Plus, Safari security foiled by… a finger swipe? Roundup This week we wrangled with alleged Russian election meddling, hundreds of millions of username-password combos spilled online , Oracle mega-patches , and cliams of RICO swap-gangs .…
Read more here:
DDoS sueball, felonious fonts, leaky Android file manager, blundering building security, etc etc
Two men who launched DDoS attacks against a variety of targets have received substantial prison sentences on Friday. Attacks against Liberian telecom 30-year-old Daniel Kaye (aka “BestBuy”), from Egham, Surrey (UK) has been sentenced to spend 2 years and 8 months in prison for DDoS attacks targeting the Liberian telecommunications provider Lonestar MTN in 2015. According to the UK National Crime Agency (NCA), Kaye first used rented botnets and stressor services to attack Lonestar. He … More ? The post Hackers who DDoSed African telecom and US hospital get long prison sentences appeared first on Help Net Security .
See the original article here:
Hackers who DDoSed African telecom and US hospital get long prison sentences
Bloke binned at Blackfriars for blasting botnet to bork broadband A Surrey man has been jailed for 32 months after admitting to launching distributed denial-of-service (DDoS) attacks against an African telco.…
More:
Brit hacker hired by Liberian telco to nobble rival now behind bars
Healthcare networks pummeled amid drama over teen girl’s custody Five months after he was found guilty of orchestrating a distributed denial-of-service attack against US healthcare providers, the self-styled Anonymous hacker Martin Gottesfeld has been sentenced to 121 months in prison.…
Continue reading here:
No plain sailing for Anon hacktivist picked up by Disney cruise ship: 10 years in the cooler for hospital DDoS caper
Cisco has plugged a heap of security holes in many of its products, including two vulnerabilities (one critical) that open its email security appliances to denial of service attacks. About the vulnerabilities Both vulnerabilities affect the Cisco AsyncOS Software for Cisco Email Security Appliances, and can be exploited remotely by unauthenticated attackers. CVE-2018-15453 can be exploited by sending a malicious S/MIME-signed email through a targeted device. “If Decryption and Verification or Public Key Harvesting is … More ? The post Cisco fixes serious DoS flaws in its email security appliances appeared first on Help Net Security .
Continue reading here:
Cisco fixes serious DoS flaws in its email security appliances
Attackers looking to add IoT devices to their botnets are increasingly adding vulnerability exploitation to their attack arsenal, Netscout researchers warn. Instead on just relying on a list of common or default passwords or brute-forcing attacks, they are taking advantage of the fact that IoT devices are rarely updated and manufacturers take a lot of time to push out fixes for known flaws. Currently under exploitation In November 2018, the company detected many exploitation attempts … More ? The post Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets appeared first on Help Net Security .
See the article here:
Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets
Check Point has published its latest Global Threat Index for November 2018. The index reveals that the Emotet botnet has entered the Index’s top 10 ranking after researchers saw it spread through several campaigns, including a Thanksgiving-themed campaign. This involved sending malspam emails in the guise of Thanksgiving cards, containing email subjects such as happy “Thanksgiving day wishes”, “Thanksgiving wishes” and “the Thanksgiving day congratulation!” These emails contained malicious attachments, often with file names related … More ? The post November 2018: Most wanted malware exposed appeared first on Help Net Security .
Follow this link:
November 2018: Most wanted malware exposed
OpenSSH, a suite of networking software that allows secure communications over an unsecured network, is the most common tool for system administrators to manage rented Linux servers. And given that over one-third of public-facing internet servers run Linux, it shouldn’t come as a surprise that threat actors would exploit OpenSSH’s popularity to gain control of them. How severe is the threat? Nearly five years ago, ESET researchers helped to disrupt a 25 thousand-strong botnet of … More ? The post Old and new OpenSSH backdoors threaten Linux servers appeared first on Help Net Security .
View article:
Old and new OpenSSH backdoors threaten Linux servers
NTT Communications expanded its DDoS Protection Services (DPS) with the addition of DPS Max. The new solution is the service for Global IP Network (GIN) customers that require protection from DDoS attacks, including attack detection and auto-mitigation capabilities. DDoS attacks can strike at any time, potentially crippling network infrastructure and degrading the performance and reachability of a website or other IP-accessible system. Depending upon the type and severity of an attack, the impact can result … More ? The post NTT Communications expands its DDoS Protection Services with DPS Max appeared first on Help Net Security .
More:
NTT Communications expands its DDoS Protection Services with DPS Max
Feds, Google, security orgs dismantle fraud botnet, eight people charged A collection of cybersecurity companies, Google, and the Feds are sharing details on how they uncovered and dismantled a massive ad-fraud operation known as “3ve” (pronounced “Eve”.)…