News
Cloudflare stomps huge DDoS attack on crypto platform
Cloudflare this month halted a massive distributed denial-of-service (DDoS) attack on a cryptocurrency platform that not only was unusual in its sheer size but also because it was launched over HTTPS and primarily originated from cloud datacenters rather than residential internet service providers (ISPs).…
Money or your business: Ensure your ransomware defense strategy beats off disruptions, extortions
Sponsored Feature The mass pandemic-driven migration to remote working has been a significant threat vector which precipitated a surge in cyberattacks last year. Prominent among these were ransomware attacks, which rose by 92.7 percent year-on-year in 2021, according to consulting firm NCC Group.…
Five Eyes nations reveal 2021's fifteen most-exploited flaws
Security flaws in Log4j, Microsoft Exchange, and Atlassian's workspace collaboration software were among the bugs most frequently exploited by "malicious cyber actors" in 2021 , according to a joint advisory by the Five Eyes nations' cybersecurity and law enforcement agencies.…
Microsoft points at Linux and shouts: Look, look! Privilege-escalation flaws here, too!
Flaws in networkd-dispatcher, a service used in some parts of the Linux world, can be exploited by a rogue logged-in user or application to escalate their privileges to root level, allowing the box to be commandeered, Microsoft researchers said Wednnesday.…
Looking for the latest insight to ensure cyber security in the long term? It’s right here
Sponsored Post The threat of ransomware or nation state attacks might open-up corporate wallets for short-term cyber-security investment but working out how to develop both your security team and your defenses for the long-term calls for a little more sophistication.…
Feds offer big rewards for info on suspected Russian Sandworm intel officers
Uncle Sam will dole out up to $10 million for vital information on each of six Russian GRU officers linked to the Kremlin-backed Sandworm gang, who, according to the Feds, have plotted to carry out destructive cyber-attacks against American critical infrastructure.…
China turns cyber-espionage eyes to Russia as Ukraine invasion grinds on
China appears to be entering a raging cyber-espionage battle that's grown in line with Russia's unprovoked attack on Ukraine, deploying advanced malware on the computer systems of Russian officials.…
Chinese drone-maker DJI suspends ops in Russia, Ukraine
In a first for a major Chinese tech company, drone-maker DJI Technologies announced on Tuesday that it will temporarily suspend business in both Russia and Ukraine.…
Should security teams be giving service with a smile?
Advertorial As security professionals, we aren’t known for our levity. True, we’re often fire-fighting serious incidents with potentially profound consequences for the organisation, and our career prospects. But our relationships with others are usually characterised by policing and enforcement rather than engagement and support.…
Study: How Amazon uses Echo smart speaker conversations to target ads
Amazon and third-party services have been using smart speaker interaction data for ad targeting, in violation of privacy commitments, according to researchers at four US universities.…
Who is exploiting VMware right now? Probably Iran's Rocket Kitten, to name one
A team of Iranian cyber-spies dubbed Rocket Kitten, for one, is likely behind attempts to exploit a critical remote-code execution vulnerability in VMware's identity management software, according to endpoint security firm Morphisec.…
Coca-Cola probes pro-Kremlin gang's claims of 161GB data theft
Coca-Cola confirmed it's probing a possible network intrusion after the Stormous cybercrime gang claimed it stole 161GB of data from the beverage giant.…
USA's plan to decouple its tech with China lacks a strategy – report
The USA's policy of decoupling its technology industries from China lacks a strategy, a theory of success, and an understanding of how to achieve its ill-defined goals, according to a new paper by Jon Bateman from the thinktank Carnegie Endowment for International Peace (CEIP).…
DDoS attacks at an all-time-high in Q1 2022, says Kaspersky
Kaspersky has released a report showing Distributed Denial of Service (DDoS) attacks hit an all-time-high in the first quarter of 2022.…
Microsoft fixes Point of Sale bug that delayed Windows 11 startup for 40 minutes
A fresh Windows 11 patch slipped out overnight as an optional update, but contains an impressively long list of fixes for Microsoft's flagship operating system.…
India inks tech pact with EU – only the US has the same deal
India's government and the European Union have signed up to create a "Trade and Technology Council" – an entity the EU has previously only created to enhance its relationship with the United States.…
Crooks steal NFTs worth '$3m' in Bored Ape Yacht Club heist
Crooks stole non-fungible tokens (NFTs) said to be worth about $3 million after breaking into the Bored Ape Yacht Club's Instagram account and posting a link to a copycat website that sought to harvest marks' assets. …
Intuit sued over alleged cryptocurrency thefts via Mailchimp intrusion
Intuit is being sued in the US after a security failure at its Mailchimp email marketing business allegedly led to the theft of cryptocurrency from one or more digital wallets.…
Homeland Security bug bounty program uncovers 122 holes in its systems
The first bug bounty program by America's Homeland Security has led to the discovery and disclosure of 122 vulnerabilities, 27 of which were deemed critical.…
Flaw could have granted criminals control over Ever Surf crypto wallets
A flaw detected in the browser version of the Ever Surf cryptocurrency wallet could have given hackers who exploited it full control over a targeted user's wallet, say threat hunters at Check Point Research.…
Pages
