Tag Archives: weight

Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135)

Earlier this week SonicWall patched 11 vulnerabilities affecting its Network Security Appliance (NSA). Among those is CVE-2020-5135, a critical stack-based buffer overflow vulnerability in the appliances’ VPN Portal that could be exploited to cause denial of service and possibly remote code execution. About CVE-2020-5135 The SonicWall NSAs are next-generation firewall appliances, with a sandbox, an intrusion prevention system, SSL/TLS decryption and inspection capabilities, network-based malware protection, and VPN capabilities. CVE-2020-5135 was discovered by Nikita Abramov … More ? The post Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135) appeared first on Help Net Security .

Originally posted here:
Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135)

Microsoft and partners cut off key Trickbot botnet infrastructure

Two weeks after someone (allegedly the US Cyber Command) temporarily interrupted the operation of the infamous Trickbot botnet, a coalition of tech companies headed by Microsoft has struck a serious blow against its operators. “We disrupted Trickbot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers around the world. We have now cut off key infrastructure so those operating Trickbot will no longer be able to … More ? The post Microsoft and partners cut off key Trickbot botnet infrastructure appeared first on Help Net Security .

Continue Reading:
Microsoft and partners cut off key Trickbot botnet infrastructure

4.83 million DDoS attacks took place in the first half of 2020, a 15% increase

Attackers focused on COVID-era lifelines such as healthcare, e-commerce, and educational services with complex, high-throughput attacks designed to overwhelm and quickly take them down, Netscout reveals. “The first half of 2020 witnessed a radical change in DDoS attack methodology to shorter, faster, harder-hitting complex multi-vector attacks that we expect to continue,” stated Richard Hummel, threat intelligence lead, Netscout. “Adversaries increased attacks against online platforms and services crucial in an increasingly digital world, such as e-commerce, … More ? The post 4.83 million DDoS attacks took place in the first half of 2020, a 15% increase appeared first on Help Net Security .

Continue reading here:
4.83 million DDoS attacks took place in the first half of 2020, a 15% increase

Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing

Here’s an overview of some of last week’s most interesting news and articles: Updated cryptojacking worm steals AWS credentials A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals Amazon Web Services (AWS) credentials. Thousands of ISO certifications at risk of lapsing due to halted re-certification audits Thousands of valuable ISO management system certifications earned by UK companies may now be at risk because auditors from Certification … More ? The post Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing appeared first on Help Net Security .

Excerpt from:
Week in review: Kali Linux 2020.3, mobile security threats, ISO certs at risk of lapsing

DDoS attacks in April, May and June 2020 double compared to Q2 2019

Findings from Link11’s H1 2020 DDoS Report reveal a resurgence in DDoS attacks during the global COVID-19 related lockdowns. In April, May and June 2020, the number of attacks registered by Link11’s Security Operations Center (LSOC) averaged 97% higher than the during the same period in 2019, peaking at a 108% increase in May 2020. Key findings from the annual report include: Multivector attacks on the rise: 52% of attacks combined several methods of attack, … More ? The post DDoS attacks in April, May and June 2020 double compared to Q2 2019 appeared first on Help Net Security .

Continued here:
DDoS attacks in April, May and June 2020 double compared to Q2 2019

How do cybercriminals secure cybercrime?

Trend Micro unveiled new insights analyzing the market for underground hosting services and detailing how and where cybercriminals rent the infrastructure that hosts their business. Over the past five years, increased use and abuse of compromised assets has formed a whole new market. There are varied types of underground hosting and associated services used by cybercriminals to operate their businesses, including bulletproof hosting, VPNs, anonymizers, and DDoS protection. Such services could variously be used to … More ? The post How do cybercriminals secure cybercrime? appeared first on Help Net Security .

More:
How do cybercriminals secure cybercrime?

Week in review: Counterfeit Cisco switches, hijacked Twitter accounts, vulnerable SAP applications

Here’s an overview of some of last week’s most interesting news and articles: New wave of attacks aiming to rope home routers into IoT botnets A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets. High-profile Twitter accounts hijacked to push Bitcoin scam. How did it happen? The Twittersphere went into overdrive as a bunch of prominent, verified Twitter accounts … More ? The post Week in review: Counterfeit Cisco switches, hijacked Twitter accounts, vulnerable SAP applications appeared first on Help Net Security .

Continue Reading:
Week in review: Counterfeit Cisco switches, hijacked Twitter accounts, vulnerable SAP applications

New wave of attacks aiming to rope home routers into IoT botnets

A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets. The report urges users to take action to stop their devices from enabling this criminal activity. The importance of home routers for IoT botnets There has been a recent spike in attacks targeting and leveraging routers, particularly around Q4 2019. This research indicates increased abuse of these devices will continue … More ? The post New wave of attacks aiming to rope home routers into IoT botnets appeared first on Help Net Security .

Read the original:
New wave of attacks aiming to rope home routers into IoT botnets

Duration of application DDoS attacks increasing, some go on for days

There were seven major application DDoS attacks over the previous month — two of which lasted 5-6 days, Imperva reveals. Additionally, the team found that 47% of account takeover (ATO) attacks were aimed at loyalty programs and streaming services, where bad actors attempted to use stolen credentials to gain unauthorized access to online accounts to carry out malicious actions such as data theft, identity fraud or fraudulent e-commerce transactions. The report also showed continued signs … More ? The post Duration of application DDoS attacks increasing, some go on for days appeared first on Help Net Security .

Continued here:
Duration of application DDoS attacks increasing, some go on for days

Week in review: DDoS attack trends, WannaCry lessons, new issue of (IN)SECURE

Here’s an overview of some of last week’s most interesting news and articles: Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote attack 19 vulnerabilities – some of them allowing remote code execution – have been discovered in a TCP/IP stack/library used in hundreds of millions of IoT and OT devices deployed by organizations in a wide variety of industries and sectors. Data Protection Officer independence: Ethical and practical considerations In … More ? The post Week in review: DDoS attack trends, WannaCry lessons, new issue of (IN)SECURE appeared first on Help Net Security .