Monthly Archives: May 2023

Someone is roping Apache NiFi servers into a cryptomining botnet

If you’re running an Apache NiFi instance exposed on the internet and you have not secured access to it, the underlying host may already be covertly cryptomining on someone else’s behalf. The attack Indicators of the ongoing campaign were first spotted by the SANS Internet Storm Center when, on May 19th, their distributed sensor network detected a significant spike in requests for “/nifi.” After redirecting some of the requests to their honeypot system running the … More ? The post Someone is roping Apache NiFi servers into a cryptomining botnet appeared first on Help Net Security .

See the original article here:
Someone is roping Apache NiFi servers into a cryptomining botnet

New infosec products of the week: May 26, 2023

Here’s a look at the most interesting products from the past week, featuring releases from Axiado, Delinea, Netscout, Radware, and Veriff. Delinea Cloud Suite updates reduce the risk of lateral movement in cybersecurity breaches Delinea Cloud Suite updates include more granular support for just-in-time (JIT) and just-enough privilege access automation, and improved identity assurance through enforced human interaction when prompted for multi-factor authentication (MFA) at server log-in or privilege elevation. Radware Cloud Web DDoS Protection … More ? The post New infosec products of the week: May 26, 2023 appeared first on Help Net Security .

Original post:
New infosec products of the week: May 26, 2023

NETSCOUT introduces visibility and instrumentation for threat detection in 4G and 5G networks

NETSCOUT has introduced Arbor Sightline Mobile and MobileStream to answer mobile network operators’ (MNO) need for scalable, real-time visibility, detection, and mitigation of threats that can impact the performance and availability of 4G/5G mobile consumer services and network infrastructure. NETSCOUT continues to expand its Visibility Without Borders platform by combining its mobile network telemetry capabilities with its DDoS protection technology to provide MNOs with a solution to identify and eliminate malicious traffic before it impacts … More ? The post NETSCOUT introduces visibility and instrumentation for threat detection in 4G and 5G networks appeared first on Help Net Security .

Originally posted here:
NETSCOUT introduces visibility and instrumentation for threat detection in 4G and 5G networks

Radware Cloud Web DDoS Protection blocks Tsunami DDoS attacks

Radware has introduced a new Cloud Web DDoS Protection solution to minimize the growing gap between standard DDoS mitigation and an emerging generation of more aggressive, layer 7 (L7), HTTPS Flood attacks—also known as Web DDoS Tsunami attacks. Radware’s solution combats encrypted, high-volume, multi-vector threats that evade standard web application firewalls (WAF) and network-based DDoS tools, essentially rendering them ineffective. “The dramatic rise in Web DDoS Tsunami attacks poses an immediate cyber threat. Organizations worldwide … More ? The post Radware Cloud Web DDoS Protection blocks Tsunami DDoS attacks appeared first on Help Net Security .

Russian IT guy sent to labor camp for DDoSing Kremlin websites

Pro-Ukraine techie gets hard time A Russian IT worker accused of participating in pro-Ukraine denial of service attacks against Russian government websites has been sentenced to three years in a penal colony and ordered to pay 800,000 rubles (about $10,000). …

Originally posted here:
Russian IT guy sent to labor camp for DDoSing Kremlin websites

Europe: The DDoS battlefield

DDoS attacks appear to reflect major geo-political challenges and social tensions and have become an increasingly significant part in the hybrid warfare arsenal, according to Arelion. As the Ukrainian authorities sought a safe harbour for digital state registries and databases, Arelion saw the distribution of attacks move away from active conflict areas into global cloud centres – both as a result of damage to local network infrastructure, but also as local databases and applications were … More ? The post Europe: The DDoS battlefield appeared first on Help Net Security .

More:
Europe: The DDoS battlefield

FYI: Intel BootGuard OEM private keys leak from MSI cyber heist

Plus: Court-ordered domain seizures of DDoS-for-hire sites Intel is investigating reports that BootGuard private keys, used to protect PCs from hidden malware, were leaked when data belonging to Micro-Star International (MSI) was stolen and dumped online. …

Continue Reading:
FYI: Intel BootGuard OEM private keys leak from MSI cyber heist

Mirai botnet loves exploiting your unpatched TP-Link routers, CISA warns

Oracle and Apache holes also on Uncle Sam’s list of big bad abused bugs The US government’s Cybersecurity and Infrastructure Security Agency (CISA) is adding three more flaws to its list of known-exploited vulnerabilities, including one involving TP-Link routers that is being targeted by the operators of the notorious Mirai botnet.…

Read the original post:
Mirai botnet loves exploiting your unpatched TP-Link routers, CISA warns