Tag Archives: europe

The removal of Qakbot from infected computers is just the first step

The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by specially crafted FBI software. Arranging a widespread Qakbot removal The Qakbot administrators use a system of tiered servers (Tier 1, Tier 2, and Tier 3) to control the Qakbot malware installed on infected computers. “Tier 1 servers are computers infected with Qakbot that have an additional software ‘supernode’ module installed … More ? The post The removal of Qakbot from infected computers is just the first step appeared first on Help Net Security .

See the original post:
The removal of Qakbot from infected computers is just the first step

Akamai: We stopped record DDoS attack in Europe

A ‘sophisticated, global botnet’ held an Eastern European biz under siege over 30 days Akamai Technologies squelched the largest-ever distributed denial-of-service (DDoS) attack in Europe earlier this month against a company that was being consistently hammered over a 30-day period.…

View article:
Akamai: We stopped record DDoS attack in Europe

Huawei’s half-arsed router patching left kit open to botnets: Chinese giant was warned years ago – then bungled it

ISP alerted biz to UPnP flaw in 2013. Years later, same flaw kept cropping up Exclusive   Huawei bungled its response to warnings from an ISP’s code review team about a security vulnerability common across its home routers – patching only two models rather than all of its products that used the same flawed firmware.…

Continue Reading:
Huawei’s half-arsed router patching left kit open to botnets: Chinese giant was warned years ago – then bungled it

Starbucks site slurped, Z-Wave locks clocked, mad Mac Monero mining malware and much more

Some security bites for the long weekend Roundup   While this week was dominated by news of a new Spectre variant , the VPNFilter botnet , and TalkTalk’s badbad routersrouters , plenty of other stories popped up.…

Read this article:
Starbucks site slurped, Z-Wave locks clocked, mad Mac Monero mining malware and much more

World’s biggest DDoS-for-hire souk shuttered, masterminds cuffed

Webstresser.org taken down by Europol plod and chums Cops yesterday cuffed IT admins behind the “world’s biggest DDoS marketplace”, webstresser.org, Europol confirmed today.…

Visit site:
World’s biggest DDoS-for-hire souk shuttered, masterminds cuffed

74 Percent of Companies that Suffer a Data Breach Don’t Know How It Happened

And just two thirds of IT pros say their current IT security budget is sufficient, a recent survey found. According to the results of a recent survey [PDF] of 250 IT professionals, 34 percent of companies in the U.S. were breached in the past year, and 74 percent of the victims don’t know how it happened. The survey, conducted by iSense Solutions for Bitdefender, also found that two thirds of companies would pay an average of $124,000 to avoid public shaming after a breach, while 14 percent would pay more than $500,000. One third of CIOs say their job has become more important in their company’s hierarchy, and another third say their job has been completely transformed in the past few years. And while nine in 10 IT decision makers see IT security as a top priority for their companies, only two thirds say their IT security budget is suifficient — the remainder say they would need an increase of 34 percent on average to deliver efficient security policies. Cloud security spending increased in the past year at 48 percent of companies, while the budget for other security activities remained the same. On average, respondents say only 64 percent of cyber attacks can be stopped, detected or prevented with their current resources. Separately, a survey of 403 IT security professionals in the U.S., U.K., Canada and Europe found that only three percent of organizations have the technology in place and only 10 percent have the skills in place to address today’s leading attack types. The survey, conducted by Dimensional Research and sponsored by Tripwire, also found that just 44 percent of organizations have the skills, and 43 percent have the technology, to address ransomware attacks effectively. “Most organizations can reasonably handle one or two key threats, but the reality is they need to be able to defend against them all,” Tripwire senior director of IT security and risk strategy Tim Erlin said in a statement. “As part of the study, we asked respondents which attack types have the potential to do the greatest amount of damage to their organization. While ransomware was cited as the top threat, all organizations were extremely concerned about phishing, insider threats, vulnerability exploitation and DDoS attacks.” Respondents felt most confident in their skills to handle phishing (68 percent) and DDoS attacks (60 percent), but less confident in their abilities to deal with insider threats (48 percent) and vulnerability exploitations (45 percent). Similarly, respondents felt more confident in the technology they have in place to address phishing (56 percent) and DDoS attacks (63 percent), but less confident in the technology to address insider threats (41 percent) and vulnerabilities (40 percent). A separate survey of 5,000 U.S. consumers by Kaspersky Lab and HackerOne found that 22 percent of respondents are more likely to make a purchase if they know a company hired hackers to help boost security. Knowing what they do about their own company’s cyber security practices, just 36 percent of respondents said they would choose to be a customer of their own employer. Almost two in five U.S. adults don’t expect companies to pay a ransom if hit by ransomware. When asked what types of data they would expect a company to pay a ransom for, 43 percent expect companies to do so for employee Social Security numbers, followed by customer banking details (40 percent) and employee banking details (39 percent). Source: http://www.esecurityplanet.com/network-security/74-percent-of-companies-that-suffer-a-data-breach-dont-know-how-it-happened.html

Read this article:
74 Percent of Companies that Suffer a Data Breach Don’t Know How It Happened

Law enforcement operation targets users of DDoS tools

From 5 to 9 December 2016, Europol and law enforcement authorities from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States carried out a coordinated action targeting users of DDoS tools, leading to 34 arrests and 101 suspects interviewed and cautioned. Europol’s European Cybercrime Centre (EC3) supported the countries in their efforts to identify suspects in the EU and beyond, mainly young adults under the … More ?

See the article here:
Law enforcement operation targets users of DDoS tools

Protecting smart hospitals: A few recommendations

The European Union Agency for Network and Information Security (ENISA) has released a new report to help IT and security officers of healthcare organizations implement IoT devices securely and protect smart hospitals from a variety of threats. We all know that attacks against hospitals are increasing, but according to security experts, ransomware and DDoS attacks are just the start. The report, compiled with the help of infosec officers from several European hospitals and consultants and … More ?

Read the article:
Protecting smart hospitals: A few recommendations

DDoS attack that disrupted internet was largest of its kind in history, experts say

Dyn, the victim of last week’s denial of service attack, said it was orchestrated using a weapon called the Mirai botnet as the ‘primary source of malicious attack’ The cyber-attack that brought down much of America’s internet last week was caused by a new weapon called the Mirai botnet and was likely the largest of its kind in history, experts said. The victim was the servers of Dyn, a company that controls much of the internet’s domain name system (DNS) infrastructure. It was hit on 21 October and remained under sustained assault for most of the day, bringing down sites including Twitter, the Guardian, Netflix, Reddit, CNN and many others in Europe and the US. The cause of the outage was a distributed denial of service (DDoS) attack, in which a network of computers infected with special malware, known as a “botnet”, are coordinated into bombarding a server with traffic until it collapses under the strain. What makes it interesting is that the attack was orchestrated using a weapon called the Mirai botnet. According to a blogpost by Dyn published on Wednesday, Mirai was the “primary source of malicious attack traffic”. Unlike other botnets, which are typically made up of computers, the Mirai botnet is largely made up of so-called “internet of things” (IoT) devices such as digital cameras and DVR players. Because it has so many internet-connected devices to choose from, attacks from Mirai are much larger than what most DDoS attacks could previously achieve. Dyn estimated that the attack had involved “100,000 malicious endpoints”, and the company, which is still investigating the attack, said there had been reports of an extraordinary attack strength of 1.2Tbps. To put that into perspective, if those reports are true, that would make the 21 October attack roughly twice as powerful as any similar attack on record. David Fidler, adjunct senior fellow for cybersecurity at the Council on Foreign Relations, said he couldn’t recall a DDoS attack even half as big as the one that hit Dyn. Mirai was also used in an attack on the information security blog Krebs on Security, run by the former Washington Post journalist Brian Krebs, in September. That one topped out at 665 Gbps. “We have a serious problem with the cyber insecurity of IoT devices and no real strategy to combat it,” Fidler said. “The IoT insecurity problem was exploited on this significant scale by a non-state group, according to initial reports from government agencies and other experts about who or what was responsible. “Imagine what a well-resourced state actor could do with insecure IOT devices,” he added. According to Joe Weiss, the managing partner at the cybersecurity firm Applied Control Solutions and the author of Protecting Industrial Control Systems from Electronic Threats, it is hard to know what Mirai could become. “A lot of these cyber-attacks start out as one particular type of attack and then they morph into something new or different,” he said. “A lot of this is modular software. “I can’t speak for anyone else,” Weiss continued. “[But] I don’t know that we really understand what the endgame is.” Source: https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet

Original post:
DDoS attack that disrupted internet was largest of its kind in history, experts say

World Of Warcraft: Legion’ Goes Down As Blizzard Servers Hit With DDoS

To commemorate the launch of the latest  World of Warcraft  expansion,  Legion , Blizzard’s servers were taken down by a DDoS (distributed denial of service) attack on Wednesday. This came a day late, as the expansion actually launched on Tuesday. But when it comes to ruining other peoples’ fun, better late than never. This lined up with a similar attack that brought down the  Battlefield 1  open beta for most of the day yesterday, as EA’s servers were hit. The Blizzard attack began in Europe, then spread across the globe. It didn’t just take down  Legion.  Other games, like  Overwatch , were also impacted. This was the second major DDoS attack against Blizzard in August. The last attack hit early in the month, and was apparently retaliation for Blizzard’s banning of cheaters.  How classy. Part of a game developer’s job is to keep legit players around, and a big part of that in multiplayer games is protecting honest players from cheaters. Retaliating against a company for doing its job is absurd. As of now, Blizzard’s servers appear to be working again. Source: http://www.forbes.com/sites/erikkain/2016/09/01/world-of-warcraft-legion-goes-down-as-blizzard-servers-hit-with-ddos/#6bfb43ed3778

More:
World Of Warcraft: Legion’ Goes Down As Blizzard Servers Hit With DDoS