admin

All articles by admin

 

Critical infrastructure remains insecure

Organisations can no longer afford to leave their systems unprotected from increasingly advanced cyber threats. The threat to our critical national infrastructure (CNI) system is at an unprecedented high with reported cyber-attacks from a number of factions, suspected infiltrations from nation states, and the NCSC warning that these systems remain a high-profile target and exceptionally...
Continue reading...  

Cloud Security For The Healthcare Industry: A No-Brainer

The healthcare industry has become one of the likeliest to suffer cyber-attacks, and there’s little wonder why. Having the financial and personal information of scores of patients makes it a very appetizing target for attackers. Just over a year ago, the WannaCry ransomware attack wreaked havoc on the UK National Health Service (NHS), ultimately disrupting a...
Continue reading...  

Concern Mounts for SS7, Diameter Vulnerability

The same security flaws that cursed the older SS7 standard and were used with 3G, 2G and earlier are prevalent in the Diameter protocol used with today’s 4G (LTE) telephony and data transfer standard, according to researchers at Positive Technologies and the European Union Agency For Network and Information Security (ENISA). Network security is built on...
Continue reading...  

Bigger, Faster, Stronger: 2 Reports Detail the Evolving State of DDoS

DDoS attacks continue to plague the Internet, getting bigger and more dangerous. And now, the kids are involved DDoS attacks don’t arrive on little cat feet; they announce their presence with the subtlety of a shovel to the face. Two just-released reports show that these loud DDoS attacks are getting louder, larger, and more numerous...
Continue reading...  

GDPR: A tool for your enemies?st

Every employee at your organisation should be prepared to deal with right to be forgotten requests. It’s estimated that 75% of employees will exercise their right to erasure now GDPR (General Data Protection Regulation) has come into effect. However, less than half of organisations believe that they would be able to handle a ‘right to...
Continue reading...  

Small businesses aren’t properly prepared for cyberattacks

Even though businesses all over the world are increasingly taking online protection seriously – they still aren’t 100 per cent confident they could tackle serious cybersecurity threats. Polling 600 businesses in the US, UK and Australia, a study by Webroot found that new types of attacks are dominating in 2018 (compared to the year before)...
Continue reading...  

Protonmail Hit By Yet Another DDoS Attack

Attack comes as scale, scope and sophistication of DDoS attacks rises sharply Popular encrypted email provider Protonmail was this morning hit by the latest in a long-running serious of malicious attacks on its infrastructure. The privacy-focussed Geneva-based email provider, which has some 500,000 users, has faced numerous DDoS attacks since being founded. As one of...
Continue reading...  

How to Prevent DDoS Attacks: 6 Tips to Keep Your Website Safe

Falling victim to a distributed denial of service (DDoS) attack can be catastrophic: The average cost to an organization of a successful DDoS attack is about $100,000 for every hour the attack lasts, according to security company Cloudflare. There are longer term costs too: loss of reputation, brand degradation and lost customers, all leading to...
Continue reading...  

Hospitality industry under siege from botnets

The hospitality industry, including hotels, airlines and cruise lines, is the biggest target for cyber criminal botnet attacks that abuse credentials and overwhelm online systems, a report reveals Cyber security defenders face increasing threats from bot-based credential abuse targeting the hospitality industry, a report shows. Bot-based attacks are also being used for advanced distributed denial...
Continue reading...  

Cyber security incidents could cost Aussie businesses $29B per year

Fear and doubt of cyber risks has led 66 per cent of Australian businesses to put off digital transformation plans, with security incidents potentially costing organisations $29 billion per year. In research conducted by Frost & Sullivan and commissioned by Microsoft, local security incidents include losses in revenue, decreased profitability, fines, lawsuits and remediation. “The fact that...
Continue reading...  

The Lesson of the GitHub DDoS Attack: Why Your Web Host Matters

Surviving a cyberattack isn’t like weathering a Cat 5 hurricane or coming through a 7.0 earthquake unscathed. Granting that natural disasters too often have horrendous consequences, there’s also a “right place, right time” element to making it through. Cyber-disasters – which can be every bit as calamitous in their own way as acts of nature – don’t typically bend to the element of chance....
Continue reading...  

Meet MyloBot malware turning Windows devices into Botnet

The IT security researchers at deep learning cybersecurity firm Deep Instinct have discovered a sophisticated malware in the wild targeting Microsoft’s Windows-based computers. Adding devices to Botnet The malware works in such a way that upon infecting, it allows hackers to take over the device and make it part of a botnet to carry out different...
Continue reading...  

