Cybersecurity Headlines International botnet takedown, California city ransomed, Azure Monitor phishing
15 snips
Mar 23, 2026 A multinational takedown of IoT-based DDoS botnets built from millions of devices. Ransomware disruptions hitting a California city and Los Angeles transit administrative systems. Attackers abusing legitimate Azure Monitor alerts to carry out callback phishing via real emails. Alerts about credential-phishing targeting Signal users and critical patches for widely used enterprise appliances and software.
AI Snips
Chapters
Transcript
Episode notes
International Takedown Reveals Massive IoT Botnet Scale
- Law enforcement and tech partners seized infrastructure for four DDoS botnets built from ~3 million compromised devices worldwide.
- The botnets (Isuru, KimWolf, JackSid, Mossad) primarily abused IoT devices like cameras and routers, with hundreds of thousands in the U.S. including behind firewalls.
California Town Paused Services After Ransomware
- Foster City halted public services (except emergencies) after a ransomware attack that forced a state of [emergency] declaration by City Manager Stefan Chatwin.
- The attack coincided with reported technical issues at Los Angeles Metro and a ransom claim from a gang.
Phishers Using Real Azure Monitor Alerts For Callback Scams
- Attackers leveraged legitimate Azure Monitor alerts to phish victims by including warnings about suspicious charges and a callback number inside genuine Microsoft-sent messages.
- Messages arrived from azure-noreplyatmicrosoft, not spoofed, making them unusually convincing and harder to detect.