Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.
Several security companies recently detected a series of massive UDP amplification attacks leveraging vulnerabilities in Memcached servers to speed up dynamic Web applications by caching data and objects in RAM. Link11 security analysts dubbed the new DDoS attack vector “Memcached Reflection,” noting that the attacks are similar to DNS reflection. “The attackers exploit the…
Cryptojacking has become one of the most active and pervasive threats in recent years. In a cryptojacking attack, a cryptocurrency mining script is injected into a server or a webpage to take advantage of the victim system’s CPU power. The first article in this series defined cryptojacking and why it is a cybersecurity risk. In…
TORONTO — Blockchain has been hailed by some in the technology industry as a potential method to help improve cyber security. However, security researcher Majid Malaika warns that Blockchain can potentially be abused to enable a new form of botnet that would be very difficult to take down. Malaika detailed his Blockchain-powered botnet in…
Sixty-six percent of American adults worry frequently or occasionally about being a victim of identity theft, and 67 percent worry frequently or occasionally about having their personal or financial information stolen by hackers, a recent Gallup poll of over 1,000 U.S. adults found. In comparison, just 38 percent of respondents worry about having their…
Many business leaders had been unaware of the severity of the ransomware problem until the WannaCry attacks in mid-2017 raised its profile significantly. In fact, ransomware has been around for several years, and has become the fastest-growing cause of cyber insurance business claims, according to data compiled by CFC Underwriting. The company says ransomware…
New research presented at the USENIX conference is providing deep insight into the evolution of the Mirai botnet over a seven-month period. The Mirai botnet first achieved notoriety in September 2016 after attacking the site of a popular security blogger and hosting provider OVH with nearly 1 Terabit per second of Distributed Denial of Service…
LAS VEGAS — The scourge that is ransomware has dominated security headlines over the last year, with large outbreaks like WannaCry and NotPetya shutting down critical infrastructure in affected organizations. Time and again, when ransomware outbreaks occur, operating system and security vendors alike remind users and organizations of the importance of having backups. But what…
Researchers at Dragos Security and ESET have released in-depth analyses of the cyber attack that caused a massive blackout in Kiev, Ukraine on December 17 and 18, 2016. Dragos identifies the malware as CrashOverride, while ESET calls it Industroyer. ESET senior malware researcher Anton Cherepanov wrote in a blog post that the malware is…
A Department of Homeland Security official told Reuters earlier this week that some U.S. critical infrastructure operators have been affected by the recent WannaCry ransomware campaign. The official didn’t provide any further information, except to say that there have been no victims of the cyber attack within the U.S. federal government. Dragos CEO Robert M.…