In today’s rapidly evolving digital landscape, organizations face constant cyber threats that can compromise their sensitive data, disrupt operations, and damage their reputation. Staying informed about the latest cyberattacks and understanding effective protection methods is crucial. This list of free cybersecurity whitepapers that don’t require registration covers a wide range of common cyber risks (ransomware, DDoS attacks, social network account hijacking). It explores the possible risks that could originate from new technologies such as generative … More ? The post 9 free cybersecurity whitepapers you should read appeared first on Help Net Security .
Tag Archives: news
Someone is roping Apache NiFi servers into a cryptomining botnet
If you’re running an Apache NiFi instance exposed on the internet and you have not secured access to it, the underlying host may already be covertly cryptomining on someone else’s behalf. The attack Indicators of the ongoing campaign were first spotted by the SANS Internet Storm Center when, on May 19th, their distributed sensor network detected a significant spike in requests for “/nifi.” After redirecting some of the requests to their honeypot system running the … More ? The post Someone is roping Apache NiFi servers into a cryptomining botnet appeared first on Help Net Security .
See the original article here:
Someone is roping Apache NiFi servers into a cryptomining botnet
Europe: The DDoS battlefield
DDoS attacks appear to reflect major geo-political challenges and social tensions and have become an increasingly significant part in the hybrid warfare arsenal, according to Arelion. As the Ukrainian authorities sought a safe harbour for digital state registries and databases, Arelion saw the distribution of attacks move away from active conflict areas into global cloud centres – both as a result of damage to local network infrastructure, but also as local databases and applications were … More ? The post Europe: The DDoS battlefield appeared first on Help Net Security .
Malicious actors push the limits of attack vectors
The war in Ukraine has seen the emergence of new forms of cyberattacks, and hacktivists became savvier and more emboldened to deface sites, leak information and execute DDoS attacks, according to Trellix. “Q4 saw malicious actors push the limits of attack vectors,” said John Fokker, Head of Threat Intelligence, Trellix Advanced Research Center. “Grey zone conflict and hacktivism have both led to an increase in cyber as statecraft as well as a rise in activity … More ? The post Malicious actors push the limits of attack vectors appeared first on Help Net Security .
See the original article here:
Malicious actors push the limits of attack vectors
Neustar Security Services UltraPlatform protects enterprises’ digital assets
Neustar Security Services is launching UltraPlatform, a solution that leverages three Neustar Security Services’ offerings critical to protecting organizations’ online assets and infrastructure: an authoritative domain name system (DNS) service, protection against distributed denial-of-service (DDoS) attacks and a web application firewall (WAF). To create this unified solution, UltraPlatform blends components from Neustar Security Services’ UltraDNS, UltraDDoS Protect and UltraWAF offerings: UltraDNS is the premier managed authoritative DNS service that ensures accurate, safe and reliable connections. … More ? The post Neustar Security Services UltraPlatform protects enterprises’ digital assets appeared first on Help Net Security .
Continued here:
Neustar Security Services UltraPlatform protects enterprises’ digital assets
Cybercriminals create new methods to evade legacy DDoS defenses
The number of DDoS attacks we see around the globe is on the rise, and that trend is likely to continue throughout 2023, according to Corero. We expect to see attackers deploy ever higher rate request-based or packets-per-second attacks. “DDoS attacks have historically focused around sending packets of large sizes with the aim to paralyze and disrupt the internet pipeline by exceeding the available bandwidth. Recent request-based attacks, however, are sending smaller size packets, to … More ? The post Cybercriminals create new methods to evade legacy DDoS defenses appeared first on Help Net Security .
See more here:
Cybercriminals create new methods to evade legacy DDoS defenses
Cybercriminals are cashing in on FIFA World Cup-themed cyberattacks
The hype and popularity of the FIFA World Cup has attracted audiences from across the globe. And this, in turn attracts a variety of cybercriminals, who want to exploit the varied fan following, and the organizations participating, to make a quick buck. Advanced persistent threat (APT) campaigns, phishing, credit card/cryptocurrency fraud, DDoS attacks, and identity theft are among the threats faced by organizations and audiences, CloudSEK reports. The cybercriminals are motivated by financial gain, ideology, … More ? The post Cybercriminals are cashing in on FIFA World Cup-themed cyberattacks appeared first on Help Net Security .
Read More:
Cybercriminals are cashing in on FIFA World Cup-themed cyberattacks
High-severity OpenSSL vulnerabilities fixed (CVE-2022-3602, CVE-2022-3786)
Version 3.0.7 of the popular OpenSSL cryptographic library is out, with fixes for CVE-2022-3602 and CVE-2022-3786, two high-severity buffer overflow vulnerabilities in the punycode decoder that could lead to crashes (i.e., denial of service) or potentially remote code execution. CVE-2022-3602, whose existence was preannounced by the OpenSSL Project team a week ago, has luckily turned out to be less dangerous than initially thought. So the much feared *Critical* #OpenSSL turns out to be “just” a … More ? The post High-severity OpenSSL vulnerabilities fixed (CVE-2022-3602, CVE-2022-3786) appeared first on Help Net Security .
More:
High-severity OpenSSL vulnerabilities fixed (CVE-2022-3602, CVE-2022-3786)
DDoS attacks jump 203%, patriotic hacktivism surges
Radware released a report revealing that the number of malicious DDoS attacks climbed by 203% compared to the first six months of 2021. The report also underscores how Russia’s invasion of Ukraine has altered the focus of the threat landscape — shifting it from the consequences of the pandemic to a ground swell of DDoS activity launched by patriotic hacktivists. “The threat landscape saw a marked shift in the first half of 2022,” said Pascal … More ? The post DDoS attacks jump 203%, patriotic hacktivism surges appeared first on Help Net Security .
See the article here:
DDoS attacks jump 203%, patriotic hacktivism surges
Cybercriminals are using bots to deploy DDoS attacks on gambling sites
Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. As the Wimbledon tennis tournament began at the end of June, DDoS attacks increased and impacted 10% of gambling sites. This continues a damaging pattern for the industry with 40% of gambling sites suffering attacks in the last 12 months, 80% of whom were hit multiple times. Overall, the number of application layer DDoS attacks … More ? The post Cybercriminals are using bots to deploy DDoS attacks on gambling sites appeared first on Help Net Security .
Originally posted here:
Cybercriminals are using bots to deploy DDoS attacks on gambling sites