Author Archives: Enurrendy

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC exploit script demonstrating the attack, as well as one for triggering a third flaw (CVE-2024-0801) that can lead to denial of service. About the vulnerabilities (CVE-2024-0799, CVE-2024-0800, CVE-2024-0801) Arcserve UDP is a widely used enterprise backup and disaster recovery solution, as … More ? The post PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) appeared first on Help Net Security .

Read the article:
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

The effects of law enforcement takedowns on the ransomware landscape

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation as the primary method of delivering the malware. The switch is obvious to Symantec’s Threat Hunter Team but, unfortunately, it hasn’t been accompanied by a fall in the number of ransomware victims. “Analysis of data from … More ? The post The effects of law enforcement takedowns on the ransomware landscape appeared first on Help Net Security .

More:
The effects of law enforcement takedowns on the ransomware landscape

Akamai App & API Protector enhancements detect and mitigate short DDoS attack bursts

Akamai announced significant additions to its flagship Akamai App & API Protector product, including advanced defenses against sophisticated application-layer distributed denial-of-service (DDoS) attacks. The enhanced Layer 7 DDoS protections now precisely detect and mitigate short DDoS attack bursts and use client reputation scores for improved rate limiting. An additional new capability, URL Protection, ensures the availability of mission critical URLs, APIs, and microservices by smartly prioritizing legitimate traffic during highly distributed attacks. App & API … More ? The post Akamai App & API Protector enhancements detect and mitigate short DDoS attack bursts appeared first on Help Net Security .

Visit site:
Akamai App & API Protector enhancements detect and mitigate short DDoS attack bursts

That home router botnet the Feds took down? Moscow’s probably going to try again

Non-techies told to master firmware upgrades and firewall rules. For the infosec hardheads: have some IOCs Authorities from eleven nations have delivered a sequel to the January takedown of a botnet run by Russia on compromised Ubiquiti Edge OS routers – in the form of a warning that Russia may try again, so owners of the devices should take precautions.…

More:
That home router botnet the Feds took down? Moscow’s probably going to try again

U.S. authorities disrupt Russian intelligence’s botnet

In January 2024, an operation dismantled a network of hundreds of SOHO routers controlled by GRU Military Unit 26165, also known as APT 28, Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit. This network facilitated various crimes, including extensive spearphishing and credential harvesting against entities of interest to the Russian government, such as U.S. and foreign governments, military, and key security and corporate sectors. This botnet was distinct from prior GRU and Russian … More ? The post U.S. authorities disrupt Russian intelligence’s botnet appeared first on Help Net Security .

See more here:
U.S. authorities disrupt Russian intelligence’s botnet

Cybersecurity sectors adjust as DDoS attacks reach new heights

In this Help Net Security video, Andrey Slastenov, Head of Security Department at Gcore, discusses the findings of their latest report that provide insights into the current state of the DDoS protection market and cybersecurity trends. Key highlights from Q3–Q4 2023: The maximum attack power rose from 800 Gbps (1H 2023) to 1.6 Tbps. UDP floods constitute 62% of DDoS attacks. TCP floods and ICMP attacks remain popular at 16% and 12% respectively and SYN, … More ? The post Cybersecurity sectors adjust as DDoS attacks reach new heights appeared first on Help Net Security .

Follow this link:
Cybersecurity sectors adjust as DDoS attacks reach new heights

Feds dismantle Russian GRU botnet built on 1,000-plus home, small biz routers

Beijing, now Moscow.… Who else is hiding in broadband gateways? The US government today said it disrupted a botnet that Russia’s GRU military intelligence unit used for phishing expeditions, spying, credential harvesting, and data theft against American and foreign governments and other strategic targets.…

Read More:
Feds dismantle Russian GRU botnet built on 1,000-plus home, small biz routers

Fortinet’s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim

An orchestra of fails for the security vendor We’ve had to write the word “Fortinet” so often lately that we’re considering making a macro just to make our lives a little easier after what the company’s reps will surely agree has been a week sent from hell.…

Taken from:
Fortinet’s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim