An apparent Russian script kiddie is converting widespread security gaps into powerful botnets capable of launching global-scale distributed denial-of-service attacks. A threat actor with the online moniker "Matrix" is exploiting IoT vulnerabilities such as default credentials and outdated software.
Plans by Japan and U.S. to conduct military exercises near the coast of eastern Russia prompted Russia-linked threat actors to unleash a series of denial-of-service attacks this week against a dozen websites in Japan including the majority political party, business groups and governments.
Two Sudanese brothers are under criminal indictment in the United States for their role in distributed denial-of-service attacks launched under the moniker of Anonymous Sudan. Among the group's targets were a major Los Angeles hospital and Microsoft.
Organizations face a surge in sophisticated DDoS attacks, and advanced techniques are making traditional defenses obsolete. Neal Quinn, head of cloud security services business, North America, at Radware, discusses how automated solutions and real-time threat intelligence can address these issues.
A new type of denial-of-service threat can disrupt an estimated 300,000 internet hosts that are at risk of exploitation. Researchers at the CISPA Helmholtz Center for Information Security say attackers are using IP spoofing to entangle two servers in a perpetual communication loop.
Federal authorities are warning healthcare and public health sector entities of email bomb attacks, a type of denial-of-service attack that can overwhelm email systems and networks and distract victims from other nefarious activities. The incidents can also disrupt clinical and business workflow.
This week: espionage group exploits a zero-day in Roundcube Webmail, Cloudflare records a surge in HTTP DDoS attacks, ZScaler detects a spike in IoT hacks, the International Criminal Court says its cyber incident was espionage and the Kansas court system still offline.
Attackers have been actively exploiting vulnerabilities in the HTTP/2 protocol via so-called rapid request attacks, which Amazon Web Services, Cloudflare and Google report have led to record-breaking distributed-denial-of-service attacks. Experts recommend immediate patching or mitigation.
Microsoft fixed three zero-days under actively exploitation in its patch dump for the month of October: A disclosure flaw in WordPad that can be exploited to obtain hashed passwords, a bug in Skype for Business and a patch to fix exposure to the Rapid Reset exploit.
Cisco has released urgent fixes to a critical vulnerability affecting an emergency communication system used to track callers' location in real time. A developer inadvertently hard-coded credentials in Cisco Emergency Responder software, opening a permanent backdoor for unauthenticated attackers.
Welcome to "Cyber Fail" - ISMG's roundup of all that's broken in the world of cybersecurity, where our panel of experts uncovers the fails so we can strengthen our defenses. In this episode, ISMG host Anna Delaney takes on bumbling cybercrooks, avoidable breaches and the ethics of paying a ransom.
A recent, brief disruption at Canadian airports is a reminder that Russia-aligned hacking groups' bark remains worse than their bite. Experts say these groups' impact largely remains minimal, which begs the question of how they disrupted arrival kiosks across Canadian airports.
The demand for DDoS-for-hire services has surged significantly in recent years. Cameron Schroeder, chief of the Cyber and Intellectual Property Crimes Section at the U.S. Attorney’s Office, said the increase is driven by accessibility, ease of use and the need for only minimal technical proficiency.
DDoS attacks often disrupt the normal functioning of a targeted server, service or network by overwhelming it with a flood of traffic. KillNet, a collective of Russian-aligned hacktivists known for its DDoS attacks, gained attention by successfully taking down several U.S. government websites.
Let’s face it — evaluating your DDoS protection can be challenging. But, with a 74% increase in DDoS attacks year-over-year in 2022, it's critical if you want to avoid paying hackers large ransoms and prevent employees from being locked out of critical applications and assets.
Since your DDoS protection must be...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.