Tag Archives: news

DDoS attacks rise in intensity, sophistication and volume

There have been significant shifts in DDoS attack patterns in the first half of 2020, a Neustar report reveals. There has been a 151% increase in the number of DDoS attacks compared to the same period in 2019. These included the largest and longest attacks that Neustar has ever mitigated at 1.17 Terabits-per-second (Tbps) and 5 days and 18 hours respectively. These figures are representative of the growing number, volume and intensity of network-type cyberattacks … More ? The post DDoS attacks rise in intensity, sophistication and volume appeared first on Help Net Security .

View article:
DDoS attacks rise in intensity, sophistication and volume

Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing

Here’s an overview of some of last week’s most interesting news and articles: Updated cryptojacking worm steals AWS credentials A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals Amazon Web Services (AWS) credentials. Thousands of ISO certifications at risk of lapsing due to halted re-certification audits Thousands of valuable ISO management system certifications earned by UK companies may now be at risk because auditors from Certification … More ? The post Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing appeared first on Help Net Security .

Excerpt from:
Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing

Fileless worm builds cryptomining, backdoor-planting P2P botnet

A fileless worm dubbed FritzFrog has been found roping Linux devices running SSH servers – corporate servers, routers and IoT devices – into a P2P botnet whose apparent goal is to mine cryptocurrency. Simultaneously, though, the malware creates a backdoor on the infected machines, allowing attackers to access it at a later date even if the SSH password has been changed in the meantime. “When looking at the amount of code dedicated to the miner, … More ? The post Fileless worm builds cryptomining, backdoor-planting P2P botnet appeared first on Help Net Security .

More:
Fileless worm builds cryptomining, backdoor-planting P2P botnet

How do cybercriminals secure cybercrime?

Trend Micro unveiled new insights analyzing the market for underground hosting services and detailing how and where cybercriminals rent the infrastructure that hosts their business. Over the past five years, increased use and abuse of compromised assets has formed a whole new market. There are varied types of underground hosting and associated services used by cybercriminals to operate their businesses, including bulletproof hosting, VPNs, anonymizers, and DDoS protection. Such services could variously be used to … More ? The post How do cybercriminals secure cybercrime? appeared first on Help Net Security .

More:
How do cybercriminals secure cybercrime?

In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns

In the first quarter of 2020, DDoS attacks rose more than 278% compared to Q1 2019, and more than 542% compared to the last quarter, as published in the Nexusguard Q1 2020 Threat Report. DDoS attacks have become a global risk, and as attacks continue to increase in complexity, further spurred by the pandemic, ISPs will have to strengthen their security measures. Undetectable and abnormal traffic patternss While DDoS attacks disrupt service for large companies … More ? The post In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns appeared first on Help Net Security .

Read More:
In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns

UPnP vulnerability lets attackers steal data, scan internal networks

A vulnerability (CVE-2020-12695) in Universal Plug and Play (UPnP), which is implemented in billions of networked and IoT devices – personal computers, printers, mobile devices, routers, gaming consoles, Wi-Fi access points, and so on – may allow unauthenticated, remote attackers to exfiltrate data, scan internal networks or make the devices participate in DDoS attacks. The post UPnP vulnerability lets attackers steal data, scan internal networks appeared first on Help Net Security .

Read the article:
UPnP vulnerability lets attackers steal data, scan internal networks

What’s trending on the underground market?

Trust has eroded among criminal interactions, causing a switch to e-commerce platforms and communication using Discord, which both increase user anonymization, Trend Micro reveals. Popular underground goods and services The report reveals that determined efforts by law enforcement appear to be having an impact on the cybercrime underground. Several forums have been taken down by global police entities, and remaining forums experience persistent DDoS attacks and log-in problems impacting their usefulness. Loss of trust led … More ? The post What’s trending on the underground market? appeared first on Help Net Security .

Read More:
What’s trending on the underground market?

Client-side web security

To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to emerge as a particularly useful practice. Obviously, enterprise teams should integrate client-side protections with desired server-side countermeasures to ensure a full risk management profile (e.g., the client-side is a poor selection point to stop denial of service). Several standards-based client-side security approaches have begun to mature that are … More ? The post Client-side web security appeared first on Help Net Security .

Read More:
Client-side web security

Are your MS SQL servers part of a cryptomining botnet? Check now!

For the last two years or so, attackers have been infecting and reinfecting poorly secured MS SQL servers, booting other criminals’ malware from them and exploiting their compute power to mine Vollar and Monero cryptocurrency. 61.5 percent of the infected machines get cleaned up by administrators and IT security teams within two days, and the rest between three to 14 days but, according to Guardicore Labs researchers, 10 percent of the victims end up reinfected, … More ? The post Are your MS SQL servers part of a cryptomining botnet? Check now! appeared first on Help Net Security .

More:
Are your MS SQL servers part of a cryptomining botnet? Check now!

Across-the-board increase in DDoS attacks of all sizes

There has been a 168% increase in DDoS attacks in Q4 2019, compared with Q4 2018, and a 180% increase overall in 2019 vs. 2018, according to Neustar. The company saw DDoS attacks across all size categories increase in 2019, with attacks sized 5 Gbps and below seeing the largest growth. These small-scale attacks made up more than three quarters of all attacks the company mitigated on behalf of its customers in 2019. DDoS attacks … More ? The post Across-the-board increase in DDoS attacks of all sizes appeared first on Help Net Security .

Original post:
Across-the-board increase in DDoS attacks of all sizes