Compromised Linux SSH servers engage in DDoS attacks, cryptomining
Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS.....»»
Booking.com hackers increase attacks on customers
Researchers say cyber-criminals are offering big sums for hotels' log-in details to target holidaymakers......»»
Organizations can’t ignore the surge in malicious web links
Despite the rising adoption of collaboration and instant messaging software, email remains a significant area of concern regarding cyber attacks, particularly the increasing threat of cybercriminals employing harmful web links in emails, according to.....»»
ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation
Easy-to-exploit flaw can give hackers passwords and cryptographic keys to vulnerable servers. Enlarge (credit: Getty Images) Security researchers are tracking what they say is the “mass exploitation” of a security vu.....»»
Lacework AI Assist enhances SOC efficiency
Lacework has released a generative artificial intelligence (AI) assistant that gives enterprise customers a new way to engage with the Lacework platform by providing customized context to investigate and remediate proactive and reactive alerts. This.....»»
Nonprofit organizations can act as drivers of sustainability for multinational companies
For successful nonprofit impact on business governance, it is essential to advocacy nonprofit organizations to engage key business stakeholders, a new study from the University of Eastern Finland shows. These stakeholders, such as employees, investor.....»»
Plastic waste in the water might be stopping, or interrupting, some shrimp-like creatures from reproducing
In a unique study, published in the journal Environmental Pollution,the ability of "shrimp-like" creatures to reproduce successfully was found to be compromised by chemicals found in everyday plastics......»»
Are rents rising in your neighborhood? Don"t blame the baristas
Baristas who work in specialty coffee shops, along with hipsters more generally, have been referred to as the "shock troops" of urban gentrification—and it's no different in Philadelphia. These servers of artisanal coffee contribute to economic and.....»»
New horizons in cyber protection with 2024 trends to watch
2023 proved to be another challenging year for companies combating supply chain security and breaches. The 2024 outlook could be worse as attacks become increasingly sophisticated. In this Help Net Security video, Fei Huang, VP of Security Strategy a.....»»
Cybercriminals turn to ready-made bots for quick attacks
Bots and human fraud farms were responsible for billions of attacks in the H1 of 2023 and into Q3, according to Arkose Labs. These attacks comprised 73% of all website and app traffic measured. In other words, almost three-quarters of traffic to digi.....»»
Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet
Internet scans show 7,000 devices may be vulnerable. The true number could be higher. Enlarge (credit: Aurich Lawson / Ars Technica) Miscreants are actively exploiting two new zero-day vulnerabilities to wrangle routers.....»»
Apache ActiveMQ bug exploited to deliver Kinsing malware
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open sourc.....»»
The shifting sands of the war against cyber extortion
Ransomware and cyber extortion attacks aimed at organizations are not letting up. Occasionally, they even come in pairs. The often large and sometimes massive ransomware recovery costs companies incur when they decide not to meet the demands deter ma.....»»
Segmentation proves crucial for fast response to security incidents
In this Help Net Security video, Steve Winterfeld, Advisory CISO at Akamai, discusses the recent surge of ransomware attacks in the U.S. and how it relates to microsegmentation. Recovery after a security breach happens 11 hours faster with segmentati.....»»
Why purple-crowned fairy-wrens engage in cooperative breeding
A team of biologists at Monash University, working with a colleague from Wageningen University, has found an explanation for why purple-crowned fairy wrens engage in cooperative breeding. In their paper published in the journal Royal Society Open Sci.....»»
MFA under fire, attackers undermine trust in security measures
In this Help Net Security video, Renée Burton, Head of Threat Intelligence at Infoblox, discusses MFA attacks. MFA adds security to online accounts, but MFA lookalikes are a real threat to consumers and enterprises. Consumers have come to trust MFA,.....»»
Week in review: Juniper devices compromised, great corporate security blogs, MITRE D3FEND
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The real cost of healthcare cybersecurity breaches In this Help Net Security interview, Taylor Lehmann, Director, Office of the CISO, Google Cloud,.....»»
Rise in automated attacks troubles ecommerce industry
Automated attacks on application business logic, carried out by sophisticated bad bots, were the leading threat for online retailers, according to Imperva. In addition, account takeover, DDoS, API abuse, and client-side attacks were significant risks.....»»
Massive cryptomining rig discovered under Polish court’s floor, stealing power
Top law enforcement agency taps IT experts to calculate stolen energy costs. Enlarge (credit: Javier Zayas Photography | Moment) Police were called to dismantle a secret cryptomining rig winding throughout the floors and.....»»
OneSpan DIGIPASS FX1 BIO protects against social engineering and account takeover attacks
OneSpan introduced its latest innovation to the Digipass Authenticators product line, with DIGIPASS FX1 BIO. This physical passkey with fingerprint scan empowers organizations to embrace passwordless authentication while providing the utmost security.....»»
Illumio CloudSecure addresses attacks across hybrid and multi-cloud environments
Illumio has expanded its Zero Trust Segmentation Platform with Illumio CloudSecure, enhancing its segmentation portfolio to address attacks across hybrid and multi-cloud environments. Now through a single console, organizations can more quickly reduc.....»»