World Cup could lead to surge in cyber threats

With the Group Stage of the 2018 FIFA World Cup now well underway, security companies are warning that cybercriminals are likely to use the interest stirred up by the event to launch cyber attacks. Network and endpoint security company Sophos noted that cyber attacks often go hand in hand with major sporting events, including the...
Continue reading...  

How CIA can improve your cyber security

The threat of cyber-attack is increasing every year. According to the Online Trust Alliance, 2017 was the worst yet in terms attacks on business. Figures indicate that attacks doubled from 82,000 incidents in 2016 to over 159,000 – and that’s just the ones we know about. Keeping up to date with the latest cyber security threats...
Continue reading...  

Cyber Attacks Cost Korean Firms US$72 billion Last Year: Report

Cyber attacks cost Korean companies US$72 billion last year, according to a survey released by Microsoft Korea on June 18. The Cyber Security Threat Report, produced jointly with Frost & Sullivan, a global consulting firm, assumes that 90 percent of the damage was indirect losses, which included losses from losing customers, tarnished corporate reputations, and...
Continue reading...  

Cyber attack warnings highlight need to be prepared

Fresh warnings about the vulnerability of national infrastructure to cyber attacks show the need for securing and monitoring associated control systems connected to the internet. The commander of Britain’s Joint Forces Command has warned that UK traffic control systems and other critical infrastructure could be targeted by cyber adversaries – but industry experts say this...
Continue reading...  

Tech Network Security in the Age of the Internet of Things

There are a lot of changes taking place in the business world today. One of the things that all businesses need to go out of their way to keep up with is cyberattacks. Most of these target traditionally unconnected devices. As we enter into a new generation of using connected, intelligent devices in the workplace,...
Continue reading...  

How employee behavior impacts cybersecurity effectiveness

A recent OpenVPN survey discovered 25 percent of employees, reuse the same password for everything. And 23 percent of employees admit to very frequently clicking on links before verifying they lead to a website they intended to visit. Sabotaging corporate security initiatives Whether accidental or intentional, an employee’s online activities can make or break a...
Continue reading...  

Most Risk to Internet Originates from US

“America first” isn’t always a good thing, particularly when it comes to cyber-risk. Still, the US was number one on the list of nations from which the most risk to the internet originated, according to the third annual National Exposure Index released today by Rapid7. Analysis of the current state of internet exposure revealed which...
Continue reading...  

Canada third most exposed country to possible cyber attacks, says vendor study

After hours of thankless work on their systems every day infosec pros in this country are among the best in securing their systems, right? Not according to a new report. Canada ranks third on a list of worst countries whose organizations and users have unsecured Internet services open to cyber attacks, says a security vendor...
Continue reading...  

7 Variants (So Far) of Mirai

Mirai is an example of the newest trend in rapidly evolving, constantly improving malware. These seven variants show how threat actors are making bad malware worse. Satori Where Mirai is relatively broad in scope, able to plant itself on many different routers and devices, Satori is quite specific. Discovered in December 2017, Satori takes advantage...
Continue reading...  

Six years on from the official launch, just how secure is IPv6?

The world launch of IPv6 happened back in June 2012, and World IPv6 Day is on Friday 8 June. But just how secure is IPv6 some six years after that fanfare deployment? The world launch of IPv6 happened back in June 2012, and World IPv6 Day is on Friday 8 June. But just how secure...
Continue reading...  

8 Questions to Ask in DDoS Protection

As DDoS attacks grow more frequent, more powerful, and more sophisticated, many organizations turn to DDoS mitigation providers to protect themselves against attack. Before evaluating DDoS protection solutions, it is important to assess the needs, objectives, and constraints of the organization, network and applications. These factors will define the criteria for selecting the optimal solution....
Continue reading...  

2018: Snapshot of the Most Important Worldwide Cybersecurity Laws, Regulations, Directives and Standards

Are you out of breath from the breakneck pace of cyberattacks since the start of 2018? Throughout the world, nearly daily news reports have been filed detailing the results of incredibly effective cyberattacks ranging from small companies to nation-states. The sum total of these attacks has permanently and dramatically changed the information security threat landscape....
Continue reading...  

The platform is under extreme load:’ Cyber attack brings major cryptocurrency exchange to its knee

One of the largest cryptocurrency exchanges shut Tuesday morning because of a cyber attack. “The platform is under extreme load,” Bitfinex said at 9:39 a.m. ET. Bitcoin was trading slightly lower at $7,421 a coin, according to Markets Insider data.  Bitfinex, one of the largest cryptocurrency exchanges by trading volumes, was down Tuesday morning after...
Continue reading...  

