Tag Archives: security

Guess what? You should patch Exim again!

Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by attackers to pull off remote code execution. With no mitigations available at this time, Exim maintainers urge admins to upgrade to version 4.92.3, which has been released on Sunday. About Exim and the flaw (CVE-2019-16928) According to E-Soft, Exim is the most widely used … More ? The post Guess what? You should patch Exim again! appeared first on Help Net Security .

See more here:
Guess what? You should patch Exim again!

HTTP/2, Brute! Then fall, server. Admin! Ops! The server is dead

Beware the denials of service: Netflix warns of eight networking bugs On Tuesday, Netflix, working in conjunction with Google and CERT/CC, published a security advisory covering a series of vulnerabilities that enable denial of service attacks against servers running HTTP/2 services.…

Read More:
HTTP/2, Brute! Then fall, server. Admin! Ops! The server is dead

Magic Transit allows customers to send any packet of data across Cloudflare’s network

Cloudflare, a leading Internet security, performance, and reliability company, announced Magic Transit, a product that extends the benefits of Cloudflare’s network to customers’ on-premise and data center networks. Magic Transit allows customers to send any packet of data, of any protocol, across Cloudflare’s network. Magic Transit deployed in front of an enterprise network protects it from DDoS attack and enables provisioning of a full suite of virtual network functions, including IP packet filtering and firewalling, … More ? The post Magic Transit allows customers to send any packet of data across Cloudflare’s network appeared first on Help Net Security .

See more here:
Magic Transit allows customers to send any packet of data across Cloudflare’s network

Get rekt: Two years in clink for game-busting DDoS brat DerpTrolling

It’s all lulz until someone goes to prison Austin Thompson, aka DerpTrolling, who came to prominence in 2013 by launching Distributed Denial of Service (DDoS) attacks against major video game companies, has been sentenced to 27 months in prison by a federal court .…

Read more here:
Get rekt: Two years in clink for game-busting DDoS brat DerpTrolling

Botnets shift from Windows towards Linux and IoT platforms

Botnets in 2018 continued to use DDoS as their primary weapon to attack high-speed networks, according to NSFOCUS. Continuous monitoring and research of botnets discovered significant changes taking place in the coding of malware used to create bots, operations, and maintenance of botnets and IP Chain-Gangs. Throughout 2018, NSFOCUS developed profiles on 82 IP Chain-Gangs, groups of bots from multiple botnets acting in concert during specific cyber-attack campaigns. Understanding botnets in general and IP Chain-Gangs, … More ? The post Botnets shift from Windows towards Linux and IoT platforms appeared first on Help Net Security .

More:
Botnets shift from Windows towards Linux and IoT platforms

Imperva Application Security portfolio provides protection for any attack size

Imperva, the cybersecurity leader championing the fight to secure data and applications wherever they reside, announced significant enhancements to the Imperva Application Security portfolio, now offering targeted protection against account takeover (ATO), an industry-leading approach to detecting and blocking malicious attacks targeted at APIs, as well as partnerships with leading API vendors and an unprecedented three-second SLA for mitigating any type of DDoS attack. These capabilities help customers further harden their defenses against rapidly evolving … More ? The post Imperva Application Security portfolio provides protection for any attack size appeared first on Help Net Security .

View article:
Imperva Application Security portfolio provides protection for any attack size

Vulnerable TP-Link Wi-Fi extenders open to attack, patch now!

Several TP-Link Wi-Fi extender devices sport a critical remote code execution vulnerability that could allow attackers to take over the devices and command them with the same privileges of their legitimate user, IBM X-Force researcher Grzegorz Wypych warns. Aside from making the device part of a botnet, attackers could carry out sophisticated malicious activity by executing any shell command on the device’s operating system. “An attacker compromising this type of device, and the device being … More ? The post Vulnerable TP-Link Wi-Fi extenders open to attack, patch now! appeared first on Help Net Security .

Taken from:
Vulnerable TP-Link Wi-Fi extenders open to attack, patch now!

No Telegram today, protestors: Chinese boxes DDoS chat app amid Hong Kong protest

That Guns N’ Roses album* might be out soon… or not Chat app Telegram has reportedly been DDoS’d, with its downtime coinciding with protests in Hong Kong against repressive new Chinese laws.…

More here:
No Telegram today, protestors: Chinese boxes DDoS chat app amid Hong Kong protest

Global communications service providers struggling to fend off growing number of DDoS attacks

Global communications service providers, whose businesses are predicated on continuous availability and reliable service levels, are struggling to fend off a growing number of DDoS attacks against their networks. A lack of timely and actionable intelligence is seen as a major obstacle to DDoS protection, according to A10 Networks. The critical need for DDoS protection The A10 Networks study conducted by the Ponemon Institute highlights the critical need for DDoS protection that provides higher levels … More ? The post Global communications service providers struggling to fend off growing number of DDoS attacks appeared first on Help Net Security .

Follow this link:
Global communications service providers struggling to fend off growing number of DDoS attacks

Microsoft wants to improve routing security

The Mutually Agreed Norms for Routing Security (MANRS) initiative, supported by the Internet Society, announced that Microsoft has joined the program whose primary objective is to reduce the most common threats to the Internet’s routing system. Routing security is vital to the future and stability of the Internet. Last year alone, there were 12,600 routing outages or incidents such as route hijacking and leaks that led to large-scale Distributed Denial of Service (DDoS) attacks, stolen … More ? The post Microsoft wants to improve routing security appeared first on Help Net Security .

Excerpt from:
Microsoft wants to improve routing security