Tag Archives: security

The effects of law enforcement takedowns on the ransomware landscape

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation as the primary method of delivering the malware. The switch is obvious to Symantec’s Threat Hunter Team but, unfortunately, it hasn’t been accompanied by a fall in the number of ransomware victims. “Analysis of data from … More ? The post The effects of law enforcement takedowns on the ransomware landscape appeared first on Help Net Security .

More:
The effects of law enforcement takedowns on the ransomware landscape

Akamai App & API Protector enhancements detect and mitigate short DDoS attack bursts

Akamai announced significant additions to its flagship Akamai App & API Protector product, including advanced defenses against sophisticated application-layer distributed denial-of-service (DDoS) attacks. The enhanced Layer 7 DDoS protections now precisely detect and mitigate short DDoS attack bursts and use client reputation scores for improved rate limiting. An additional new capability, URL Protection, ensures the availability of mission critical URLs, APIs, and microservices by smartly prioritizing legitimate traffic during highly distributed attacks. App & API … More ? The post Akamai App & API Protector enhancements detect and mitigate short DDoS attack bursts appeared first on Help Net Security .

Visit site:
Akamai App & API Protector enhancements detect and mitigate short DDoS attack bursts

U.S. authorities disrupt Russian intelligence’s botnet

In January 2024, an operation dismantled a network of hundreds of SOHO routers controlled by GRU Military Unit 26165, also known as APT 28, Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit. This network facilitated various crimes, including extensive spearphishing and credential harvesting against entities of interest to the Russian government, such as U.S. and foreign governments, military, and key security and corporate sectors. This botnet was distinct from prior GRU and Russian … More ? The post U.S. authorities disrupt Russian intelligence’s botnet appeared first on Help Net Security .

See more here:
U.S. authorities disrupt Russian intelligence’s botnet

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is a peer-to-peer (rather than centrally-controlled) botnet powered by malware written in Golang. It targets SSH servers by brute-forcing login credentials, and has managed to compromise thousands of them worldwide. “Each compromised host … More ? The post FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities appeared first on Help Net Security .

Excerpt from:
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

Consumers prepared to ditch brands after cybersecurity issues

In 2023, businesses have been hit with 800,000 cyberattacks, over 60,000 of which were DDoS attacks and 4,000 falling victim to ransomware, according to Vercara. The research found that consumers hold nuanced perceptions regarding cybersecurity incidents and are often less aware of the role they play in maintaining cyber hygiene within a business. These findings underscore brand trust’s important role in the digital landscape – with an overwhelming 75% of consumers expressing their readiness to … More ? The post Consumers prepared to ditch brands after cybersecurity issues appeared first on Help Net Security .

Continue Reading:
Consumers prepared to ditch brands after cybersecurity issues

NETSCOUT releases Adaptive DDoS Protection for AED

NETSCOUT launched Adaptive DDoS Protection for Arbor Edge Defense (AED) to protect ISPs and enterprises from DNS water torture attacks. According to the NETSCOUT DDoS Threat Intelligence Report, Domain Name System (DNS) water torture attacks increased 353% in the first six months of 2023, overwhelming Authoritative DNS server resources and bringing down critical DNS services. DNS water torture DDoS attacks have been around since 1997, yet many organizations still struggle to efficiently identify and mitigate … More ? The post NETSCOUT releases Adaptive DDoS Protection for AED appeared first on Help Net Security .

More:
NETSCOUT releases Adaptive DDoS Protection for AED

Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed HTTP/2 Rapid Reset. Decoding HTTP/2 Rapid Reset (CVE-2023-44487) In late August 2023, Cloudflare discovered a zero-day vulnerability developed by an unknown threat actor. The vulnerability exploits the standard HTTP/2 protocol—a fundamental piece to how the Internet and most websites operate. HTTP/2 is responsible for how browsers interact with a … More ? The post Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487) appeared first on Help Net Security .

More here:
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Global events fuel DDoS attack campaigns

Cybercriminals launched approximately 7.9 million DDoS attacks in 1H 2023, representing a 31% year-over-year increase, according to NETSCOUT. Global events like the Russia-Ukraine war and NATO bids have driven recent DDoS attack growth. Finland was targeted by pro-Russian hacktivists in 2022 during its bid to join NATO. Turkey and Hungary were targeted with DDoS attacks for opposing Finland’s bid. In 2023, Sweden experienced a similar onslaught around its NATO bid, culminating with a 500 Gbps … More ? The post Global events fuel DDoS attack campaigns appeared first on Help Net Security .

Excerpt from:
Global events fuel DDoS attack campaigns

The power of passive OS fingerprinting for accurate IoT device identification

The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased the attack surface. Each interconnected device can potentially create new avenues for cyberattacks and security breaches. The Mirai botnet demonstrated just that, by using thousands of vulnerable IoT devices to launch massive DDoS attacks on critical internet infrastructure and popular websites. To effectively safeguard against the risks … More ? The post The power of passive OS fingerprinting for accurate IoT device identification appeared first on Help Net Security .

Originally posted here:
The power of passive OS fingerprinting for accurate IoT device identification

Qakbot botnet disrupted, malware removed from 700,000+ victim computers

The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world. “To disrupt the botnet, the FBI was able to redirect Qakbot botnet traffic to and through servers controlled by the FBI, which in turn instructed infected computers in the United States and elsewhere to download a file created by … More ? The post Qakbot botnet disrupted, malware removed from 700,000+ victim computers appeared first on Help Net Security .

See original article:
Qakbot botnet disrupted, malware removed from 700,000+ victim computers