Dutch banks affected by cyber attack, all services disconnected

Dutch banks ABN Amro and Rabobank affected by DDOS attacks on May 27, which has affected their online banking system with offline servers. Information security experts commented that malicious actors launched DDoS attacks against two bank servers and overloaded the affected traffic to the websites. A group of information security professionals explain, DDoS attacks are when several...
Continue reading...  

Hacker-for-hire behind series of attacks identified

CYBERCRIMINAL:Data extracted from his computer showed that Chung carried out more than 20,000 DDoS cyberattacks on networks worldwide, officials said. A young man, surnamed Chung (鍾), has been identified as the alleged hacker behind a series of attacks on the Ministry of Justice’s Investigation Bureau, the Presidential Office, Chunghwa Telecom Co (中華電信) and the central...
Continue reading...  

DDoS attacks and real-world consequences

DDoS attacks have long been known as some of the most devastating attacks on the internet. Even so, well, the consequences always seemed to boil down to dollars and cents. Even when a major attack costs a corporation millions of dollars there’s still a bit of relief in being able to say hey, it’s just...
Continue reading...  

Internet of Things: when objects threaten national security

We all know personal devices can be hacked, but a whole country’s security could be at risk too. With the rise of the so-called Internet of Things (IoT), and against the backdrop of cyberwarfare, digital surveillance and digital subversion, the risk to national security is increasing. Earlier this year the head of the UK National...
Continue reading...  

Weekly Cyber Risk Roundup: FBI Advises Home Router Resets

What’s Everyone Talking About? Trending Cybercrime Events The big news for this week was the CISCO warning of 500,000 routers being hacked by Russian criminal hackers in a bid to attack Ukraine. According to CNBC, “Cisco’s Talos cyber intelligence unit said it has high confidence that the Russian government is behind the campaign, dubbed VPNFilter,...
Continue reading...  

DDoS attacks again target Dutch bank

Dutch banks ABN Amro and Rabobank were again targeted by DDoS attacks on Sunday night, leaving their online banking services unavailable for a time, ANP reports. The two Dutch banks were also targeted by such cyber attacks on Thursday. In a DDoS attack, a website is bombarded with data, overloading its server and crashing the site....
Continue reading...  

Pulling the Rug Out on DDoS Carpet Bombers

Network attacks driven by traffic, such as DDoS, have long been classified by a capacity threshold or baseline limit. When traffic surpasses that limit, an alarm is triggered to indicate an attack. Internet service providers now face a more stealthy type of DDoS attack known as the “carpet bomb,” which flies below the baseline to...
Continue reading...  

Hackers replacing volumetric DDoS attacks with “low and slow” attacks

By the middle of last year, organisations across the UK had woken up to the threat of DDoS attacks that had, by November, increased in frequency by a massive 91 percent over Q1 2017 and 35 percent over Q2 figures. By the middle of last year, organisations across the UK had woken up to the...
Continue reading...  

DDoS used to oust competition in crypto market

n the last 12 months, cyber criminals have been using distributed denial-of-service (DDoS) attacks to target crypto-currencies. That’s according to Alex Cruz Farmer, security product manager at Cloudflare, who spoke at the ITWeb Security Summit 2018 event this week. Criminal perpetrators of DDoS attacks often target sites or services hosted on high-profile Web servers such...
Continue reading...  

Verge Cryptocurrency Suffers Its Second Hack in Less Than Two Months

Cryptocurrency Verge has suffered what executives are claiming is a DDoS attack. The platform is experiencing a serious delay in its blockchain, which has led to security concerns amongst users and worries about the currency’s stability. At press time, Verge is trading for roughly $0.052, and its market cap value sits at $785 million. A...
Continue reading...  

How to Stop Advanced Persistent Threats

A security professional’s guide to advanced persistent threats and how to stop and prevent them. An advanced persistent threat can be as scary as it sounds. Gone undetected in an enterprise, these network breaches can lead to fraud, intellectual property theft or a headline-grabbing data breach. Here’s what CISOs and IT security pros should know...
Continue reading...  

Is the Internet of Things impossible to secure?

Device manufacturers can no longer afford to take a back seat when it comes to IoT security. The use of Internet of Things (IoT) technology is growing rapidly as more consumers and businesses recognise the benefits offered by smart devices. The range of IoT hardware available is huge, including everything from smart doorbells and connected...
Continue reading...  

Man Sentenced to 15 Years in Prison for DDoS Attacks, Firearm Charges

A New Mexico man has been sentenced to 15 years in prison for launching distributed denial-of-service (DDoS) attacks on dozens of organizations and for firearms-related charges. John Kelsey Gammell, 55, used several so-called booter services to launch cyberattacks, including VDoS, CStress, Inboot, Booter.xyz, and IPStresser. His targets included former employers, business competitors, companies that refused...
Continue reading...  

