Compromised Linux SSH servers engage in DDoS attacks, cryptomining
Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS.....»»
RedSense Compromised Credential Services 2.0 helps users prevent future incidents
RedSense released RedSense Compromised Credential Services 2.0. The new services include RedSense Credential Alert and RedSense Credential Investigator. RedSense has pioneered the use of AI to optimize stolen credential discovery on the dark web ensu.....»»
Week in review: Exploited Citrix Bleed vulnerability, Atlassian patches critical Confluence bug
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: AI threat landscape: Model theft and inference attacks emerge as top concerns In this Help Net Security interview, Guy Guzner, CEO at Savvy, discuss.....»»
The roadblocks to preventive cybersecurity success
In the last two years, the average organization’s cybersecurity program was prepared to defend preventively, or block, just 57% of the cyberattacks it encountered, according to Tenable. This means 43% of attacks launched against them are successful.....»»
Intel’s failed 64-bit Itanium CPUs die another death as Linux support ends
Intel stopped selling the last Itanium processors in 2021. Enlarge (credit: Intel) Officially, Intel's Itanium chips and their IA-64 architecture died back in 2021, when the company shipped its last processors. But faile.....»»
As Extreme Heat Increases, Heart Attacks Will Rise
Dangerously hot days are becoming more common. That will trigger heart attacks and strokes in people made vulnerable by age, race, and the layout of cities......»»
Ransomware attacks set to break records in 2023
Ransomware attacks continue at a record-breaking pace, with Q3 2023 global ransomware attack frequency up 11% over Q2 and 95% year-over-year (YoY), according to Corvus Insurance. In its Q2 2023 Global Ransomware Report, Corvus noted a significant res.....»»
Public exposure of data breaches is becoming inevitable
Ransomware incidents rising again as criminals use data exfiltration and supply chain attacks to maximize their leverage, according to Allianz. Allianz Commercial analysis of large cyber losses shows the number of cases in which data is exfiltrated i.....»»
Adtran tackles GPS vulnerabilities with Satellite Time and Location technology
Adtran launched new synchronization solutions featuring Satellite Time and Location (STL) technology to address the growing vulnerabilities of GPS and other GNSS systems to jamming and spoofing attacks. Alongside GNSS-based timing, the OSA 5405-S PTP.....»»
SMBs at risk as AI misconceptions lead to overconfidence
Despite advancements in IT security measures, SMBs remain firmly in the crosshairs of cybercriminals, according to Devolutions. Ransomware payments and IoT malware incidents soar Spikes in incidents such as ransomware payments and IoT malware attacks.....»»
IoT security threats highlight the need for zero trust principles
The high number of attacks on IoT devices represents a 400% increase in malware compared to the previous year, according to Zscaler. The increasing frequency of malware attacks targeting IoT devices is a significant concern for OT security, as the mo.....»»
OT cyber attacks proliferating despite growing cybersecurity spend
The sharp increase in attacks on operational technology (OT) systems can be primarily attributed to two key factors: the escalating global threats posed by nation-state actors and the active involvement of profit-driven cybercriminals (often sponsore.....»»
Bitdefender Offensive Services incorporates penetration testing and red team simulated attacks
Bitdefender announced Bitdefender Offensive Services, a new offering designed to proactively assess, identify, and remediate security gaps in an organization’s environment (on premises, cloud, hybrid) through penetration testing and red team simula.....»»
Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)
The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental entities and a think tank, according to ESET researchers. “Exploitatio.....»»
Security leaders have good reasons to fear AI-generated attacks
Generative AI is likely behind the increases in both the volume and sophistication of email attacks that organizations have experienced in the past few months, and it’s still early days, according to Abnormal Security. Their leading worry is th.....»»
Apple could spend $5B on servers to catch up in AI race
Apple's attempts to catch up with the rest of the market in the generative AI field could cost more than first thought, with it potentially spending more than $5 billion over two years just on servers.SiriOn Sunday, it was reported Apple has committe.....»»
NetSPI boosts phishing resilience with enhanced social engineering penetration testing
NetSPI unveiled enhancements to its social engineering penetration testing solutions to help organizations build resilience to modern-day phishing attacks. The updates bring a customized, contextual approach to social engineering testing and go beyon.....»»
Researchers uncover DarkGate malware’s Vietnamese connection
WithSecure researchers have tracked attacks using DarkGate malware to an active cluster of cybercriminals operating out of Vietnam. DarkGate is a remote access trojan (RAT) that has been used in attacks since at least 2018 and is currently available.....»»
The latest high-severity Citrix vulnerability under attack isn’t easy to fix
If you run a Netscaler ADC or Gateway, assume it's compromised and take action ... fast. Enlarge (credit: Getty Images) A critical vulnerability that hackers have exploited since August, which allows them to bypass multi.....»»
Druva launches Dru to make data protection more autonomous
Druva unveiled Dru, an AI copilot for backup that improves how customers engage with their data protection solutions. Dru allows both IT and business users to get critical information through a conversational interface, helping customers reduce prote.....»»
EU asks Meta for more details on efforts to stop illegal and inaccurate content on Israel-Hamas war
The European Union has told Meta it has a week to explain in greater detail how it is fighting the spread of illegal content and disinformation on its Facebook and Instagram platforms following the attacks across Israel by Hamas......»»