Tag Archives: news

Modern browser APIs can be abused for hijacking device resources

Powerful capabilities of modern browser APIs could be misused by attackers to take control of a site visitor’s browser, add it to their botnet, and use it for a variety of malicious actions, researchers from the Foundation for Research and Technology – Hellas and Stony Brook University are warning. To prove their point, they’ve created MarioNet, a prototype framework that allows them to do just that. The hijacked resources could be used for unwanted and … More ? The post Modern browser APIs can be abused for hijacking device resources appeared first on Help Net Security .

Continued here:
Modern browser APIs can be abused for hijacking device resources

Average DDoS attack volumes grew by 194% in 12 months

The volume and complexity of DDoS attacks continued to grow in Europe during the final quarter of 2018, according to Link11. While Link11’s Security Operations Center (LSOC) registered 13,910 attacks in Q4 (12.7% down compared to Q3), the average attack volume grew by 8.7% to 5Gbps, and 59% of attacks used multiple attack vectors. Key findings of Link11’s Q4 DDoS report include: Average attack volumes grew by 194% in 12 months: In Q4 2018, average … More ? The post Average DDoS attack volumes grew by 194% in 12 months appeared first on Help Net Security .

Read the original:
Average DDoS attack volumes grew by 194% in 12 months

Week in review: Man in the Cloud attacks, Google GDPR fine, business resilience

Here’s an overview of some of last week’s most interesting news and articles: Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution A vulnerability in the firmware of a Wi-Fi chipset that is widely used in laptops, streaming, gaming and a variety of “smart” devices can be exploited to compromise them without user interaction. Researchers analyze DDoS attacks as coordinated gang activities In a new report, NSFOCUS introduced the IP Chain-Gang concept, … More ? The post Week in review: Man in the Cloud attacks, Google GDPR fine, business resilience appeared first on Help Net Security .

Read More:
Week in review: Man in the Cloud attacks, Google GDPR fine, business resilience

SSDP amplification attacks rose 639%

The Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). Comparison between normal attack traffic and attack traffic with legitimate traffic This new vector exploits the large attack surface of ASN-level (autonomous system number) CSPs by spreading tiny attack traffic across hundreds of IP addresses to evade detection. The ongoing evolution of DDoS methods suggests that CSPs need to enhance their network security … More ? The post SSDP amplification attacks rose 639% appeared first on Help Net Security .

Continue Reading:
SSDP amplification attacks rose 639%

Hackers who DDoSed African telecom and US hospital get long prison sentences

Two men who launched DDoS attacks against a variety of targets have received substantial prison sentences on Friday. Attacks against Liberian telecom 30-year-old Daniel Kaye (aka “BestBuy”), from Egham, Surrey (UK) has been sentenced to spend 2 years and 8 months in prison for DDoS attacks targeting the Liberian telecommunications provider Lonestar MTN in 2015. According to the UK National Crime Agency (NCA), Kaye first used rented botnets and stressor services to attack Lonestar. He … More ? The post Hackers who DDoSed African telecom and US hospital get long prison sentences appeared first on Help Net Security .

See the original article here:
Hackers who DDoSed African telecom and US hospital get long prison sentences

November 2018: Most wanted malware exposed

Check Point has published its latest Global Threat Index for November 2018. The index reveals that the Emotet botnet has entered the Index’s top 10 ranking after researchers saw it spread through several campaigns, including a Thanksgiving-themed campaign. This involved sending malspam emails in the guise of Thanksgiving cards, containing email subjects such as happy “Thanksgiving day wishes”, “Thanksgiving wishes” and “the Thanksgiving day congratulation!” These emails contained malicious attachments, often with file names related … More ? The post November 2018: Most wanted malware exposed appeared first on Help Net Security .

Follow this link:
November 2018: Most wanted malware exposed

Old and new OpenSSH backdoors threaten Linux servers

OpenSSH, a suite of networking software that allows secure communications over an unsecured network, is the most common tool for system administrators to manage rented Linux servers. And given that over one-third of public-facing internet servers run Linux, it shouldn’t come as a surprise that threat actors would exploit OpenSSH’s popularity to gain control of them. How severe is the threat? Nearly five years ago, ESET researchers helped to disrupt a 25 thousand-strong botnet of … More ? The post Old and new OpenSSH backdoors threaten Linux servers appeared first on Help Net Security .

View article:
Old and new OpenSSH backdoors threaten Linux servers

Why you shouldn’t be worried about UPnP port masking

Last May, security firm Imperva wrote a blog post discussing a new proof of concept for bypassing DDoS mitigation after discovering reflected network protocols appearing on non-standard network ports. Imperva was able to replicate the same behavior using a technique called UPnP Port Masking, which uses the Universal Plug and Play (UPnP) Protocol to alter the source port of commonly abused network protocols in DDoS attacks. Multiple news outlets picked up on Imperva’s research and … More ? The post Why you shouldn’t be worried about UPnP port masking appeared first on Help Net Security .

View article:
Why you shouldn’t be worried about UPnP port masking

“Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack

Cisco Talos researchers have flagged four serious vulnerabilities in TP-Link’s SafeStream Gigabit Broadband VPN Router (TL-R600VPN). All four affect the device’s HTTP server, and can lead to denial of service, information disclosure, and remote code execution. About the vulnerabilities The flaws affect TP-Link TL-R600VPN, hardware versions 2 and 3. Numbered CVE-2018-3948 and CVE-2018-3949, respectively, the flaws that can be exploited for DoS and information disclosure can be triggered via an unauthenticated web request and a … More ? The post “Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack appeared first on Help Net Security .

Read More:
“Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack

Cequence Security announces application security platform to stop bot attacks

Cequence Security released Cequence ASP, an application security platform that provides a scalable defense against the growing number of bot attacks affecting today’s hyper-connected organizations. These financially-motivated attacks target externally-facing web and mobile apps, as well as API services that provide connections to other applications across their digital ecosystem. Attack objectives can include account takeover, content scraping, distributed denial of service, and much more. “From a bad actor’s perspective, geo-distributed bot attacks are relatively easy … More ? The post Cequence Security announces application security platform to stop bot attacks appeared first on Help Net Security .

View article:
Cequence Security announces application security platform to stop bot attacks