Tag Archives: height

New attack vectors make securing virtual companies even more challenging

As organizations are settling into long-term remote working, new attack vectors for opportunistic cyberattackers—and new challenges for network administrators have been introduced, Nuspire reveals. Now six months into the pandemic, attackers pivoted away from COVID-19 themes, instead utilizing other prominent media themes like the upcoming U.S. election to wreak havoc. Increase in both botnet and exploit activity There was an increase in both botnet and exploit activity over the course of Q2 2020 by 29% … More ? The post New attack vectors make securing virtual companies even more challenging appeared first on Help Net Security .

Continued here:
New attack vectors make securing virtual companies even more challenging

Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing

Here’s an overview of some of last week’s most interesting news and articles: Updated cryptojacking worm steals AWS credentials A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals Amazon Web Services (AWS) credentials. Thousands of ISO certifications at risk of lapsing due to halted re-certification audits Thousands of valuable ISO management system certifications earned by UK companies may now be at risk because auditors from Certification … More ? The post Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing appeared first on Help Net Security .

Excerpt from:
Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing

Week in review: Counterfeit Cisco switches, hijacked Twitter accounts, vulnerable SAP applications

Here’s an overview of some of last week’s most interesting news and articles: New wave of attacks aiming to rope home routers into IoT botnets A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets. High-profile Twitter accounts hijacked to push Bitcoin scam. How did it happen? The Twittersphere went into overdrive as a bunch of prominent, verified Twitter accounts … More ? The post Week in review: Counterfeit Cisco switches, hijacked Twitter accounts, vulnerable SAP applications appeared first on Help Net Security .

Continue Reading:
Week in review: Counterfeit Cisco switches, hijacked Twitter accounts, vulnerable SAP applications

How the pandemic affected DDoS attack patterns, global internet traffic

There has been a shift in internet traffic patterns coinciding with an increase in DDoS and other types of network attacks in recent months as organizations across industries quickly transitioned to remote workforces and individuals under stay-at-home orders began relying on the internet more heavily, according to Neustar. Growing reliance on the internet The pandemic effect was clear in traffic to specific websites, such as the 250% increase in queries for a popular collaboration platform … More ? The post How the pandemic affected DDoS attack patterns, global internet traffic appeared first on Help Net Security .

Complexity and size of DDoS attacks have increased

The complexity and size of DDoS attacks in 2019 has increased significantly compared to 2018. A report published by NaWas by NBIP concludes that despite the number of attacks has decreased slightly over 2019, their complexity and size has increased significantly. Fewer attacks, more complexity and larger in size Slightly fewer DDoS attacks were observed in 2019 compared to 2018 (919 attacks and 938 attacks respectively). In addition, the number of participants increased by almost … More ? The post Complexity and size of DDoS attacks have increased appeared first on Help Net Security .

Continued here:
Complexity and size of DDoS attacks have increased

UPnP vulnerability lets attackers steal data, scan internal networks

A vulnerability (CVE-2020-12695) in Universal Plug and Play (UPnP), which is implemented in billions of networked and IoT devices – personal computers, printers, mobile devices, routers, gaming consoles, Wi-Fi access points, and so on – may allow unauthenticated, remote attackers to exfiltrate data, scan internal networks or make the devices participate in DDoS attacks. The post UPnP vulnerability lets attackers steal data, scan internal networks appeared first on Help Net Security .

Read the article:
UPnP vulnerability lets attackers steal data, scan internal networks

Ransomware getting more fearsome, but there’s reason for optimism

Cybercriminals continued a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability. A report from F-Secure documents a steep increase in attack traffic in 2019 that was unmatched by previous years. There have been 2.8 billion attack events in the second half of the year. After 2.9 billion in the first half of the year, the yearly total rings in at 5.7 … More ? The post Ransomware getting more fearsome, but there’s reason for optimism appeared first on Help Net Security .

More:
Ransomware getting more fearsome, but there’s reason for optimism

A10 Networks vThunder TPS: Providing 100 Gbps throughput in a single virtual appliance

A10 Networks announced it has delivered the industry’s highest-performance virtual DDoS defense solution with its software version of the Thunder Threat Protection System (TPS) solution, vThunder TPS. The enhanced vThunder TPS provides 100 Gbps throughput in a single virtual appliance and can be expanded to 800 Gbps with eight-way clustering. As a result, service providers can build elastic DDoS defenses that can be incrementally scaled during wartime when peak capacity is required. vThunder TPS is … More ? The post A10 Networks vThunder TPS: Providing 100 Gbps throughput in a single virtual appliance appeared first on Help Net Security .

More:
A10 Networks vThunder TPS: Providing 100 Gbps throughput in a single virtual appliance

Week in review: The future of DNS security, acquiring cyber talent in 2020, new issue of (IN)SECURE

Here’s an overview of some of last week’s most interesting news and articles: Shadow IT accounts with weak passwords endanger organizations 63% of enterprise professionals have created at least one account without their IT department being aware of it, and two-thirds of those have created two or more, the results of a recent 1Password survey have revealed. 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins … More ? The post Week in review: The future of DNS security, acquiring cyber talent in 2020, new issue of (IN)SECURE appeared first on Help Net Security .

More:
Week in review: The future of DNS security, acquiring cyber talent in 2020, new issue of (IN)SECURE

12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks

A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins servers can be abused to mount and amplify reflective DDoS attacks against internet hosts, Radware researchers have discovered. The vulnerability can also be triggered by a single, spoofed UDP packet to launch DoS attacks against those same vulnerable Jenkins servers, by forcing them into an infinite loop of replies that can’t be stopped unless one of the servers is rebooted or has its Jenkins service restarted. About the … More ? The post 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks appeared first on Help Net Security .