Compromised Linux SSH servers engage in DDoS attacks, cryptomining
Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS.....»»
Attackers are pummeling networks around the world with millions of login attempts
Attacks coming from nearly 4,000 IP addresses take aim at VPNs, SSH and web apps. Enlarge (credit: Matejmo | Getty Images) Cisco’s Talos security team is warning of a large-scale credential compromise campaign that’s.....»»
Cisco Duo provider breached, SMS MFA logs compromised
Hackers have managed to compromise a telephony provider for Duo, the Cisco-owned company providing secure access solutions, and steal MFA (multi-factor authentication) SMS message logs of Duo customers. About the attack The unnamed provider – o.....»»
Cisco Duo says a third-party data breach stole MFA SMS logs
Hackers stole Cisco Duo customers' phone numbers, and the company is warning of possible incoming smishing attacks......»»
New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious.....»»
Australian court is the latest to attack Apple on behalf of rich corporations
Apple Fellow Phil Schiller has been testifying in an Australian Federal Court about the origins of the App Store in 2008, and it's just the latest example of pointless attacks on the company.Phil Schiller (left) and Steve Jobs with the first online A.....»»
Framework’s software and firmware have been a mess, but it’s working on them
New features, security updates, and Linux support are all on a long to-do list. Enlarge / The Framework Laptop 13. (credit: Andrew Cunningham) Since Framework showed off its first prototypes in February 2021, we've gener.....»»
Geopolitical tensions escalate OT cyber attacks
In this Help Net Security interview, Andrew Ginter, VP of Industrial Security at Waterfall Security, discusses operational technology (OT) cyber attacks and their 2024 Threat Report. He examines how global geopolitical tensions and evolving ransomwar.....»»
Space Force Is Planning a Military Exercise in Orbit
Two satellites will engage in a “realistic threat response scenario” when Victus Haze gets underway......»»
CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks
Earlier today, Palo Alto Networks revealed that a critical command injection vulnerability (CVE-2024-3400) in the company’s firewalls has been exploited in limited attacks and has urged customers with vulnerable devices to quickly implement mit.....»»
Nintendo targets Switch-emulation chat servers, decryption tools with DMCA
Legal fallout continues following Yuzu lawsuit. Enlarge / Is a name like "Suyu" ironic enough to avoid facing a lawsuit? (credit: Suyu) Nintendo continues to use DMCA requests to halt projects it says aid in the piracy o.....»»
Roku closes the barn door, badly, after a half-million accounts are compromised
Roku has finally turned on two-factor authentication -- after it learned that more than 500,000 accounts were hit by a credential-stuffing attack......»»
BMC flaw left unchecked for 6 years hits Intel and Lenovo servers
BMC flaw left unchecked for 6 years hits Intel and Lenovo servers.....»»
Unix system administration: Vocabulary for English speakers
In the vast, interconnected world of information technology, Unix stands as a monumental pillar, powering servers, workstations, and critical systems across the globe. Its reputation for stability, efficiency, and flexibility makes Unix system admini.....»»
The Ultimate Guide to Popular Linux Games in 2024 – Boosters.gg Insights
With the gaming world constantly evolving, Linux has emerged as a formidable platform for gamers seeking diversity and freedom in their gaming experience. This guide, brought to you with insights from Boosters.gg, dives deep into the thriving ecosyst.....»»
UI/UX Design Services: What These Are and Who Needs Them on Linux Platforms
Ever wondered why some apps, especially those developed on Linux, feel just right, while others don’t? It’s all about UI/UX design — when executed well, it makes navigating a website or app seamless. Whether you’re a startup or managing a lar.....»»
Ransomware group maturity should influence ransom payment decision
Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from attackers’ servers, and/or not leaked online. The decision will depend on a variety.....»»
Index Engines CyberSense 8.6 detects malicious activity
Index Engines announced the latest release of its CyberSense software, with version 8.6 delivering a revamped user interface to support smarter recovery from ransomware attacks, new custom Advanced Threshold Alerts to proactively detect unusual activ.....»»
Cloudflare partners with Booz Allen Hamilton to guide organizations under attack
Cloudflare announced a collaboration with Booz Allen Hamilton to support enterprises under attack by providing expedited Under Attack as a Service (UAaaS) with 30-Day Rapid Response DDoS Mitigation, including continuous monitoring and protection. Und.....»»
Akamai Shield NS53 protects on-prem and hybrid DNS infrastructure
Akamai launched Akamai Shield NS53, a product that protects on-premises (on-prem) Domain Name System (DNS) infrastructure from resource exhaustion attacks. These attacks overwhelm servers to the point that they can no longer respond to valid DNS quer.....»»
XZ Utils backdoor: Detection tools, scripts, rules
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? The open-source XZ Utils compression utility has been backdoored by a skil.....»»