Monthly Archives: August 2021

Israeli firm Bright Data named as enabler of Philippines government DDOS attacks on opposition groups

This one has it all: a leaky VPN, creepy proxy networks, 8Chan, clouds hosting wonky workloads, and Swedish digital rights org Qurium Looks like a case of abuse of the service and/or being careless with what your customers get up to. Swedish digital rights organisation Qurium has alleged that an Israeli company called Bright Data has helped the government of the Philippines to DDOS local human rights organisation Karapatan.…

Read More:
Israeli firm Bright Data named as enabler of Philippines government DDOS attacks on opposition groups

Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit

Researchers warn of Dark.IoT’s rapidly evolving nasty A denial-of-service vulnerability affecting SDKs for Realtek chipsets used in 65 vendors’ IoT devices has been incorporated into a son-of-Mirai botnet, according to new research.…

More:
Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit

Kubescape helps admins manage Kubernetes securely

Kubescape is an open-source tool for testing if Kubernetes is deployed securely, as defined in the recently released Kubernetes Hardening Guidance by NSA and CISA. About Kubernetes (“K8s”) Kubernetes is an open-source platform for automating the deployment, scaling, and management of application containers across clusters of hosts. “Kubernetes is commonly targeted for three reasons: data theft, computational power theft, or denial of service. Data theft is traditionally the primary motivation; however, cyber actors may attempt … More ? The post Kubescape helps admins manage Kubernetes securely appeared first on Help Net Security .

Original post:
Kubescape helps admins manage Kubernetes securely

Razer to fix Windows installer that grants admin powers if you plug in a mouse

Plus: Cloudflare tackles huge DDoS attack, Apple and CSAM, and more In brief   Razer is working on an updated installer after it was discovered you can gain admin privileges on Windows by plugging in one of the gaming gear maker’s mice or keyboards.…

Taken from:
Razer to fix Windows installer that grants admin powers if you plug in a mouse

Razer ponders how to fix installer that grants admin powers if you plug in a mouse

Plus: Cloudflare tackles huge DDoS attack, Apple and CSAM, and more In brief   Razer is said to be working on an updated installer after it was discovered you can gain admin privileges on Windows by plugging in one of the gaming gear maker’s mice or keyboards.…

More:
Razer ponders how to fix installer that grants admin powers if you plug in a mouse

Splunk spots malware targeting Windows Server on AWS to mine Monero

RDP-enabled instances attacked, perhaps via Iran and China, then use Telegram desktop client for command and control Data analysis firm Splunk says it’s found a resurgence of the Crypto botnet – malware that attacks virtual servers running Windows Server inside Amazon Web Services.…

More:
Splunk spots malware targeting Windows Server on AWS to mine Monero

ThreatX API Catalog enables enterprises to reduce risk and protect critical APIs

ThreatX announced new API Catalog capabilities to provide enterprises with a clear view of their API’s attack surface, as well as the operational health of APIs in production. ThreatX supports DevOps and Security teams by assessing traffic in real-time to reduce risk and protect critical APIs from misconfiguration, DDoS, BOT attacks and malicious use. APIs are under constant assault by sophisticated attackers. Any downtime or data loss experienced as a result of an API attack … More ? The post ThreatX API Catalog enables enterprises to reduce risk and protect critical APIs appeared first on Help Net Security .

Read this article:
ThreatX API Catalog enables enterprises to reduce risk and protect critical APIs

Blocked DDoS attack volumes up, tech, healthcare and finance most targeted

Second quarter blocked DDoS attack volumes were up more than 40% compared to the same period in 2020, a Radware report reveals. The report provides an overview of DDoS attack trends by industry, as well as across applications and attack types. Notable takeaways On average, a company had to detect and block nearly 5,000 malicious events and a volume of 2.3TB per month during the second quarter of 2021. During the second quarter of 2021, … More ? The post Blocked DDoS attack volumes up, tech, healthcare and finance most targeted appeared first on Help Net Security .

Read the article:
Blocked DDoS attack volumes up, tech, healthcare and finance most targeted