Cloudflare stomps huge DDoS attack on crypto platform

The Register - Thu, 28/04/2022 - 16:30
At 15.3 million requests per second, the assault was the largest HTTPS blitz on record lasting 15 seconds

Cloudflare this month halted a massive distributed denial-of-service (DDoS) attack on a cryptocurrency platform that not only was unusual in its sheer size but also because it was launched over HTTPS and primarily originated from cloud datacenters rather than residential internet service providers (ISPs).…

Categories: News

Money or your business: Ensure your ransomware defense strategy beats off disruptions, extortions

The Register - Thu, 28/04/2022 - 08:15
Multi-layered protection from Huawei curbs ransomware attacks

Sponsored Feature  The mass pandemic-driven migration to remote working has been a significant threat vector which precipitated a surge in cyberattacks last year. Prominent among these were ransomware attacks, which rose by 92.7 percent year-on-year in 2021, according to consulting firm NCC Group.…

Categories: News

Five Eyes nations reveal 2021's fifteen most-exploited flaws

The Register - Thu, 28/04/2022 - 02:46
Malicious cyber actors go after 2021's biggest misses, spend less time on the classics

Security flaws in Log4j, Microsoft Exchange, and Atlassian's workspace collaboration software were among the bugs most frequently exploited by "malicious cyber actors" in 2021 , according to a joint advisory by the Five Eyes nations' cybersecurity and law enforcement agencies.…

Categories: News

Microsoft points at Linux and shouts: Look, look! Privilege-escalation flaws here, too!

The Register - Wed, 27/04/2022 - 23:15
Will Redmond start code-naming Windows make-me-admin bugs?

Flaws in networkd-dispatcher, a service used in some parts of the Linux world, can be exploited by a rogue logged-in user or application to escalate their privileges to root level, allowing the box to be commandeered, Microsoft researchers said Wednnesday.…

Categories: News

Looking for the latest insight to ensure cyber security in the long term? It’s right here

The Register - Wed, 27/04/2022 - 20:56
Because digital transformation means transforming security first

Sponsored Post  The threat of ransomware or nation state attacks might open-up corporate wallets for short-term cyber-security investment but working out how to develop both your security team and your defenses for the long-term calls for a little more sophistication.…

Categories: News

Feds offer big rewards for info on suspected Russian Sandworm intel officers

The Register - Wed, 27/04/2022 - 18:46
A different type of bug bounty

Uncle Sam will dole out up to $10 million for vital information on each of six Russian GRU officers linked to the Kremlin-backed Sandworm gang, who, according to the Feds, have plotted to carry out destructive cyber-attacks against American critical infrastructure.…

Categories: News

China turns cyber-espionage eyes to Russia as Ukraine invasion grinds on

The Register - Wed, 27/04/2022 - 15:00
State-sponsored Bronze President group launches cyber-espionage malware campaign against notional ally

China appears to be entering a raging cyber-espionage battle that's grown in line with Russia's unprovoked attack on Ukraine, deploying advanced malware on the computer systems of Russian officials.…

Categories: News

Chinese drone-maker DJI suspends ops in Russia, Ukraine

The Register - Wed, 27/04/2022 - 09:15
First Middle Kingdom company to take a stance says it doesn't want anyone weaponizing its flying machines

In a first for a major Chinese tech company, drone-maker DJI Technologies announced on Tuesday that it will temporarily suspend business in both Russia and Ukraine.…

Categories: News

Should security teams be giving service with a smile?

The Register - Wed, 27/04/2022 - 08:15
Our Vectra Masked CISO series tackles some of the biggest issues in security and how to overcome them

Advertorial  As security professionals, we aren’t known for our levity. True, we’re often fire-fighting serious incidents with potentially profound consequences for the organisation, and our career prospects. But our relationships with others are usually characterised by policing and enforcement rather than engagement and support.…

Categories: News

Study: How Amazon uses Echo smart speaker conversations to target ads

The Register - Wed, 27/04/2022 - 07:52
Web giant milks advertisers with data harvested from digital assistant

Amazon and third-party services have been using smart speaker interaction data for ad targeting, in violation of privacy commitments, according to researchers at four US universities.…

Categories: News

Who is exploiting VMware right now? Probably Iran's Rocket Kitten, to name one

The Register - Tue, 26/04/2022 - 21:52
We hope you've patched that 9.8/10 severity bug

A team of Iranian cyber-spies dubbed Rocket Kitten, for one, is likely behind attempts to exploit a critical remote-code execution vulnerability in VMware's identity management software, according to endpoint security firm Morphisec.…

Categories: News

Coca-Cola probes pro-Kremlin gang's claims of 161GB data theft

The Register - Tue, 26/04/2022 - 19:58
Life tastes not so good right now

Coca-Cola confirmed it's probing a possible network intrusion after the Stormous cybercrime gang claimed it stole 161GB of data from the beverage giant.…

Categories: News

USA's plan to decouple its tech with China lacks a strategy – report

The Register - Tue, 26/04/2022 - 17:30
Thinktank, and former Google CEO Eric Schmidt, call for proper policy development

The USA's policy of decoupling its technology industries from China lacks a strategy, a theory of success, and an understanding of how to achieve its ill-defined goals, according to a new paper by Jon Bateman from the thinktank Carnegie Endowment for International Peace (CEIP).…

Categories: News

DDoS attacks at an all-time-high in Q1 2022, says Kaspersky

The Register - Tue, 26/04/2022 - 15:30
More attacks and more targeted attacks than ever before. What could have happened to cause that uptick?

Kaspersky has released a report showing Distributed Denial of Service (DDoS) attacks hit an all-time-high in the first quarter of 2022.…

Categories: News

Microsoft fixes Point of Sale bug that delayed Windows 11 startup for 40 minutes

The Register - Tue, 26/04/2022 - 12:32
You thought hunting for discount vouchers took a while? That's nothing compared to Windows booting on a till

A fresh Windows 11 patch slipped out overnight as an optional update, but contains an impressively long list of fixes for Microsoft's flagship operating system.…

Categories: News

India inks tech pact with EU – only the US has the same deal

The Register - Tue, 26/04/2022 - 08:32
Meanwhile, UK and India finally explain Cyber Security Partnership agreed to in May 2021

India's government and the European Union have signed up to create a "Trade and Technology Council" – an entity the EU has previously only created to enhance its relationship with the United States.…

Categories: News

Crooks steal NFTs worth '$3m' in Bored Ape Yacht Club heist

The Register - Tue, 26/04/2022 - 02:00
Worth doing a lot of heavy lifting there, we know

Crooks stole non-fungible tokens (NFTs) said to be worth about $3 million after breaking into the Bored Ape Yacht Club's Instagram account and posting a link to a copycat website that sought to harvest marks' assets. …

Categories: News

Intuit sued over alleged cryptocurrency thefts via Mailchimp intrusion

The Register - Mon, 25/04/2022 - 23:15
Financial software giant slammed for 'poor security practices'

Intuit is being sued in the US after a security failure at its Mailchimp email marketing business allegedly led to the theft of cryptocurrency from one or more digital wallets.…

Categories: News

Homeland Security bug bounty program uncovers 122 holes in its systems

The Register - Mon, 25/04/2022 - 20:55
Thinking of another word for this US govt department's name

The first bug bounty program by America's Homeland Security has led to the discovery and disclosure of 122 vulnerabilities, 27 of which were deemed critical.…

Categories: News

Flaw could have granted criminals control over Ever Surf crypto wallets

The Register - Mon, 25/04/2022 - 16:30
Check Point uncovers web vulnerability that could have led to cryptocurrency theft

A flaw detected in the browser version of the Ever Surf cryptocurrency wallet could have given hackers who exploited it full control over a targeted user's wallet, say threat hunters at Check Point Research.…

Categories: News


Subscribe to Sec Tec Limited aggregator - News