Hackers behind Mirai botnet & DYN DDoS attacks plead guilty

A group of three hackers have pleaded guilty to their role in developing, spreading and using Mirai malware botnet to conduct large-scale Distributed Denial of Service (DDoS) attacks on some of the Internet’s most popular websites and Dyn DNS, a prominent Domain Name Servers (DNS) service provider. Pleading guilty In a proceeding that took place in US District Court for Alaska on November 28th, Paras...
Continue reading...  

This new type of DDoS attack takes advantage of an old vulnerability

The new technique has “the potential to put any company with an online presence at risk of attack”, warn researchers. A newly-uncovered form of DDoS attack takes advantage of a well-known, yet still exploitable, security vulnerability in the Universal Plug and Play (UPnP) networking protocol to allow attackers to bypass common methods for detecting their...
Continue reading...  

Why the game industry is still vulnerable to distributed-denial-of-service attacks

The game industry has been under attack for a long time. Security professionals have often had to deal with distributed-denial-of-service (DDoS) attacks going back years. It seemed like the problem was solved not so long ago, but then, the vector for attacks changed. With the rise of the Internet of Things (IoT), hackers were able...
Continue reading...  

Danish Railway Company DSB Suffers DDoS Attack

Danish rail travelers found buying a ticket difficult yesterday, following a DDoS attack on the railway company DSB. DSB has more than 195 million passengers every year but, as reported by The Copenhagen Post, the attack on Sunday made it impossible for customers to purchase a ticket via the DSB app, on the website, at...
Continue reading...  

“Hide and Seek” Becomes First IoT Botnet Capable of Surviving Device Reboots

Security researchers have discovered the first IoT botnet malware strain that can survive device reboots and remain on infected devices after the initial compromise. This is a major game-changing moment in the realm of IoT and router malware. Until today, equipment owners could always remove IoT malware from their smart devices, modems, and routers by...
Continue reading...  

DDoS Attacks Ebb and Flow After Webstresser Takedown

Shortly after Infosecurity Magazine reported that administrators of the world’s largest DDoS-as-a-service website had been arrested, Link11 wrote a blog post, concluding that “In the short period of time since that date, the Link11 Security Operation Center (LSOC) has seen a roughly 60% decline in DDoS attacks on targets in Europe.” The reported deduction differs significantly from the findings...
Continue reading...  

Why DDoS Just Won’t Die

Distributed denial-of-service attacks are getting bigger, badder, and ‘blended.’ What you can (and can’t) do about that. Most every organization has been affected by a distributed denial-of-service (DDoS) attack in some way: whether they were hit directly in a traffic-flooding attack, or if they suffered the fallout from one of their partners or suppliers getting...
Continue reading...  

DDoSer Who Terrorized German and UK Firms Gets Off Without Jail Time

A German hacker who launched DDoS attacks and tried to extort ransom payments from German and UK firms was sentenced last month to one year and ten months of probation. The hacker, identified by authorities only as 24-year-old Maik D., but known online as ZZb00t, was fingered for attacking companies such as eBay.de, DHL.de, billiger.de,...
Continue reading...  

Security Holes Make Home Routers Vulnerable

Security threats abound on the internet, which is why ethical hackers and security researchers spend much of their time in search of these issues. As part of the work that they do to keep the internet safe, researchers at vpnMentor announced that they have found an RCE vulnerability in the majority of gigabit-capable passive optical network (GPON)...
Continue reading...  

FOI Request Rings Alarm Bells on Critical Infrastructure Security

With just eight days to go until the EU’s Network and Information Systems (NIS) Directive becomes legally enforceable, a Freedom of Information (FOI) request to 312 critical infrastructure providers across the UK is ringing industry alarm bells. The FOI requests, submitted by DDoS attack solutions provider Corero Network Security, found that 70% of these institutions...
Continue reading...  

UK critical services need to up cyber defences to avoid fines

UK critical infrastructure providers could be liable for fines of millions of pounds if they do not improve their cyber defences and resilience of their IT infrastructure, a study reveals. More than two-thirds of UK critical infrastructure organisations (70%) have suffered from service outages on their IT networks in the past two years, freedom of...
Continue reading...  

IoT botnet actively exploiting Drupal CMS bug

Botnet uses compromised systems to spread infection. Security researchers have discovered a large botnet that is using a severe flaw in the Drupal CMS in order to infect other systems. Security researchers have discovered a large botnet that is using a severe flaw in the Drupal CMS in order to infect other systems. According to...
Continue reading...