Tag Archives: featured news

Free training courses on DDoS protection, from introduction to mitigation

The DDoS Protection Bootcamp is the first online portal to provide in-depth technical training in the field of DDoS protection. If you’re involved in IT security or network operations, you know that DDoS attacks are a problem that’s not going away. Recent studies indicate that almost 75% of organizations have suffered at least one attack over the past 12 months. What’s inside? This comprehensive quiz-based training course, available at both the Basic and Advanced levels, … More ? The post Free training courses on DDoS protection, from introduction to mitigation appeared first on Help Net Security .

Originally posted here:
Free training courses on DDoS protection, from introduction to mitigation

Protecting consumers from mobile and IoT threats

A new report by Allot Communications revealed a dynamic and automated threat landscape in which consumers lack the security expertise to effectively protect themselves. Mobile and Internet of Things continue to be primary attack vectors, contributing to a spike in cryptojacking, adware, and DDoS attacks. The Telco Security Trends Report is based on anonymous data gathered from four communications service providers (CSPs) across Europe and Israel, who between them, protect seven million customers. It found … More ? The post Protecting consumers from mobile and IoT threats appeared first on Help Net Security .

Read More:
Protecting consumers from mobile and IoT threats

DHS, FBI warn about malware tied to North Korean threat actor

US-CERT has released a new technical alert on malware used by Hidden Cobra, a threat actor whose activities they believe to be directed by the North Korean government. The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have been documenting malware used by the group for a while now. This time, they warn about Joanap, a remote access tool (RAT) that is used “to establish peer-to-peer communications and to manage botnets … More ? The post DHS, FBI warn about malware tied to North Korean threat actor appeared first on Help Net Security .

More:
DHS, FBI warn about malware tied to North Korean threat actor

VPNFilter malware compromises over 500,000 networking devices around the world

Cisco Talos researchers have flagged a huge botnet of small and home office routers and NAS devices, capable of collecting communications and data and launching cyber attacks. About the VPNFilter malware The malware that makes it all possible has been dubbed VPNFilter. It’s persistent, modular, and delivered in several stages. The stage 1 malware’s main task is to persist through reboots and to discover the IP address of the current stage 2 deployment server. The … More ? The post VPNFilter malware compromises over 500,000 networking devices around the world appeared first on Help Net Security .

Visit link:
VPNFilter malware compromises over 500,000 networking devices around the world

Hacking for fun and profit: How one researcher is making IoT device makers take security seriously

We should all be so lucky to enjoy our work as much as Ken Munro does. Generally attracted by research that “looks fun” and particularly interested in probing the security of technologies that have yet to be comprehensively investigated by security researchers, for the past few years Munro has been poking and probing consumer Internet of Things devices, and doing things such as denial of service attacks on Wi-Fi-enabled kettles, or showing that you can … More ? The post Hacking for fun and profit: How one researcher is making IoT device makers take security seriously appeared first on Help Net Security .

Read More:
Hacking for fun and profit: How one researcher is making IoT device makers take security seriously

Real-time detection of consumer IoT devices participating in DDoS attacks

Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do someting about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of that equation can be relatively easily solved. As IoT traffic is often distinct from that of other Internet connected devices and as machine learning has proved promising for identifying malicious Internet traffic, they decided to use these facts to … More ? The post Real-time detection of consumer IoT devices participating in DDoS attacks appeared first on Help Net Security .

Read the original:
Real-time detection of consumer IoT devices participating in DDoS attacks

Cisco issues new, complete fixes for critical flaw in enterprise security appliances

Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch last Tuesday. This discovery also means that the fix they pushed out at the time is incomplete, and administrators now have to update the vulnerable software again. More on CVE-2018-0101 Initially, they thought that the vulnerability (CVE-2018-0101) only affected the webvpn feature of the Cisco Adaptive Security … More ?

View original post here:
Cisco issues new, complete fixes for critical flaw in enterprise security appliances

Widespread API use heightens cybersecurity risks

A new Imperva survey showed a heightened concern for cybersecurity risk related to API use. Specifically, 63 percent of respondents are most worried about DDoS threats, bot attacks, and authentication enforcement for APIs. APIs power the interactive digital experiences users love and are fundamental to an organization’s digital transformation. However, they also provide a window into an application that presents a heightened cybersecurity risk. The survey shows that 69 percent of organizations are exposing APIs … More ?

Read More:
Widespread API use heightens cybersecurity risks

IoT malware targeting zero-day vulnerabilities

Once it became evident that IoT devices can be relatively easily enslaved in botnets and that even their limited power can be used for a variety of nefarious purposes, it was open season for malicious actors. First, they targeted IoT devices with default or weak passwords, and manufacturers and users began changing them. Then they used known vulnerabilities, and IoT vendor increased their efforts to push out patches. Now, some of the botmasters are making … More ?

More here:
IoT malware targeting zero-day vulnerabilities

Q3 2017 Global DDoS Threat Landscape Report released

The newly released Q3 2017 Global DDoS Threat Landscape Report from Imperva Incapsula features insights on attacks and mitigation. These are some of the key findings: Bitcoin was one of the most targeted industries High packet rate attacks grew more common A third of network layer attacks were highly persistent Botnet activity out of India and Turkey continued to climb.

Read the article:
Q3 2017 Global DDoS Threat Landscape Report released