Compromised Linux SSH servers engage in DDoS attacks, cryptomining
Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS.....»»
Why ransomware attackers target Active Directory
Ransomware attacks have surged 78% year-over-year, affecting various sectors and organizations and significantly impacting supply chains. In this Help, Net Security video, Craig Birch, Technology Evangelist, and Principal Security Engineer at Cayosof.....»»
AuthenticID enhances Smart ReAuth to combat AI-based attacks and account takeovers
AuthenticID announced the newest release of Smart ReAuth. Smart ReAuth is a reauthentication solution that leverages a selfie to re-confirm an identity. First released in 2021, this enhanced version offers verifications in less than one second, with.....»»
BlackByte affiliates use new encryptor and new TTPs
BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypte.....»»
Cryptomator: Open-source cloud storage encryption
Cryptomator offers open-source, client-side encryption of your files in the cloud. It’s available for Windows, Linux, macOS and iOS. Cryptomator works with Dropbox, Google Drive, OneDrive, MEGA, pCloud, ownCloud, Nextcloud, and any other cloud.....»»
Cybercriminals capitalize on travel industry’s peak season
Cybercriminals are capitalizing on the travel and hospitality industry’s peak season, using increased traffic as cover for their attacks, according to Cequence Security. Researchers investigated the top 10 travel and hospitality sites to identi.....»»
PSA: Watch out for phishing attacks with fake banking app updates
A security researcher has discovered a phishing attack intended to fool iPhone users into installing what is claimed to be an update to their banking app. The attack works despite iOS protections because what is actually being ‘installed’ is a.....»»
Watch out Windows — Linux market share could hit a major milestone soon
February 2025 could have a big moment in store for the Linux operating system, despite it typically being limited to business and enterprise......»»
Lateral movement: Clearest sign of unfolding ransomware attack
44% of unfolding ransomware attacks were spotted during lateral movement, according to Barracuda Networks. 25% of incidents were detected when the attackers started writing or editing files, and 14% were unmasked by behavior that didn’t fit with kn.....»»
Widespread culling of crocodiles is not an effective way to stop attacks on humans, study shows
Education and community awareness, removal of problem animals and exclusion areas are significantly more effective in reducing saltwater crocodile attacks in the Northern Territory than a widespread culling program to reduce crocodile numbers, accord.....»»
Adversaries love bots, short-lived IP addresses, out-of-band domains
Fastly found 91% of cyberattacks – up from 69% in 2023 – targeted multiple customers using mass scanning techniques to uncover and exploit software vulnerabilities, revealing an alarming trend in attacks spreading across a broader target base. In.....»»
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers......»»
Can"t buy me love: TikTok users seek authenticity in sponsored content, dismissing top influencers for smaller creators
High-profile and popular influencers on TikTok should rethink their approach to brand-sponsored campaigns since followers better engage and trust the authenticity of smaller creators over super influencers when it comes to paid content......»»
LibreOffice 24.8: More privacy, interoperability improvements
LibreOffice 24.8, the new major release of the free Windows, macOS, and Linux office suite, is now available. This is the first to provide an official package for Windows PCs based on ARM processors. The LibreOffice advantage LibreOffice is the best.....»»
Most ransomware attacks occur between 1 a.m. and 5 a.m.
There’s been an alarming increase in ransomware attacks over the past year, alongside significant shifts in the tactics and strategies employed by cybercriminals that underscore the necessity for organizations to implement around-the-clock moni.....»»
GenAI models are easily compromised
95% of cybersecurity experts express low confidence in GenAI security measures while red team data shows anyone can easily hack GenAI models, according to Lakera. Attack methods specific to GenAI, or prompt attacks, are easily used by anyone to manip.....»»
PostgreSQL databases under attack
Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access.....»»
Kids who survived shooting at Kansas City Super Bowl parade are scared, suffering panic attacks and sleep problems
Six months after Gabriella Magers-Darger's legs were burned by sparks from a ricocheted bullet at the Kansas City Chiefs Super Bowl parade in February, the 14-year-old is ready to leave the past behind......»»
Average DDoS attack costs $6,000 per minute
2023 saw a surge in the frequency and duration of DDoS attacks, and in the first half of 2024, it’s clear that surge has become the new normal, according to Zayo. DDoS attack duration increases DDoS attacks surged 106% from H2 2023 to H1 2024. The.....»»
“Something has gone seriously wrong,” dual-boot systems warn after Microsoft update
Microsoft said its update wouldn't install on Linux devices. It did anyway. Enlarge (credit: Getty Images) Last Tuesday, loads of Linux users—many running packages released as early as this year—started reporting the.....»»
Cybercriminals exploit file sharing services to advance phishing attacks
Threat actors use popular file-hosting or e-signature solutions as a disguise to manipulate their targets into revealing private information or downloading malware, according to Abnormal Security. A file-sharing phishing attack is a unique type of ph.....»»