a step-change coming in digital systems. #Quantum computing will power humanity to new heights, says Accenture expert Tom Patterson, allowing us to probe the origins of the universe and solve some of our greatest challenges. But with these soaring capabilities come new levels of threat, as the immense power of #quantumcomputing undermines the encryption that supports digital systems. How do businesses protect themselves from this oncoming tidal wave? Patterson has 3 key takeaways. Accenture is a partner in the World Economic Forum’s Quantum Application Hub, a platform that offers leaders, policy-makers and executives direct experience of quantum technologies. Learn more about it here: https://ow.ly/GehF50WrZZy

A massive new botnet, Kimwolf, briefly surpassed Google on the top websites chart. With 1.8 million Android devices and counting, a botnet of such scale is capable of launching unseen cyberattacks