Tag Archives: features-expert

Guess what? You should patch Exim again!

Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by attackers to pull off remote code execution. With no mitigations available at this time, Exim maintainers urge admins to upgrade to version 4.92.3, which has been released on Sunday. About Exim and the flaw (CVE-2019-16928) According to E-Soft, Exim is the most widely used … More ? The post Guess what? You should patch Exim again! appeared first on Help Net Security .

See more here:
Guess what? You should patch Exim again!

Comcast Business SecurityEdge helps small businesses manage the risk of cyberattacks

Comcast Business announced the launch of its new cloud-based internet security solution, specifically engineered to help small businesses effectively manage the growing risk of cyberattacks. Comcast Business SecurityEdge works to protect a business’ network and the devices connected to it against several existing and emerging Internet-related threats, including malware, ransomware, phishing and botnet infections, without requiring additional hardware or software beyond the Comcast Business Internet modem. In today’s hyper-connected world, cyberthreats are becoming more sophisticated … More ? The post Comcast Business SecurityEdge helps small businesses manage the risk of cyberattacks appeared first on Help Net Security .

See original article:
Comcast Business SecurityEdge helps small businesses manage the risk of cyberattacks

DNSSEC fueling new wave of DNS amplification attacks

DNS amplification attacks swelled in the second quarter of this year, with the amplified attacks spiking more than 1,000% compared with Q2 2018, according to Nexusguard. Researchers attributed Domain Name System Security Extensions (DNSSEC) with fueling the new wave of DNS amplification attacks, which accounted for more than 65% of the attacks last quarter according to the team’s evaluation of thousands of worldwide DDoS attacks. DNSSEC was designed to protect applications from using forged or … More ? The post DNSSEC fueling new wave of DNS amplification attacks appeared first on Help Net Security .

Excerpt from:
DNSSEC fueling new wave of DNS amplification attacks

Magic Transit allows customers to send any packet of data across Cloudflare’s network

Cloudflare, a leading Internet security, performance, and reliability company, announced Magic Transit, a product that extends the benefits of Cloudflare’s network to customers’ on-premise and data center networks. Magic Transit allows customers to send any packet of data, of any protocol, across Cloudflare’s network. Magic Transit deployed in front of an enterprise network protects it from DDoS attack and enables provisioning of a full suite of virtual network functions, including IP packet filtering and firewalling, … More ? The post Magic Transit allows customers to send any packet of data across Cloudflare’s network appeared first on Help Net Security .

See more here:
Magic Transit allows customers to send any packet of data across Cloudflare’s network

Countering industrial cyberthreats with secure, standards-based, licensed wireless networks

Over the past few years, cyber threats aimed at a number of critical infrastructure targets have drawn our attention to the security of mission critical networks. These threats have included power grids in Ukraine and Ireland, U.S. energy companies and nuclear power plants, and most recently, at an electric utility on the West Coast where a distributed denial-of-service (DDoS) attack overwhelmed grid network systems with false Web traffic. This was the first documented digital attack … More ? The post Countering industrial cyberthreats with secure, standards-based, licensed wireless networks appeared first on Help Net Security .

Read more here:
Countering industrial cyberthreats with secure, standards-based, licensed wireless networks

Botnets shift from Windows towards Linux and IoT platforms

Botnets in 2018 continued to use DDoS as their primary weapon to attack high-speed networks, according to NSFOCUS. Continuous monitoring and research of botnets discovered significant changes taking place in the coding of malware used to create bots, operations, and maintenance of botnets and IP Chain-Gangs. Throughout 2018, NSFOCUS developed profiles on 82 IP Chain-Gangs, groups of bots from multiple botnets acting in concert during specific cyber-attack campaigns. Understanding botnets in general and IP Chain-Gangs, … More ? The post Botnets shift from Windows towards Linux and IoT platforms appeared first on Help Net Security .

More:
Botnets shift from Windows towards Linux and IoT platforms

Imperva Application Security portfolio provides protection for any attack size

Imperva, the cybersecurity leader championing the fight to secure data and applications wherever they reside, announced significant enhancements to the Imperva Application Security portfolio, now offering targeted protection against account takeover (ATO), an industry-leading approach to detecting and blocking malicious attacks targeted at APIs, as well as partnerships with leading API vendors and an unprecedented three-second SLA for mitigating any type of DDoS attack. These capabilities help customers further harden their defenses against rapidly evolving … More ? The post Imperva Application Security portfolio provides protection for any attack size appeared first on Help Net Security .

View article:
Imperva Application Security portfolio provides protection for any attack size

Microsoft wants to improve routing security

The Mutually Agreed Norms for Routing Security (MANRS) initiative, supported by the Internet Society, announced that Microsoft has joined the program whose primary objective is to reduce the most common threats to the Internet’s routing system. Routing security is vital to the future and stability of the Internet. Last year alone, there were 12,600 routing outages or incidents such as route hijacking and leaks that led to large-scale Distributed Denial of Service (DDoS) attacks, stolen … More ? The post Microsoft wants to improve routing security appeared first on Help Net Security .

Excerpt from:
Microsoft wants to improve routing security

Average DDoS attack sizes decrease 85% due to FBI’s shutdown of DDoS-for-hire websites

The FBI’s shutdown of the 15 largest distributed denial-of-service (DDoS) for hire vendors (booters) reduced the overall number of attacks worldwide by nearly 11 percent compared to the same period last year. Along with the fewer total attacks, the average size decreased by 85 percent as did the maximum attack size by 24 percent, indicating the FBI crackdown was effective in reducing the global impact of DDoS attacks. However, booter websites are poised to make … More ? The post Average DDoS attack sizes decrease 85% due to FBI’s shutdown of DDoS-for-hire websites appeared first on Help Net Security .

Read more here:
Average DDoS attack sizes decrease 85% due to FBI’s shutdown of DDoS-for-hire websites

Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator

Applied Risk ICS Security Consultant Tom Westenberg discovered a DoS vulnerability in an emulated version of the Triconex TriStation Software Suite. Triconex is a Schneider Electric brand which supplies systems and products in regards to critical control and industrial safety-shutdown technology. The Triconex Emulator is software that allows users to emulate and execute TriStation 1131 applications without connecting to a Tricon, Trident, or Tri-GP controller. Using the Emulator, users can test applications in an offline … More ? The post Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator appeared first on Help Net Security .

Link:
Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator