Author Archives: Enurrendy

Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure

Akamai launched Akamai Shield NS53, a product that protects on-premises (on-prem) Domain Name System (DNS) infrastructure from resource exhaustion attacks. These attacks overwhelm servers to the point that they can no longer respond to valid DNS queries. The new offering complements Akamai Edge DNS, which is a comprehensive cloud-based DNS solution, and Akamai Prolexic, a distributed denial-of-service (DDoS) protection platform for Layer 3 and Layer 4 attacks. Over the past three years, there has been … More ? The post Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure appeared first on Help Net Security .

More:
Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure

Cloudflare partners with Booz Allen Hamilton to guide organizations under attack

Cloudflare announced a collaboration with Booz Allen Hamilton to support enterprises under attack by providing expedited Under Attack as a Service (UAaaS) with 30-Day Rapid Response DDoS Mitigation, including continuous monitoring and protection. Under this new agreement, Booz Allen’s Global Commercial clients facing a cyber-attack will be connected to Cloudflare for immediate Incident Response. Now, Booz Allen clients that may fall victim to cyber-attacks have a fast track to support when they need it most. … More ? The post Cloudflare partners with Booz Allen Hamilton to guide organizations under attack appeared first on Help Net Security .

Excerpt from:
Cloudflare partners with Booz Allen Hamilton to guide organizations under attack

Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic

Fastly introduced Fastly Bot Management to help organizations combat automated “bot” attacks at the edge and significantly reduce the risk of fraud, DDoS attacks, account takeovers, and other online abuse. Fastly Bot Management represents an important cybersecurity milestone for the company, building on its proven bot mitigation expertise and capabilities currently available in its Next-Gen WAF. “Organizations increasingly are delivering more enhanced digital experiences to their users at the edge. Not surprisingly, cyber adversaries have … More ? The post Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic appeared first on Help Net Security .

Follow this link:
Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic

Nearly 3M people hit in Harvard Pilgrim healthcare data theft

Also, TheMoon botnet back for EoL SOHO routers, Sellafield to be prosecuted for ‘infosec failures’, plus critical vulns Infosec in brief   Nearly a year on from the discovery of a massive data theft at healthcare biz Harvard Pilgrim, and the number of victims has now risen to nearly 2.9 million people in all US states.…

More:
Nearly 3M people hit in Harvard Pilgrim healthcare data theft

CISA: Here’s how you can foil DDoS attacks

In light of the rise of “DDoS hacktivism” and the recent DDoS attacks aimed at disrupting French and Alabama government websites, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its guidance of how governmental entities (but also other organizations) should respond to this type of attacks. DDoS attacks explained First and foremost, the document explains the main difference between a DoS attack (from a single source) and a DDoS attack (from multiple sources). “The … More ? The post CISA: Here’s how you can foil DDoS attacks appeared first on Help Net Security .

More:
CISA: Here’s how you can foil DDoS attacks

FBI v the bots: Feds urge denial-of-service defense after critical infrastructure alert

You better watch out, you better not cry, better not pout, they’re telling you why The US government has recommended a series of steps that critical infrastructure operators should take to prevent distributed-denial-of-service (DDoS) attacks.…

Read the article:
FBI v the bots: Feds urge denial-of-service defense after critical infrastructure alert

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC exploit script demonstrating the attack, as well as one for triggering a third flaw (CVE-2024-0801) that can lead to denial of service. About the vulnerabilities (CVE-2024-0799, CVE-2024-0800, CVE-2024-0801) Arcserve UDP is a widely used enterprise backup and disaster recovery solution, as … More ? The post PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) appeared first on Help Net Security .

Read the article:
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

The effects of law enforcement takedowns on the ransomware landscape

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation as the primary method of delivering the malware. The switch is obvious to Symantec’s Threat Hunter Team but, unfortunately, it hasn’t been accompanied by a fall in the number of ransomware victims. “Analysis of data from … More ? The post The effects of law enforcement takedowns on the ransomware landscape appeared first on Help Net Security .

More:
The effects of law enforcement takedowns on the ransomware landscape