Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks: through TCP amplification.
New variants of Mirai and Gafgyt botnets were found targeting well-known vulnerabilities using multiple exploits directed at enterprises for possible DDoS attacks, including the flaw used in the 2017 Equifax data breach.
A vulnerability found in websites’ cache infrastructure and content delivery networks can be used to spread malware, and an API vulnerability in Mozilla Firefox can be used to have partial control via plug-ins for a DDoS attack.
There has been a sudden surge of memcached servers being abused for DDoS attacks. Proof-of-concept exploit codes have been published, but mitigation techniques and an update from the service provider are also available.
Attackers abuse memcached servers to cause the biggest DDoS attack recorded. The target-- software development platforms GitHub-- was down for only 10 minutes.
As home routers add more features, securing them becomes more difficult. End users should be aware of the effects of compromise, and how to protect their home routers.
The 2016 threat landscape was riddled with threats that set new record highs: new ransomware families, BEC scams across the world, and vulnerabilities found in widely used platforms. Stay ahead of the current business threats with our latest security roundup.
An in-depth analysis of Shodan data reveals how some of the biggest US cities fare in terms of exposed cyber assets, what this means in terms of security, and how home users and organizations can protect their data.
The most notable cybersecurity incidents of the past year, from the biggest data breaches and most expensive attacks to the most persistent attackers and impactful malware.