Tag Archives: featured news

Guess what? You should patch Exim again!

Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by attackers to pull off remote code execution. With no mitigations available at this time, Exim maintainers urge admins to upgrade to version 4.92.3, which has been released on Sunday. About Exim and the flaw (CVE-2019-16928) According to E-Soft, Exim is the most widely used … More ? The post Guess what? You should patch Exim again! appeared first on Help Net Security .

See more here:
Guess what? You should patch Exim again!

Countering industrial cyberthreats with secure, standards-based, licensed wireless networks

Over the past few years, cyber threats aimed at a number of critical infrastructure targets have drawn our attention to the security of mission critical networks. These threats have included power grids in Ukraine and Ireland, U.S. energy companies and nuclear power plants, and most recently, at an electric utility on the West Coast where a distributed denial-of-service (DDoS) attack overwhelmed grid network systems with false Web traffic. This was the first documented digital attack … More ? The post Countering industrial cyberthreats with secure, standards-based, licensed wireless networks appeared first on Help Net Security .

Read more here:
Countering industrial cyberthreats with secure, standards-based, licensed wireless networks

Vulnerable TP-Link Wi-Fi extenders open to attack, patch now!

Several TP-Link Wi-Fi extender devices sport a critical remote code execution vulnerability that could allow attackers to take over the devices and command them with the same privileges of their legitimate user, IBM X-Force researcher Grzegorz Wypych warns. Aside from making the device part of a botnet, attackers could carry out sophisticated malicious activity by executing any shell command on the device’s operating system. “An attacker compromising this type of device, and the device being … More ? The post Vulnerable TP-Link Wi-Fi extenders open to attack, patch now! appeared first on Help Net Security .

Taken from:
Vulnerable TP-Link Wi-Fi extenders open to attack, patch now!

Global communications service providers struggling to fend off growing number of DDoS attacks

Global communications service providers, whose businesses are predicated on continuous availability and reliable service levels, are struggling to fend off a growing number of DDoS attacks against their networks. A lack of timely and actionable intelligence is seen as a major obstacle to DDoS protection, according to A10 Networks. The critical need for DDoS protection The A10 Networks study conducted by the Ponemon Institute highlights the critical need for DDoS protection that provides higher levels … More ? The post Global communications service providers struggling to fend off growing number of DDoS attacks appeared first on Help Net Security .

Follow this link:
Global communications service providers struggling to fend off growing number of DDoS attacks

Attackers actively exploiting Atlassian Confluence and Oracle WebLogic flaws

Attackers are actively exploiting recently fixed vulnerabilities in Oracle WebLogic and the Widget Connector macro in Atlassian Confluence to deliver ransomware, mine cryptocurrency and make the compromised machines participate in DDoS attacks. The Oracle WebLogic attacks CVE-2019-2725 is a deserialization remote command execution vulnerability that affects all Oracle WebLogic versions that have two specific components enabled. It was publicly revealed on April 21 and Oracle published an out-of-band security fix for it on April 25. … More ? The post Attackers actively exploiting Atlassian Confluence and Oracle WebLogic flaws appeared first on Help Net Security .

More:
Attackers actively exploiting Atlassian Confluence and Oracle WebLogic flaws

The correlation between DDoS attacks and cryptomining

There is a direct correlation between cryptocurrency and DDoS attacks. As the price of cryptocurrency dropped in 2018, leading to decreased profits from cryptomining, hackers on the black market began to divert prime botnet resources to DDoS attack activities, which increased month by month. DDoS attacks in 2018 In NSFOCUS’ 2018 DDoS Attack Landscape report, NSFOCUS analyzed the threat landscape after a landmark year of technological growth related to cloud computing, big data, artificial intelligence … More ? The post The correlation between DDoS attacks and cryptomining appeared first on Help Net Security .

More:
The correlation between DDoS attacks and cryptomining

IoT devices using CoAP increasingly used in DDoS attacks

IoT devices in synchronised attacks on targets represent a growing part of global Distributed Denial of Service (DDoS) weapon arsenals. There is a significant potential for attackers to use an IoT-related protocol, the Constrained Application Protocol (CoAP), deployed on IoT devices to marshal attacks. The A10 Networks report on the state of DDoS weapons in the first quarter of 2019 examines the types of weapons and attacks being used and where they are coming from. … More ? The post IoT devices using CoAP increasingly used in DDoS attacks appeared first on Help Net Security .

Continued here:
IoT devices using CoAP increasingly used in DDoS attacks

Attackers continue to enhance their performance, apply smart business techniques

During the second half of 2018, attackers bulked up existing tactics, rapidly evolvied new performance enhancements, and applied smart business techniques to vastly accelerate attack growth rate, according to the latest Threat Landscape Report by Netscout. IoT’s countdown to attack Constant targets of DDoS malware, IoT devices come under attack within five minutes of being plugged in and targeted by specific exploits within 24 hours. IoT security is minimal to nonexistent on many devices, making … More ? The post Attackers continue to enhance their performance, apply smart business techniques appeared first on Help Net Security .

Original post:
Attackers continue to enhance their performance, apply smart business techniques

Average DDoS attack volumes grew by 194% in 12 months

The volume and complexity of DDoS attacks continued to grow in Europe during the final quarter of 2018, according to Link11. While Link11’s Security Operations Center (LSOC) registered 13,910 attacks in Q4 (12.7% down compared to Q3), the average attack volume grew by 8.7% to 5Gbps, and 59% of attacks used multiple attack vectors. Key findings of Link11’s Q4 DDoS report include: Average attack volumes grew by 194% in 12 months: In Q4 2018, average … More ? The post Average DDoS attack volumes grew by 194% in 12 months appeared first on Help Net Security .

Read the original:
Average DDoS attack volumes grew by 194% in 12 months

SSDP amplification attacks rose 639%

The Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). Comparison between normal attack traffic and attack traffic with legitimate traffic This new vector exploits the large attack surface of ASN-level (autonomous system number) CSPs by spreading tiny attack traffic across hundreds of IP addresses to evade detection. The ongoing evolution of DDoS methods suggests that CSPs need to enhance their network security … More ? The post SSDP amplification attacks rose 639% appeared first on Help Net Security .

Continue Reading:
SSDP amplification attacks rose 639%